Jump to content

sebseb

Members
 View Profile  See their activity

  • Posts

    13

  • Joined

  • Last visited

Reputation

0 Neutral
  1. sebseb
    Thanks a lot!
  2. sebseb
    No, after I deleted the 6 registry entries with rogue killer, the Malware Bytes notifications that the ip 93... stopped. There wasn't any other issue, but this one, that I could see, but I was afraid it would cause some sort of problems in the near future.
  3. sebseb
    sorry, forgot about that one Fixlog.txt
  4. sebseb
    did I mention that Malware Bytes stopped with the notifications?
  5. sebseb
    the final reports JRT report.txt JRT.txt malware bytes new scan (final).txt
  6. sebseb
    Signatures: 1.195.1215.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 16 15:54:15 2015 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.24, May 2015 (build 5.24.11401.0) Started On Wed May 13 15:05:48 2015 Engine: 1.1.11602.0 Signatures: 1.197.1100.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Wed May 13 15:11:58 2015 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.25, June 2015 (build 5.25.11502.0) Started On Wed Jun 10 17:42:30 2015 Engine: 1.1.11701.0 Signatures: 1.199.892.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Wed Jun 10 17:50:42 2015 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.26, July 2015 (build 5.26.11604.0) Started On Sat Jul 18 15:19:02 2015 Engine: 1.1.11804.0 Signatures: 1.201.883.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Sat Jul 18 15:25:32 2015 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.27, August 2015 (build 5.27.11700.0) Started On Thu Aug 13 14:52:19 2015 Engine: 1.1.11903.0 Signatures: 1.203.693.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Thu Aug 13 14:59:52 2015 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.27, August 2015 (build 5.27.11700.0) Started On Sat Aug 22 19:12:07 2015 Engine: 1.1.11903.0 Signatures: 1.203.693.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Sat Aug 22 19:18:32 2015 Return code: 0 (0x0)
  7. sebseb
    # AdwCleaner v5.003 - Logfile created 22/08/2015 at 18:52:07 # Updated 20/08/2015 by Xplode # Database : 2015-08-20.1 [server] # Operating system : Windows 7 Ultimate Service Pack 1 (x64) # Username : sebseb - SAMOYED # Running from : C:\Users\sebseb\Desktop\AdwCleaner.exe # Option : Cleaning ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder Deleted : C:\ProgramData\Avg_Update_0215av ***** [ Files ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** [-] Task Deleted : 0215avUpdateInfo [-] Task Deleted : 0215avUpdateInfo ***** [ Registry ] ***** [-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update [-] Key Deleted : HKCU\Software\Conduit [-] Key Deleted : HKCU\Software\Avg Secure Update [!] Key Not Deleted : [x64] HKCU\Software\Conduit [!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update ***** [ Web browsers ] ***** ************************* :: Proxy settings cleared :: Winsock settings cleared :: IE policies deleted ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1014 bytes] ##########
  8. sebseb
    here they are Addition.txt FRST.txt rogue killer new.txt
  9. sebseb
    And this is the daily protection log daily log.txt
  10. sebseb
    found the button Addition.txt FRST.txt malware bytes scan.txt rogue killer.txt
  11. sebseb
    so this are my Twilight Zone reports I don't seem to find the add file button and I don't know how to open the rogue killer report, but I did export it in txt format, so here they are Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 21-Aug-15Scan Time: 11:30 PMLogfile: malware bytes scan.txtAdministrator: Yes Version: 2.1.8.1057Malware Database: v2015.08.21.09Rootkit Database: v2015.08.16.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: sebseb Scan Type: Threat ScanResult: CompletedObjects Scanned: 408557Time Elapsed: 17 min, 49 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledDeep Rootkit Scan: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015 02Ran by sebseb (administrator) on SAMOYED (22-08-2015 00:20:45)Running from C:\Users\sebseb\DesktopLoaded Profiles: sebseb (Available Profiles: sebseb)Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe(AMD) C:\Windows\System32\atiesrxx.exe(AMD) C:\Windows\System32\atieclxx.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [smartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-20] (TOSHIBA Corporation)HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-20] ()HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-11] (Synaptics Incorporated)HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-12] (TOSHIBA Corporation)HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-10] (TOSHIBA Corporation)HKLM\...\Run: [smoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchHKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-27] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3780520 2015-07-31] (AVG Technologies CZ, s.r.o.)HKLM-x32\...\Run: [smartBillSys] => "C:\Smart Bill Standard 2014\Smart Bill Standard.exe" /sHKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [336992 2012-12-09] (Power Software Ltd)HKLM-x32\...\Run: [ACPW05EN] => C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe [822384 2011-11-17] (ACD Systems)HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)HKU\S-1-5-21-145485975-1998042031-899343709-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)HKU\S-1-5-21-145485975-1998042031-899343709-1000\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)HKU\S-1-5-21-145485975-1998042031-899343709-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [328568 2015-03-04] (BitTorrent, Inc.)HKU\S-1-5-21-145485975-1998042031-899343709-1000\...\Run: [AdobeBridge] => [X]HKU\S-1-5-21-145485975-1998042031-899343709-1000\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [919296 2015-06-03] (Kaspersky Lab ZAO) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-145485975-1998042031-899343709-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehpSearchScopes: HKU\S-1-5-21-145485975-1998042031-899343709-1000 -> DefaultScope {02CA8B96-86C9-4DA4-ADDE-5406533F7520} URL = hxxps://www.google.com/search?q={searchTerms}SearchScopes: HKU\S-1-5-21-145485975-1998042031-899343709-1000 -> {02CA8B96-86C9-4DA4-ADDE-5406533F7520} URL = hxxps://www.google.com/search?q={searchTerms}BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-03-03] (Oracle Corporation)BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-03] (Oracle Corporation)DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cabHandler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)Tcpip\Parameters: [DhcpNameServer] 93.170.123.36 8.8.8.8Tcpip\..\Interfaces\{1B57B31B-F51E-4EA6-A472-101DA28592E8}: [DhcpNameServer] 93.170.123.36 8.8.8.8Tcpip\..\Interfaces\{68B43A52-0EC0-4FDD-8619-D1E4090964DD}: [DhcpNameServer] 192.168.0.1 FireFox:========FF Plugin: @microsoft.com/GENUINE -> disabled [No File]FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-03] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-03] (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) Chrome: =======CHR Profile: C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-03]CHR Extension: (Google Docs) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-03]CHR Extension: (Google Drive) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-03]CHR Extension: (YouTube) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-03]CHR Extension: (Google Search) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-03]CHR Extension: (Canadian Wood Theme) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgkdanlgpiliplalikekhmhfgmmbhbg [2015-03-03]CHR Extension: (Google Sheets) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-03]CHR Extension: (AdBlock) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-03]CHR Extension: (Chrome Web Store Payments) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-07]CHR Extension: (Bitdefender QuickScan) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-03-04]CHR Extension: (Gmail) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-03]CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3633576 2015-07-31] (AVG Technologies CZ, s.r.o.)R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-07-31] (AVG Technologies CZ, s.r.o.)S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [919296 2015-06-03] (Kaspersky Lab ZAO)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-24] (StarWind Software) [File not signed]S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-08-16] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2014-08-16] (Advanced Micro Devices)R5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312752 2015-07-28] (AVG Technologies CZ, s.r.o.)R5 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)R5 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)R5 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [245680 2015-07-28] (AVG Technologies CZ, s.r.o.)R5 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.)R5 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] (Microsoft Corporation)R5 CNG; C:\Windows\System32\Drivers\cng.sys [458712 2014-08-16] (Microsoft Corporation)R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [720952 2010-03-05] (Conexant Systems Inc.)R5 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-14] (Microsoft Corporation)R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2014-08-16] (Microsoft Corporation)R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2014-08-16] (Microsoft Corporation)R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)R5 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [538136 2010-01-15] (Intel Corporation)R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2014-08-16] (Microsoft Corporation)R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155072 2014-08-16] (Microsoft Corporation)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-21] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] (Microsoft Corporation)R5 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-21] (Microsoft Corporation)R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2014-08-16] (Microsoft Corporation)R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2014-08-16] (Microsoft Corporation)R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)R5 pciide; C:\Windows\System32\DRIVERS\pciide.sys [12352 2009-07-14] (Microsoft Corporation)R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)R5 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2015-03-04] (Duplex Secure Ltd.)R5 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46464 2010-11-21] (Microsoft Corporation)R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-08-16] (Microsoft Corporation)R5 TVALZ; C:\Windows\System32\DRIVERS\TVALZ_O.SYS [26840 2009-07-15] (TOSHIBA Corporation)R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)R5 Wd; C:\Windows\System32\drivers\wd.sys [21056 2009-07-14] (Microsoft Corporation)R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2014-08-16] (Microsoft Corporation)U3 ac5s1ojp; C:\Windows\System32\Drivers\ac5s1ojp.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-22 00:20 - 2015-08-22 00:21 - 00020555 _____ C:\Users\sebseb\Desktop\FRST.txt2015-08-22 00:19 - 2015-08-22 00:19 - 02173952 _____ (Farbar) C:\Users\sebseb\Desktop\FRST64.exe2015-08-22 00:19 - 2015-08-22 00:19 - 00001097 _____ C:\Users\sebseb\Desktop\malware bytes scan.txt2015-08-21 22:18 - 2015-08-21 22:44 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)2015-08-21 22:17 - 2015-08-21 22:17 - 00000000 ____D C:\program files new2015-08-21 22:15 - 2015-08-21 22:16 - 16563304 _____ (Malwarebytes Corp.) C:\Users\sebseb\Downloads\mbar-1.09.2.1008.exe2015-08-21 22:13 - 2015-08-21 22:14 - 00026357 _____ C:\Users\sebseb\Downloads\Addition.txt2015-08-21 22:11 - 2015-08-22 00:20 - 00000000 ____D C:\FRST2015-08-21 22:11 - 2015-08-21 22:14 - 00027574 _____ C:\Users\sebseb\Downloads\FRST.txt2015-08-21 20:36 - 2015-08-21 20:36 - 00001055 _____ C:\Users\Public\Desktop\Kaspersky Security Scan.lnk2015-08-21 20:36 - 2015-08-21 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan2015-08-21 20:36 - 2015-08-21 20:36 - 00000000 ____D C:\ProgramData\Kaspersky Lab2015-08-21 20:36 - 2015-08-21 20:36 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab2015-08-21 19:20 - 2015-08-21 19:20 - 00891741 _____ C:\Users\sebseb\Downloads\a1Y1Gwb_460sv.mp42015-08-20 02:01 - 2015-08-20 02:01 - 00000000 ____D C:\Users\sebseb\Downloads\Darling Violetta2015-08-20 01:05 - 2015-08-20 18:16 - 00000000 ____D C:\Users\sebseb\Desktop\9202015-08-18 23:34 - 2015-08-18 23:34 - 00000000 ____D C:\Users\sebseb\Desktop\hachiman2015-08-10 18:40 - 2015-08-10 18:41 - 00000000 ____D C:\Users\sebseb\Desktop\derp2015-08-09 23:35 - 2015-08-09 23:35 - 00945342 _____ C:\Users\sebseb\Downloads\anB4wYB_460sv.mp42015-08-07 21:59 - 2015-08-07 21:59 - 00771481 _____ C:\Users\sebseb\Downloads\230163902015-08-06 22:27 - 2015-08-06 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone2015-08-06 22:27 - 2015-08-06 22:27 - 00000000 ____D C:\Program Files (x86)\Windows Phone2015-08-06 22:23 - 2015-08-06 22:23 - 06745792 _____ (Microsoft Corporation) C:\Users\sebseb\Downloads\WindowsPhone (1).exe2015-08-06 22:16 - 2015-08-06 22:16 - 00772430 _____ C:\Windows\SysWOW64\PerfStringBackup.INI2015-08-06 22:07 - 2015-08-06 22:07 - 06745792 _____ (Microsoft Corporation) C:\Users\sebseb\Downloads\WindowsPhone.exe2015-08-06 22:07 - 2015-08-06 22:07 - 00889416 _____ (Microsoft Corporation) C:\Users\sebseb\Downloads\dotNetFx40_Full_setup.exe2015-08-06 22:07 - 2015-08-06 22:07 - 00000000 ____D C:\ProgramData\Applications2015-08-06 19:11 - 2015-08-21 22:16 - 00000000 ____D C:\Users\sebseb\Desktop\New folder2015-08-04 16:13 - 2015-08-04 16:13 - 00721613 _____ C:\Users\sebseb\Downloads\aXXjVPP_460sv.mp42015-08-02 15:17 - 2015-08-04 15:57 - 00000965 _____ C:\Users\Public\Desktop\AVG 2015.lnk2015-07-31 16:11 - 2015-07-31 16:11 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7AE925BA.sys2015-07-28 11:02 - 2015-07-28 11:02 - 00312752 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys2015-07-28 11:01 - 2015-07-28 11:01 - 00245680 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys2015-07-27 18:05 - 2015-07-27 18:05 - 00395784 _____ C:\Users\sebseb\Downloads\aOmrgnv_460sv.mp42015-07-26 00:44 - 2015-07-26 00:44 - 00345880 _____ C:\Users\sebseb\Downloads\a4LGOB1_460sv.mp42015-07-25 17:47 - 2015-08-18 15:43 - 00000000 ____D C:\Users\sebseb\Desktop\proiect oliver ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-21 23:48 - 2015-03-03 12:30 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-08-21 23:30 - 2015-03-03 12:18 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-08-21 23:26 - 2015-03-04 11:58 - 00000000 ____D C:\Users\sebseb\AppData\Roaming\uTorrent2015-08-21 23:20 - 2015-03-03 10:15 - 01819381 _____ C:\Windows\WindowsUpdate.log2015-08-21 22:17 - 2015-03-03 12:13 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys2015-08-21 22:00 - 2009-07-14 07:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-08-21 22:00 - 2009-07-14 07:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-08-21 21:54 - 2015-03-20 21:00 - 00000000 ____D C:\Program Files (x86)\Steam2015-08-21 21:53 - 2015-03-03 12:30 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-08-21 21:52 - 2015-03-05 21:36 - 00030924 _____ C:\Windows\setupact.log2015-08-21 21:52 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2015-08-21 20:44 - 2015-03-04 02:30 - 00000000 ____D C:\Users\sebseb\AppData\Roaming\QuickScan2015-08-21 15:51 - 2015-03-03 12:03 - 00000000 ____D C:\ProgramData\MFAData2015-08-21 15:46 - 2009-07-14 07:45 - 05037928 _____ C:\Windows\system32\FNTCACHE.DAT2015-08-13 14:59 - 2015-03-12 03:25 - 00000000 ____D C:\Windows\system32\MRT2015-08-13 14:52 - 2015-03-03 10:20 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2015-08-10 19:34 - 2015-05-09 14:52 - 00000000 ___HD C:\Users\sebseb\Desktop\[Originals]2015-08-06 22:16 - 2009-07-14 08:13 - 00772430 _____ C:\Windows\system32\PerfStringBackup.INI2015-08-04 15:57 - 2015-03-03 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG2015-08-02 15:20 - 2015-04-26 01:14 - 00002370 _____ C:\Windows\PFRO.log2015-07-31 17:43 - 2015-03-16 18:37 - 00000000 ____D C:\Users\sebseb\Downloads\Outlook.com Some files in TEMP:====================C:\Users\sebseb\AppData\Local\Temp\Actualizare Smart Bill Standard 2539794953251104561.exeC:\Users\sebseb\AppData\Local\Temp\AVG.exeC:\Users\sebseb\AppData\Local\Temp\ose00000.exeC:\Users\sebseb\AppData\Local\Temp\swt-win32-3349.dllC:\Users\sebseb\AppData\Local\Temp\uttCCB1.tmp.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signedC:\Windows\SysWOW64\dnsapi.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signed nointegritychecks: ==> "IntegrityChecks" is disabled. <===== ATTENTION LastRegBack: 2015-08-13 21:15 ==================== End of log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-08-2015 02Ran by sebseb (2015-08-22 00:21:30)Running from C:\Users\sebseb\DesktopBoot Mode: Normal========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-145485975-1998042031-899343709-500 - Administrator - Disabled)Guest (S-1-5-21-145485975-1998042031-899343709-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-145485975-1998042031-899343709-1002 - Limited - Enabled)sebseb (S-1-5-21-145485975-1998042031-899343709-1000 - Administrator - Enabled) => C:\Users\sebseb ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.4 - )µTorrent (HKU\S-1-5-21-145485975-1998042031-899343709-1000\...\uTorrent) (Version: 3.4.3.40097 - BitTorrent Inc.)ACDSee Pro 5 (HKLM-x32\...\{35E0BA9D-3AFE-402A-99CA-D94FE1E73D18}) (Version: 5.3.168 - ACD Systems International Inc.)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)Adobe Reader XI (11.0.12) - Romanian (HKLM-x32\...\{AC76BA86-7AD7-1048-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)ATI Catalyst Install Manager (HKLM\...\{61D4B846-49F8-2639-A4EB-977875265F37}) (Version: 3.0.769.0 - ATI Technologies, Inc.)AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6125 - AVG Technologies)AVG 2015 (Version: 15.0.4401 - AVG Technologies) HiddenAVG 2015 (Version: 15.0.6125 - AVG Technologies) HiddenBattle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.67.1076 - AB Team, d.o.o.)ccc-core-static (x32 Version: 2010.0426.2136.36953 - ATI) HiddenCCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)Conexant Audio Driver For AMD HDMI Codec (HKLM\...\CNXT_AUDIO_HDA_HDMI) (Version: 4.98.26.0 - Conexant)Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.61 - Conexant)DFX for Winamp (HKLM-x32\...\DFX for Winamp) (Version: 9.103.0.0 - Power Technology)Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) HiddenHeroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 15.0.0.740 - Kaspersky Lab)Kaspersky Security Scan (x32 Version: 15.0.0.740 - Kaspersky Lab) HiddenLeague of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)League of Legends (x32 Version: 3.0.1 - Riot Games) HiddenMalwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)Microsoft Games for Windows - LIVE (HKLM-x32\...\{B45FABE7-D101-4D99-A671-E16DA40AF7F0}) (Version: 3.0.86.0 - Microsoft Corporation)Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{B578C85A-A84C-4230-A177-C5B2AF565B8C}) (Version: 3.0.17.0 - Microsoft Corporation)Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla)Mozilla Thunderbird 24.6.0 (x86 ro) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 ro)) (Version: 24.6.0 - Mozilla)PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) HiddenPowerISO (HKLM-x32\...\PowerISO) (Version: 5.5 - Power Software Ltd)Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)Smart Bill Standard 2014 (HKLM-x32\...\Smart Bill Standard) (Version: 2.0.2 - Intelligent IT)Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)Toshiba Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.10 - TOSHIBA)TOSHIBA ConfigFree (HKLM-x32\...\{E0FAA369-B0E3-48B8-9447-4873103B0012}) (Version: 8.0.34 - TOSHIBA CORPORATION)TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)TOSHIBA Hardware Setup (HKLM-x32\...\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}) (Version: 2.00.06 - TOSHIBA Corporation)TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.19.64 - TOSHIBA Corporation)TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)Winamp Detector Plug-in (HKU\S-1-5-21-145485975-1998042031-899343709-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 05:34 - 2009-06-11 00:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {107CD789-D0FC-41B0-98FA-E8653AB975D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)Task: {14D576B5-371F-4009-B3A3-4BE3B17025B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.)Task: {69CA6C37-1533-4BFA-A573-97B410C11160} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-06-04] (TOSHIBA CORPORATION)Task: {9AD4BC67-2D55-4417-BDB5-2F99BE8B77A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)Task: {D6864AEB-4256-4208-8A2B-53B5FDCF3266} - System32\Tasks\0215avUpdateInfo => C:\ProgramData\Avg_Update_0215av\0215av_AVG-Secure-Search-Update.exe [2015-02-17] ()Task: {FBDA8699-00BA-411F-97D2-C99B52E29C4C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\0215avUpdateInfo.job => C:\ProgramData\Avg_Update_0215av\0215av_AVG-Secure-Search-Update.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2010-04-08 03:07 - 2010-04-08 03:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll2009-11-04 00:26 - 2009-11-04 00:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll2010-03-04 01:15 - 2010-03-04 01:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll2010-03-04 01:15 - 2010-03-04 01:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll2015-03-03 10:28 - 2009-06-23 01:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll2009-03-13 06:08 - 2009-03-13 06:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll2009-10-13 21:00 - 2009-10-13 21:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll2015-03-03 10:39 - 2015-03-03 10:39 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll2015-06-03 13:44 - 2015-06-03 13:44 - 00315648 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\dblite.dll2015-06-03 13:50 - 2015-06-03 13:50 - 00267264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\webcore.dll2015-06-03 13:50 - 2015-06-03 13:50 - 41268224 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libcef.dll2015-06-03 13:50 - 2015-06-03 13:50 - 01402368 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libglesv2.dll2015-06-03 13:50 - 2015-06-03 13:50 - 00212992 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libegl.dll2015-03-20 21:02 - 2015-07-03 19:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll2015-03-20 21:02 - 2015-07-03 19:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll2015-03-20 21:02 - 2015-07-03 19:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll2015-03-20 21:02 - 2015-07-03 19:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll2015-03-20 21:02 - 2015-08-19 23:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll2015-03-20 21:02 - 2014-12-02 00:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll2015-03-20 21:02 - 2014-12-02 00:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll2015-03-20 21:02 - 2014-12-02 00:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll2015-03-20 21:02 - 2014-12-02 00:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll2015-03-20 21:02 - 2014-12-02 00:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll2015-03-20 21:02 - 2015-08-19 23:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL2015-07-22 16:48 - 2015-07-27 04:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll2015-03-20 21:02 - 2015-07-03 19:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll2015-08-21 15:49 - 2015-08-18 08:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll2015-08-21 15:49 - 2015-08-18 08:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-145485975-1998042031-899343709-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\sebseb\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpgDNS Servers: 93.170.123.36 - 8.8.8.8HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{9713D1F2-AF42-4905-92F8-1D3458C0582F}C:\smart bill standard 2014\libj\launch4j-tmp\smart bill standard.exe] => (Allow) C:\smart bill standard 2014\libj\launch4j-tmp\smart bill standard.exeFirewallRules: [uDP Query User{18C886F6-985C-4BD5-BE94-B26A0431008A}C:\smart bill standard 2014\libj\launch4j-tmp\smart bill standard.exe] => (Allow) C:\smart bill standard 2014\libj\launch4j-tmp\smart bill standard.exeFirewallRules: [{8D5E76F5-1634-4B6D-A869-9AFDFA33AE0C}] => (Allow) C:\Smart Bill Standard 2014\libj\launch4j-tmp\Smart Bill Standard.exeFirewallRules: [TCP Query User{0FB143E0-E03C-45DD-8758-CD1B3FE94EC9}C:\smart bill standard 2015\libj\launch4j-tmp\smart bill standard.exe] => (Allow) C:\smart bill standard 2015\libj\launch4j-tmp\smart bill standard.exeFirewallRules: [uDP Query User{9692EEA5-A740-4273-A8ED-19A88355CB88}C:\smart bill standard 2015\libj\launch4j-tmp\smart bill standard.exe] => (Allow) C:\smart bill standard 2015\libj\launch4j-tmp\smart bill standard.exeFirewallRules: [{26205FFD-921F-4007-B40A-07433B39B4B7}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exeFirewallRules: [{4C6F40C7-CAD0-455F-8B0D-16FA1D6A659C}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exeFirewallRules: [TCP Query User{8C50F038-86D9-4736-83E3-0A9DECA246C1}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exeFirewallRules: [uDP Query User{2FE5FF0B-C46E-4C22-94A0-F13EA9DF5565}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exeFirewallRules: [{663DAA57-AF0E-4A85-82D1-CBAACAB64468}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{0D66D07B-1F93-443D-AC30-8605D8B050DC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{41372711-6C77-4241-968E-A4A45E79A709}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{1979ECAF-F6F2-4B2B-A600-4C3B3CA5C211}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{0792E106-8B5F-40F7-B03B-ACAF37EAB88A}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exeFirewallRules: [{7DE95AA9-6C0E-43DF-AC75-D4CEF1BE5B72}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exeFirewallRules: [{C3BFEA85-8068-4496-92A9-FE6209FBA12F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exeFirewallRules: [TCP Query User{831E9EE1-3CEC-457A-A5B9-7A84A4521CC0}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exeFirewallRules: [uDP Query User{EF2F94A3-64B6-49DF-BED3-6D5DFEB27317}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exeFirewallRules: [{D6FAAAFA-C15D-4A62-9C6C-35F6FB06F774}] => (Allow) D:\Program Files (x86)\battlenet\Battle.net\Battle.net.exeFirewallRules: [{3D175A2E-24FC-4A13-A257-76518969A476}] => (Allow) D:\Program Files (x86)\battlenet\Battle.net\Battle.net.exeFirewallRules: [TCP Query User{E56531BC-BAEC-41C5-A402-8D40EC3168DF}D:\games (x86)\heroes of the storm\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) D:\games (x86)\heroes of the storm\heroes of the storm\versions\base35702\heroesofthestorm_x64.exeFirewallRules: [uDP Query User{638F06E3-5A7A-48B4-93A0-D9936A987545}D:\games (x86)\heroes of the storm\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) D:\games (x86)\heroes of the storm\heroes of the storm\versions\base35702\heroesofthestorm_x64.exeFirewallRules: [{5F99DF7B-107C-492D-975E-A5990F839D6D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exeFirewallRules: [{35ADD663-943C-4CFD-8AE8-90A8C6F2AE03}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exeFirewallRules: [{CC119F7B-17D2-451B-9298-4C8EC6BB4C50}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exeFirewallRules: [{4BCAED69-7F80-46F5-B02F-478168C03102}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exeFirewallRules: [{FE6E1152-01F5-4541-BA72-6653D10CBEB7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exeFirewallRules: [{267A6339-C9E5-4BDD-8271-215DA0CA80EF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exeFirewallRules: [{F6EE0269-F47D-4ADF-AC15-6EB8386165CB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exeFirewallRules: [{C1E54E9A-36CB-4BC5-8B79-A3CECFF7EFCC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exeFirewallRules: [{896841F7-2AA1-46BC-B726-26BB77E6D5C7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (08/21/2015 09:54:02 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2015 03:48:06 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/20/2015 03:45:06 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/19/2015 05:21:35 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/18/2015 03:14:29 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/17/2015 04:15:12 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/16/2015 01:28:49 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/15/2015 02:33:56 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/14/2015 06:49:18 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/13/2015 02:46:36 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors:=============Error: (08/21/2015 09:55:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Steam Client Service service failed to start due to the following error: %%1053 Error: (08/21/2015 09:55:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error: (08/21/2015 08:36:13 PM) (Source: volsnap) (EventID: 36) (User: )Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (08/21/2015 04:26:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service. Error: (08/20/2015 04:48:35 PM) (Source: volsnap) (EventID: 36) (User: )Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (08/19/2015 01:54:52 AM) (Source: volsnap) (EventID: 36) (User: )Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (08/17/2015 10:03:43 PM) (Source: volsnap) (EventID: 36) (User: )Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (08/16/2015 11:04:28 PM) (Source: volsnap) (EventID: 36) (User: )Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (08/15/2015 08:50:38 PM) (Source: volsnap) (EventID: 36) (User: )Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (08/15/2015 03:41:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. Microsoft Office:========================= ==================== Memory info =========================== Processor: Intel® Core i5 CPU M 450 @ 2.40GHzPercentage of memory in use: 78%Total physical RAM: 3957.86 MBAvailable physical RAM: 844.26 MBTotal Virtual: 7913.9 MBAvailable Virtual: 3918 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:34.08 GB) (Free:3.45 GB) NTFSDrive d: () (Fixed) (Total:263.91 GB) (Free:24.23 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 18938AD1)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=34.1 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=263.9 GB) - (Type=07 NTFS) ==================== End of log ============================ RogueKiller V10.10.1.0 [Aug 17 2015] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : sebseb [Administrator]Started from : C:\Users\sebseb\Desktop\RogueKiller.exeMode : Scan -- Date : 08/22/2015 00:46:00 ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 6 ¤¤¤[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 93.170.123.36 8.8.8.8 ([CZ][-]) -> Found[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 93.170.123.36 8.8.8.8 ([CZ][-]) -> Found[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 93.170.123.36 8.8.8.8 ([CZ][-]) -> Found[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1B57B31B-F51E-4EA6-A472-101DA28592E8} | DhcpNameServer : 93.170.123.36 8.8.8.8 ([CZ][-]) -> Found[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1B57B31B-F51E-4EA6-A472-101DA28592E8} | DhcpNameServer : 93.170.123.36 8.8.8.8 ([CZ][-]) -> Found[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{1B57B31B-F51E-4EA6-A472-101DA28592E8} | DhcpNameServer : 93.170.123.36 8.8.8.8 ([CZ][-]) -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤+++++ PhysicalDrive0: Hitachi HTS545032B9A300 +++++--- User ---[MBR] 481350206ee1861da549dcf8cd7cc011[bSP] 7707e08fd20096851f6401b0d00bd206 : Windows Vista/7/8|VT.Unknown MBR CodePartition table:0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 34899 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 71680000 | Size: 270244 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]User = LL1 ... OKUser = LL2 ... OK
  12. sebseb
    Remembered one thing, after Malware Bytes blocked the website, my wireless router disconnected and connected back and after that the popups started.
  13. sebseb
    So after trying to visit a trusted website that sells tyres, Malware Bytes blocked it. Ok, so far so good, only that now I get a pop-up every 10-15 seconds that Malware bytes blocked this ip adress 93.170.123.36, type outbound, from a different port every time. The process is in svchost.exe. The thing is AVG antivirus, Kaspersky online scan, Malware Bytes, Malware Root-kit, Bitdefender online scan, did not manage to find any type of virus or malware on my laptop and the thing keeps popping up.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.