Jump to content

Search the Community

Showing results for tags 'Error'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Hi, I've had Malwarebytes Anti-Malware on my computer for years. Since last week, I tried to open the program and it won't open. So I reinstalled the program but during the setup I kept getting Runtime Errors. I think I have a malware then, so how do I fix this and get Malwarebytes to work again. Attached are the error messages. Internal error: Expression error 'Runtime Error (at 79:177): External exception E06D7363' Internal error: Expression error 'Runtime Error (at 69:252): External exception E06D7363' Internal error: Expression error 'Runtime Error (at 45:89): External exception E06D7363' Thanks for your help. Chryst Runtime Errors.pdf
  2. hello, my computer has been infected for the past 2 days now. I had the malwarebytes trial version and was using it frequently, scanning almost everyday the past 2 weeks or so. I turn on my computer yesterday and usually Malwarebytes is already running and in my notification area but i noticed it wasn't. After letting my computer boot all the way up I try to run Malwarebytes but a error box pops up saying "Malwarebytes Anti-Malware has stopped working", my options then are to check online for a solution and close the program, or close the program. The following is the details pasted verbatum. Problem signature: Problem Event Name: APPCRASH Application Name: mbam.exe Application Version: 1.0.0.532 Application Timestamp: 53518532 Fault Module Name: MSVCR100.dll Fault Module Version: 10.0.40219.325 Fault Module Timestamp: 4df2be1e Exception Code: 40000015 Exception Offset: 0008d6fd OS Version: 6.1.7600.2.0.0.256.1 Locale ID: 1033 Additional Information 1: 8374 Additional Information 2: 83748d7ce6919cf452bf5c3838e036f3 Additional Information 3: 2e01 Additional Information 4: 2e01b10c887fd7f971b05773252074ee Read our privacy statement online: http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409 If the online privacy statement is not available, please read our privacy statement offline: C:\Windows\system32\en-US\erofflps.txt I then proceed to purchase the professional malwarebytes program for 1 year for 3 devices through their website and uninstall the malwarebytes i currently have and redownload the professional one and installed it. After install the same error popped up. I couldn't get to the part where i register the software. So then i try to use chameleon to log-in and same error. I used 9 of 13 possible chameleon links before giving that up. I also try to excecute the file through Run, and through task manager with no luck as well, only the same message. So now i'm here posting my failures. I downloaded Farbar recovery scan tool and ran the program. Here is the FRST report: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01 Ran by bob marley (administrator) on BOBMARLEY-PC on 08-07-2014 20:46:05 Running from C:\Users\bob marley\Downloads Platform: Windows 7 Ultimate (X64) OS Language: English (United States) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (Realtek) C:\Program Files (x86)\EnGenius\11n USB Wireless LAN Utility\RtlService.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (Realtek Semiconductor Corp.) C:\Program Files (x86)\EnGenius\11n USB Wireless LAN Utility\RtWLan.exe () C:\Program Files (x86)\SpyShelter Firewall\SpyShelter.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (Microsoft Corporation) C:\Windows\hh.exe (MalwareBytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\firefox.pif (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe () C:\Program Files (x86)\SpyShelter Firewall\RsltView.exe () C:\Program Files (x86)\SpyShelter Firewall\RsltView.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated) HKLM\...\Run: [spyShelter] => C:\Program Files (x86)\SpyShelter Firewall\SpyShelter.exe [5087584 2014-02-13] () HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-02-29] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKU\S-1-5-21-440041499-1871656134-578955171-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe HKU\S-1-5-21-440041499-1871656134-578955171-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\Steam.exe [1753280 2014-06-30] (Valve Corporation) HKU\S-1-5-21-440041499-1871656134-578955171-1001\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-16] (Adobe Systems Incorporated) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== ProxyServer: HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2567C35767CECD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com?fr=hp-avast&type=avastbcl HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxyioASX7XiWPTst6-3t7Zac_iCe3JLnVSNOFOZo7nLjCggePpKP2XXA9jLED_8amKlxM3F8-dMb97r-K9ixxUsshsxKrLlDwVsGMPgTpWdc87WOEMDovH4B0vzWPAz-jF66zAKbw06O9Zc,&q={searchTerms} SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxyioASX7XiWPTst6-3t7Zac_iCe3JLnVSNOFOZo7nLjCggePpKP2XXA9jLED_8amKlxM3F8-dMb97r-K9ixxUsshsxKrLlDwVsGMPgTpWdc87WOEMDovH4B0vzWPAz-jF66zAKbw06O9ZA,&q={searchTerms} SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO-x32: No Name - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - No File BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12 FireFox: ======== FF ProfilePath: C:\Users\bob marley\AppData\Roaming\Mozilla\Firefox\Profiles\fmlhmb3f.default FF DefaultSearchEngine: DuckDuckGo FF SearchEngineOrder.1: Yahoo! (Avast) FF SelectedSearchEngine: DuckDuckGo FF Homepage: https://duckduckgo.com/ FF Keyword.URL: https://search.yahoo.com/yhs/search FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: tdameritrade.com/thinkorswim - C:\Program Files (x86)\thinkTDA\npthinkorswim.dll (TD Ameritrade) FF Plugin HKCU: tdameritrade.com/tossc - C:\Program Files (x86)\thinkTDA\nptossc.dll (TD Ameritrade) FF SearchPlugin: C:\Users\bob marley\AppData\Roaming\Mozilla\Firefox\Profiles\fmlhmb3f.default\searchplugins\duckduckgo.xml FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-04-04] FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Extension: (Google Drive) - C:\Users\bob marley\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-18] CHR Extension: (Google Search) - C:\Users\bob marley\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-18] CHR Extension: (Gmail) - C:\Users\bob marley\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-18] CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\bob marley\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [2012-11-18] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-17] (AVAST Software) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) R2 Realtek11nSU; C:\Program Files (x86)\EnGenius\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2011-08-13] () [File not signed] ==================== Drivers (Whitelisted) ==================== R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-17] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-17] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-17] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-17] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-17] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-17] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-17] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-17] () R1 Spyshelter; C:\Program Files (x86)\SpyShelter Firewall\SpyShelter.sys [812384 2014-02-13] (SpyShelter) R2 SpyshelterFw; C:\Program Files (x86)\SpyShelter Firewall\SpyshelterWFP.sys [104800 2014-02-05] () R1 SpyshelterKb; C:\Program Files (x86)\SpyShelter Firewall\SpyshelterKb.sys [237408 2013-12-23] (SpyShelter) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-08 20:46 - 2014-07-08 20:46 - 00017918 _____ () C:\Users\bob marley\Downloads\FRST.txt 2014-07-08 20:45 - 2014-07-08 20:46 - 00000000 ____D () C:\FRST 2014-07-08 20:28 - 2014-07-08 20:28 - 02084352 _____ (Farbar) C:\Users\bob marley\Downloads\FRST64.exe 2014-07-08 12:07 - 2014-07-08 20:42 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-08 12:07 - 2014-07-08 12:07 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-08 12:07 - 2014-07-08 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-08 12:07 - 2014-07-08 12:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-08 12:07 - 2014-05-12 08:19 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-08 12:07 - 2014-05-12 08:19 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-08 12:04 - 2014-07-08 12:04 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\bob marley\Downloads\mbam_premium.exe 2014-07-08 11:57 - 2014-07-08 11:57 - 00262144 _____ () C:\Windows\Minidump\070814-22744-01.dmp 2014-07-04 11:46 - 2014-07-04 11:46 - 00291656 _____ () C:\Windows\Minidump\070414-26707-01.dmp 2014-07-02 23:30 - 2014-07-02 23:31 - 00291800 _____ () C:\Windows\Minidump\070214-22370-01.dmp 2014-06-26 12:09 - 2014-06-26 12:10 - 00000000 ____D () C:\Users\bob marley\Downloads\Bassnectar-NVSB_MP3_45782 2014-06-26 11:58 - 2014-06-26 12:09 - 142481980 _____ () C:\Users\bob marley\Downloads\Bassnectar-NVSB_MP3_45782.zip 2014-06-18 10:08 - 2014-07-08 20:43 - 00000000 ____D () C:\Users\bob marley\AppData\Local\CrashDumps 2014-06-17 23:35 - 2014-06-17 23:37 - 00000000 ____D () C:\Users\bob marley\Downloads\gpg4usb-0.3.3 2014-06-17 22:53 - 2014-06-29 02:33 - 16798961 _____ () C:\Users\bob marley\Downloads\gpg4usb-0.3.3.zip 2014-06-17 20:11 - 2014-06-17 20:11 - 00000000 ____D () C:\ProgramData\Licenses 2014-06-17 20:05 - 2014-06-17 20:21 - 00000000 ____D () C:\Users\bob marley\AppData\Roaming\SpyShelter 2014-06-17 20:05 - 2014-06-17 20:05 - 00001094 _____ () C:\Users\Public\Desktop\SpyShelter Firewall.lnk 2014-06-17 20:05 - 2014-06-17 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyShelter 2014-06-17 20:05 - 2014-06-17 20:05 - 00000000 ____D () C:\Program Files (x86)\SpyShelter Firewall 2014-06-17 20:05 - 2013-05-22 20:03 - 00042296 _____ () C:\Windows\system32\SpyShelterShellExt.dll 2014-06-17 20:05 - 2013-05-22 20:03 - 00033080 _____ () C:\Windows\SysWOW64\SpyShelterShellExt.dll 2014-06-17 20:03 - 2014-06-17 20:05 - 09109656 _____ ( ) C:\Users\bob marley\Downloads\fwsetup.exe 2014-06-17 12:02 - 2014-06-17 12:58 - 00000000 ____D () C:\Users\bob marley\Documents\WSOP.com 2014-06-17 12:02 - 2014-06-17 12:02 - 00002044 _____ () C:\Users\bob marley\AppData\Roaming\Microsoft\Windows\Start Menu\WSOP.com.lnk 2014-06-17 12:02 - 2014-06-17 12:02 - 00002020 _____ () C:\Users\bob marley\Desktop\WSOP.com.lnk 2014-06-17 12:02 - 2014-06-17 12:02 - 00000000 ____D () C:\Users\bob marley\AppData\Roaming\WSOP.com 2014-06-17 12:02 - 2014-06-17 12:02 - 00000000 ____D () C:\Users\bob marley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WSOP.com 2014-06-17 12:02 - 2014-06-17 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WSOP.com 2014-06-17 12:02 - 2014-06-17 12:02 - 00000000 ____D () C:\Program Files (x86)\WSOP.com 2014-06-17 11:53 - 2014-06-17 11:53 - 00442008 _____ (Random-Logic) C:\Users\bob marley\Downloads\wsop.com.exe 2014-06-17 11:26 - 2014-06-17 11:25 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-06-17 11:25 - 2014-06-17 11:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-06-17 11:18 - 2014-06-17 11:18 - 00001160 _____ () C:\Users\bob marley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-17 11:15 - 2014-06-17 11:15 - 00002450 _____ () C:\Users\bob marley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-06-17 10:35 - 2014-06-18 10:08 - 00001135 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-17 10:35 - 2014-06-18 10:08 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-17 10:35 - 2014-06-17 10:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-17 10:33 - 2014-06-17 10:34 - 00284224 _____ (Mozilla) C:\Users\bob marley\Downloads\Firefox Setup Stub 30.0.exe 2014-06-17 10:24 - 2014-06-17 10:24 - 00000000 ____D () C:\Program Files\003 2014-06-17 10:22 - 2014-06-17 10:22 - 00000000 ____D () C:\Users\bob marley\AppData\Local\globalUpdate 2014-06-12 20:23 - 2014-06-12 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-06-12 20:23 - 2014-06-12 20:23 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-06-11 10:39 - 2014-06-11 10:39 - 00000000 ____D () C:\Users\bob marley\Desktop\Tor Browser2 2014-06-11 10:37 - 2014-06-11 10:38 - 27167987 _____ () C:\Users\bob marley\Downloads\torbrowser-install-3.6.2_en-US.exe 2014-06-09 22:28 - 2014-06-10 01:13 - 00000000 ____D () C:\Users\bob marley\AppData\Roaming\TS3Client 2014-06-09 22:28 - 2014-06-09 22:28 - 00001162 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2014-06-09 22:28 - 2014-06-09 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2014-06-09 22:28 - 2014-06-09 22:28 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client ==================== One Month Modified Files and Folders ======= 2014-07-08 20:46 - 2014-07-08 20:46 - 00017918 _____ () C:\Users\bob marley\Downloads\FRST.txt 2014-07-08 20:46 - 2014-07-08 20:45 - 00000000 ____D () C:\FRST 2014-07-08 20:43 - 2014-06-18 10:08 - 00000000 ____D () C:\Users\bob marley\AppData\Local\CrashDumps 2014-07-08 20:42 - 2014-07-08 12:07 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-08 20:28 - 2014-07-08 20:28 - 02084352 _____ (Farbar) C:\Users\bob marley\Downloads\FRST64.exe 2014-07-08 20:24 - 2012-03-29 11:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-08 20:24 - 2011-04-04 21:21 - 01651314 _____ () C:\Windows\WindowsUpdate.log 2014-07-08 20:23 - 2013-07-21 19:30 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-08 20:17 - 2013-10-05 10:11 - 00000000 ____D () C:\ProgramData\TEMP 2014-07-08 20:17 - 2012-12-30 02:00 - 00033220 _____ () C:\Windows\setupact.log 2014-07-08 20:17 - 2011-04-29 19:02 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-07-08 20:17 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-08 20:11 - 2011-04-05 00:23 - 00200978 _____ () C:\Windows\PFRO.log 2014-07-08 12:07 - 2014-07-08 12:07 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-08 12:07 - 2014-07-08 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-08 12:07 - 2014-07-08 12:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-08 12:04 - 2014-07-08 12:04 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\bob marley\Downloads\mbam_premium.exe 2014-07-08 11:57 - 2014-07-08 11:57 - 00262144 _____ () C:\Windows\Minidump\070814-22744-01.dmp 2014-07-08 11:57 - 2011-04-05 00:24 - 00000000 ____D () C:\Windows\Minidump 2014-07-08 11:54 - 2012-07-22 01:36 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-07-04 11:46 - 2014-07-04 11:46 - 00291656 _____ () C:\Windows\Minidump\070414-26707-01.dmp 2014-07-03 11:12 - 2009-07-13 22:13 - 00729550 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-02 23:31 - 2014-07-02 23:30 - 00291800 _____ () C:\Windows\Minidump\070214-22370-01.dmp 2014-07-02 19:43 - 2011-04-04 22:28 - 00000000 ____D () C:\Users\bob marley\AppData\Roaming\Malwarebytes 2014-07-02 19:43 - 2011-04-04 22:28 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-02 19:43 - 2011-04-04 22:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-06-29 02:33 - 2014-06-17 22:53 - 16798961 _____ () C:\Users\bob marley\Downloads\gpg4usb-0.3.3.zip 2014-06-28 23:49 - 2009-07-13 21:45 - 00019456 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-28 23:49 - 2009-07-13 21:45 - 00019456 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-26 12:10 - 2014-06-26 12:09 - 00000000 ____D () C:\Users\bob marley\Downloads\Bassnectar-NVSB_MP3_45782 2014-06-26 12:09 - 2014-06-26 11:58 - 142481980 _____ () C:\Users\bob marley\Downloads\Bassnectar-NVSB_MP3_45782.zip 2014-06-18 10:08 - 2014-06-17 10:35 - 00001135 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-18 10:08 - 2014-06-17 10:35 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-17 23:37 - 2014-06-17 23:35 - 00000000 ____D () C:\Users\bob marley\Downloads\gpg4usb-0.3.3 2014-06-17 20:21 - 2014-06-17 20:05 - 00000000 ____D () C:\Users\bob marley\AppData\Roaming\SpyShelter 2014-06-17 20:11 - 2014-06-17 20:11 - 00000000 ____D () C:\ProgramData\Licenses 2014-06-17 20:05 - 2014-06-17 20:05 - 00001094 _____ () C:\Users\Public\Desktop\SpyShelter Firewall.lnk 2014-06-17 20:05 - 2014-06-17 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyShelter 2014-06-17 20:05 - 2014-06-17 20:05 - 00000000 ____D () C:\Program Files (x86)\SpyShelter Firewall 2014-06-17 20:05 - 2014-06-17 20:03 - 09109656 _____ ( ) C:\Users\bob marley\Downloads\fwsetup.exe 2014-06-17 12:58 - 2014-06-17 12:02 - 00000000 ____D () C:\Users\bob marley\Documents\WSOP.com 2014-06-17 12:02 - 2014-06-17 12:02 - 00002044 _____ () C:\Users\bob marley\AppData\Roaming\Microsoft\Windows\Start Menu\WSOP.com.lnk 2014-06-17 12:02 - 2014-06-17 12:02 - 00002020 _____ () C:\Users\bob marley\Desktop\WSOP.com.lnk 2014-06-17 12:02 - 2014-06-17 12:02 - 00000000 ____D () C:\Users\bob marley\AppData\Roaming\WSOP.com 2014-06-17 12:02 - 2014-06-17 12:02 - 00000000 ____D () C:\Users\bob marley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WSOP.com 2014-06-17 12:02 - 2014-06-17 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WSOP.com 2014-06-17 12:02 - 2014-06-17 12:02 - 00000000 ____D () C:\Program Files (x86)\WSOP.com 2014-06-17 12:02 - 2014-01-10 00:00 - 00002020 _____ () C:\Users\UpdatusUser\Desktop\WSOP.com.lnk 2014-06-17 12:02 - 2011-07-10 13:26 - 00000000 ____D () C:\Users\bob marley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-06-17 11:53 - 2014-06-17 11:53 - 00442008 _____ (Random-Logic) C:\Users\bob marley\Downloads\wsop.com.exe 2014-06-17 11:26 - 2013-12-28 12:57 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-06-17 11:26 - 2013-03-15 11:51 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-06-17 11:26 - 2011-04-04 22:19 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-06-17 11:26 - 2011-04-04 22:19 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-06-17 11:26 - 2011-04-04 22:19 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-06-17 11:25 - 2014-06-17 11:26 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-06-17 11:25 - 2014-06-17 11:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-06-17 11:25 - 2013-03-15 11:51 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-06-17 11:25 - 2012-07-22 01:36 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-06-17 11:25 - 2011-04-04 22:19 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-06-17 11:25 - 2011-04-04 22:19 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-06-17 11:18 - 2014-06-17 11:18 - 00001160 _____ () C:\Users\bob marley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-17 11:15 - 2014-06-17 11:15 - 00002450 _____ () C:\Users\bob marley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-06-17 10:36 - 2012-01-28 15:41 - 00000000 ____D () C:\Users\bob marley\AppData\Roaming\Mozilla 2014-06-17 10:35 - 2014-06-17 10:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-17 10:35 - 2014-05-09 12:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-17 10:34 - 2014-06-17 10:33 - 00284224 _____ (Mozilla) C:\Users\bob marley\Downloads\Firefox Setup Stub 30.0.exe 2014-06-17 10:24 - 2014-06-17 10:24 - 00000000 ____D () C:\Program Files\003 2014-06-17 10:22 - 2014-06-17 10:22 - 00000000 ____D () C:\Users\bob marley\AppData\Local\globalUpdate 2014-06-12 20:23 - 2014-06-12 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-06-12 20:23 - 2014-06-12 20:23 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-06-12 20:23 - 2013-10-26 10:18 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-06-12 20:23 - 2011-11-05 16:03 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-06-11 10:39 - 2014-06-11 10:39 - 00000000 ____D () C:\Users\bob marley\Desktop\Tor Browser2 2014-06-11 10:38 - 2014-06-11 10:37 - 27167987 _____ () C:\Users\bob marley\Downloads\torbrowser-install-3.6.2_en-US.exe 2014-06-10 01:13 - 2014-06-09 22:28 - 00000000 ____D () C:\Users\bob marley\AppData\Roaming\TS3Client 2014-06-09 22:28 - 2014-06-09 22:28 - 00001162 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2014-06-09 22:28 - 2014-06-09 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2014-06-09 22:28 - 2014-06-09 22:28 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client 2014-06-09 22:26 - 2013-07-24 22:58 - 00000000 ____D () C:\Users\bob marley\AppData\Roaming\Skype Some content of TEMP: ==================== C:\Users\bob marley\AppData\Local\Temp\BackupSetup.exe C:\Users\bob marley\AppData\Local\Temp\GenericUninstall.exe C:\Users\bob marley\AppData\Local\Temp\hsbing_717_active.exe C:\Users\bob marley\AppData\Local\Temp\i4jdel0.exe C:\Users\bob marley\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\bob marley\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\bob marley\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\bob marley\AppData\Local\Temp\lowproc.exe C:\Users\bob marley\AppData\Local\Temp\Nv3DVStreaming.dll C:\Users\bob marley\AppData\Local\Temp\nvSCPAPI.dll C:\Users\bob marley\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\bob marley\AppData\Local\Temp\nvStereoApiI.dll C:\Users\bob marley\AppData\Local\Temp\nvStereoApiI64.dll C:\Users\bob marley\AppData\Local\Temp\nvStInst.exe C:\Users\bob marley\AppData\Local\Temp\optprosetup.exe C:\Users\bob marley\AppData\Local\Temp\SearchProtectionSetup.exe C:\Users\bob marley\AppData\Local\Temp\SecurityScan_Release.exe C:\Users\bob marley\AppData\Local\Temp\setup.exe C:\Users\bob marley\AppData\Local\Temp\stubhelper.dll C:\Users\bob marley\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\bob marley\AppData\Local\Temp\tbSwee.dll C:\Users\bob marley\AppData\Local\Temp\uninstaller.exe C:\Users\bob marley\AppData\Local\Temp\utt2582.tmp.exe C:\Users\bob marley\AppData\Local\Temp\uttB6F7.tmp.exe C:\Users\bob marley\AppData\Local\Temp\vcredist_x64.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-08 00:10 ==================== End Of Log ============================ And here is the Addition report: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01 Ran by bob marley at 2014-07-08 20:47:05 Running from C:\Users\bob marley\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== Ableton Live 8 (HKLM-x32\...\{4941E15C-3C68-4FB7-B5A4-5061B92E9166}) (Version: 8.0.0.0 - Ableton) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.) Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated) Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software) Beatport Downloader (HKLM-x32\...\com.beatport.BeatportDownloader) (Version: 1.4 - Beatport LLC) Beatport Downloader (x32 Version: 1.4 - Beatport LLC) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - ) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) EnGenius 11n USB Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0175 - EnGenius Technologies) Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION) EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.) Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION) Epson Event Manager (HKLM-x32\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation) Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.30.00 - SEIKO EPSON CORPORATION) EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON WF-3540 Series Printer Uninstall (HKLM\...\EPSON WF-3540 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION) Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.2.16.327 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.32.327 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.) iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Java 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle) Juniper Networks Host Checker (HKCU\...\Neoteris_Host_Checker) (Version: 7.2.0.21697 - Juniper Networks) Juniper Networks Network Connect 7.2.0 (HKLM-x32\...\Juniper Network Connect 7.2.0) (Version: 7.2.0.21697 - Juniper Networks) Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.) Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.) Light Image Resizer 4.3.2.2 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.3.2.2 - ObviousIdea) Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.) Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla) NVIDIA 3D Vision Controller Driver (x32 Version: 275.33 - NVIDIA Corporation) Hidden NVIDIA 3D Vision Controller Driver 314.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.07 - NVIDIA Corporation) NVIDIA 3D Vision Driver 314.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.07 - NVIDIA Corporation) NVIDIA Control Panel 314.07 (Version: 314.07 - NVIDIA Corporation) Hidden NVIDIA Graphics Driver 314.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.07 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1407 - NVIDIA Corporation) Hidden NVIDIA Update 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation) NVIDIA Update Components (Version: 1.12.12 - NVIDIA Corporation) Hidden PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.) Software Updater (HKLM-x32\...\{A737E18A-5171-40D0-8034-7DD243420081}) (Version: 4.1.1 - SEIKO EPSON CORPORATION) SpyShelter Firewall 3.0 (HKLM\...\SpyshelterInternetSecurity_is1) (Version: 3.0 - ) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH) thinkorswim (HKLM-x32\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc) thinkorswim from TD AMERITRADE (HKLM-x32\...\thinkorswim from TD AMERITRADE) (Version: - TD AMERITRADE, Inc.) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{9492511E-2CE0-4904-9400-203F44E1DC0D}) (Version: - Microsoft) Warcraft III (HKLM-x32\...\Warcraft III) (Version: - ) Warcraft III: All Products (HKCU\...\Warcraft III) (Version: - ) WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}) (Version: 16.0.9715 - WinZip Computing, S.L. ) WSOP.com (HKLM-x32\...\WSOP.com) (Version: - ) ==================== Restore Points ========================= 23-06-2014 02:00:45 Windows Backup 30-06-2014 02:31:58 Windows Backup 07-07-2014 04:27:44 Windows Backup ==================== Hosts content: ========================== 2009-07-13 19:34 - 2012-12-07 13:47 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0384AED0-1421-4E6D-807A-629C06A00AFF} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-13] () Task: {0A137D08-3D6E-4B59-828C-0AE8B99EAA6D} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-440041499-1871656134-578955171-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {0EA6C14F-4C44-4A0D-B401-B1AB0989B517} - System32\Tasks\{B9AC5CA2-68F7-4A0E-A646-8B11D359ED1A} => Firefox.exe http://ui.skype.com/ui/0/6.6.0.106/en/go/help.faq.installer?LastError=1603 Task: {1E9F8E8D-17B6-47A6-8AD6-D8032D785849} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {2679BDB8-5AA4-40A2-9468-38BF4DBDB939} - System32\Tasks\{003FA240-C956-4E65-8B25-03F9F343A6CD} => Firefox.exe http://ui.skype.com/ui/0/6.7.0.102/en/go/help.faq.installer?LastError=1603 Task: {499CA31E-4D31-4DC2-BFB6-9CE659311C83} - System32\Tasks\Leader Technologies\LTCM Client\New Message Check - bob marley => C:\Program Files (x86)\LTCM Client\ltcmClient.exe Task: {4C2DBA64-B7F6-48A5-B466-5C1E0D889D90} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16] (Adobe Systems Incorporated) Task: {69AD9D3A-9D64-41E6-A87C-4CA78E941D60} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-17] (AVAST Software) Task: {7CC29E7C-3760-459F-BB6B-2312CEB402A8} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-440041499-1871656134-578955171-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {8B385B10-4E34-48F1-B817-6F4A2754F681} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {A0A05C13-6187-4687-B7E9-1E6CE6F00859} - System32\Tasks\AdobeAAMUpdater-1.0-bobmarley-PC-bob marley => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated) Task: {B9EC63BD-58B3-42C5-B956-9B2FA7A2A33A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-440041499-1871656134-578955171-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {CF472F80-CB89-42EC-96CE-1D2D8E36FA97} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-440041499-1871656134-578955171-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2011-04-07 23:19 - 2013-02-09 18:04 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-06-17 20:05 - 2014-02-13 12:09 - 05087584 _____ () C:\Program Files (x86)\SpyShelter Firewall\SpyShelter.exe 2014-06-17 20:05 - 2013-05-22 20:05 - 00537400 _____ () C:\Program Files (x86)\SpyShelter Firewall\RsltView.exe ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:905844AA ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/08/2014 08:43:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id: 0xefc Faulting application start time: 0xmbam.exe0 Faulting application path: mbam.exe1 Faulting module path: mbam.exe2 Report Id: mbam.exe3 Error: (07/08/2014 08:42:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id: 0x1194 Faulting application start time: 0xmbam.exe0 Faulting application path: mbam.exe1 Faulting module path: mbam.exe2 Report Id: mbam.exe3 Error: (07/08/2014 08:40:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id: 0x398 Faulting application start time: 0xmbam.exe0 Faulting application path: mbam.exe1 Faulting module path: mbam.exe2 Report Id: mbam.exe3 Error: (07/08/2014 08:38:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id: 0x3d8 Faulting application start time: 0xmbam.exe0 Faulting application path: mbam.exe1 Faulting module path: mbam.exe2 Report Id: mbam.exe3 Error: (07/08/2014 08:36:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id: 0xad0 Faulting application start time: 0xmbam.exe0 Faulting application path: mbam.exe1 Faulting module path: mbam.exe2 Report Id: mbam.exe3 Error: (07/08/2014 08:35:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id: 0xb44 Faulting application start time: 0xmbam.exe0 Faulting application path: mbam.exe1 Faulting module path: mbam.exe2 Report Id: mbam.exe3 Error: (07/08/2014 08:34:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id: 0x12d8 Faulting application start time: 0xmbam.exe0 Faulting application path: mbam.exe1 Faulting module path: mbam.exe2 Report Id: mbam.exe3 Error: (07/08/2014 08:33:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id: 0xb24 Faulting application start time: 0xmbam.exe0 Faulting application path: mbam.exe1 Faulting module path: mbam.exe2 Report Id: mbam.exe3 Error: (07/08/2014 08:33:06 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id: 0x132c Faulting application start time: 0xmbam.exe0 Faulting application path: mbam.exe1 Faulting module path: mbam.exe2 Report Id: mbam.exe3 Error: (07/08/2014 08:17:29 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. System errors: ============= Error: (07/08/2014 08:19:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error: (07/08/2014 08:19:23 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (07/08/2014 08:14:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (07/08/2014 08:14:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (07/08/2014 08:14:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (07/08/2014 08:14:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (07/08/2014 08:14:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (07/08/2014 08:14:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (07/08/2014 08:14:17 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (07/08/2014 08:14:16 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Microsoft Office Sessions: ========================= Error: (12/06/2011 04:48:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 93995 seconds with 7320 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Percentage of memory in use: 42% Total physical RAM: 4094.49 MB Available physical RAM: 2343.57 MB Total Pagefile: 8187.12 MB Available Pagefile: 6271.41 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:148.91 GB) (Free:22.94 GB) NTFS Drive e: (Seagate Expansion Drive) (Fixed) (Total:931.51 GB) (Free:371.96 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 41AB2316) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 932 GB) (Disk ID: A60E8A81) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================ I have no idea what any of that data means so whoever is wiling to help me out there will be much positive energy and karma headed your direction. Thank you to anyone who can help me with this problem.
  3. I had to do a system restore on my computer because of some issues I had with another program. When the computer restarted, I got an error message in Malwarebytes. When I opened the dashboard, it says in large letters "Your system is not fully protected" and lower down, there is a red x which says "Malicious website protection disabled". Also on the top is the button that says "Fix Now". When I press Fix Now, nothing happens. When I go to settings, under Detection and Protection, I saw that Malicious Website protection was indeed disabled, so I checked off the Enabled button. The message on the dashboard did not change. I also checked under Advanced Settings, and Enable Malware Protection when Malwarebytes starts and Enable Malicious Website Protection when Malwarebytes starts are both checked off. I rebooted the computer. When Malwarebytes started up, there was the same message, and in addition, under Detection and Protection, Malicious Website protection was Disabled again. So I'm not sure what todo at this point.
  4. When submitting a support request using the web form for business support, the page redirects to a 500 error. There is no confirmation email. The content of my support message follows. Please also note the high CPU usage in the attached image along with the referenced memory issue.
  5. I have the problem malwarebytes is stop working when I press Update Here is the picture. here is mbam-check result mbam-check result log version: 2.1.1.1001========================================User Account type: AdministratorOS: Windows 8.1 64 bit Operating SystemCurrent Version and Build: 6.3.9200.0 Malwarebytes Anti-Malware: 2.0.2.1012Installed On: 2014/07/06Malware Database: 2014.03.04.09Rootkit Database: 2014.02.20.01Remediation Database: 2013.10.16.01IP Database: 0000.00.00.00Domain Database: 0000.00.00.00License: TrialMalware Protection: 4 (The service is running.)Malicious Website Protection: 4 (The service is running.)Chameleon: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleonLog Created: 2014/07/06 13:31:18Compatibility Flag Settings:=================================HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exeREG_SZ ~ WIN8RTM E:\100orange\100orange.exe REG_SZ ~ WIN8RTM E:\SteamLibrary\SteamApps\common\Saints Row IV\SaintsRowIV.exeREG_SZ ~ WIN8RTM E:\Nitroplus\
  6. Hello, today after a system restore, I tried open malwarebytes and got an error... it looked like this I proceded to hit ok and this pops up I hit {ok} and the errors disappear... I then try and delete and re-download.. but according to the control panel.. I don't have some unins000 file but i look in my programs file and it was there.. I hope this helps with development and if you could post below the actions i could take from here that would be great! thanks for reading this, and have a good one!
  7. I keep getting this error and I have tried a multitude of options to clear it up. I have uninstalled & reinstalled Malware Bytes twice, cleared all the files, Ran CC Cleaner, reinstalled, reboots, the whole 9 yards. I came across this forum & saw another thread where it was suggested to download Farbar Recovery, which I did. I copied the logs per the instructions but it won't let me reply back to that post so here is another one. I have the logs but didn't want to post them yet. I ran the one for my system, (32 bit) so now I am at a stumbling block. Please help! Incidentally, I also have errors in accessing my docs from gmail to attach to emails and something upon startup that my PC Fax (which I forgot was even on computers anymore) has issues. Also, I sign in using Credant Shield and it's been telling me for a month now that I am an unmanaged user. Below is the pic of the error. Ideas?? Runtime Error pic.bmp
  8. When trying to run a MalwareBytes Anti-Malware scan on a Remote Desktop I am met with the following error: "SDKDatabaseLoadDefaults failed with code: 2" Tried restarting MalwareBytes, no luck. Any suggestions? Thanks.
  9. Hi all, I just got back from vaca and powered on my PC. Malware bytes said it downloaded a new version and needed to install. OK no problem. Boom popup saying I need to log in as administrator (see image). So I closed it out and right-clicked and clicked on "Run as Administrator" and still the same issue. I'm running Windows 8.1 fully updated and my account is the only account on this PC. I've never had trouble installing an upgraded version in the past. Any ideas?
  10. Hello! This Is My First Post About Having Problems With MBAM. Well, I Turned On My PC.... First Message Was From ESET Saying That I Have To Renew My License Because It Will End Within 12 Days... Ok.... So Far I Think It Is Good... I Closed The Message From The OK Button.. Then MBAM Started As Usual As A Task.. After A Few Seconds A Message Came Up Saying That Driver RootkitDDA Could Not Be Loaded and That It Is A Common Phenomenon (or something) Caused By Rootkits. I Selected To Restart... Before Windows Shutting Down Screen Another Message Came Up Saying SDKCreate Failed With Code 20025 Then It Restarted... When It Logged To My Windows User Account There Was Just A Black Screen And MBAM Scanning.. I Accidentally Hit The Minimize Button And I Couldn't See Scanning Process.. I Was Unable To Bring It Up Because There Was No Taskbar... I Tried To Start explorer.exe From TaskManager (Ctrl+Shift+Esc) But It Wouldn't I turned It Off From The Power Button.. Turned It On Again But Now The Driver That Couldn't Be Loaded Was Anti-Rootkit (Same Error Code: 20025) It Was Asking Me To Continue Scanning Without This Driver But I Clicked The Close Button. After A Minute or so, A Message Came Up Saying That There Is A New Update For MBAM and I don't Think That There Is A New Update Because Yesterday I Was Running The Latest Version (Both GUI and Database) Any Help Would Be Appreciated My System Is: Dell Optiplex GX620 SFF Pentium D 820 @ 2.79Ghz (Not Overclocked) 1GB RAM VGA 250MB (224 When I Had XP Installed) DirectX11 (DirectX 9 When XP Was Installed) Windows 7 Ultimate 32 Bit Activated Antivirus Software: NOD32 & Malwarebytes AntiMalware Other Software: Visual Studio, CCleaner, CS 1.6 NON-VALVE,VLC, μΤοrrent, Guitar Pro 5, Paint.NET, Firefox
  11. I purchased Malwarebytes in October of last year. I haven't scanned my computer in awhile, however, it is always running in the background. Recently, I have tried to scan my computer and I keep getting an error. (see below). This is making me believe I have a virus on my computer. Please help! I want to be able to scan my computer to keep it safe. Thank you! Crash info: Problem signature: Problem Event Name: APPCRASH Application Name: mbam.exe Application Version: 1.0.0.532 Application Timestamp: 53518532 Fault Module Name: MSVCR100.dll Fault Module Version: 10.0.40219.325 Fault Module Timestamp: 4df2be1e Exception Code: 40000015 Exception Offset: 0008d6fd OS Version: 6.1.7601.2.1.0.768.3 Locale ID: 1033 Additional Information 1: 8374 Additional Information 2: 83748d7ce6919cf452bf5c3838e036f3 Additional Information 3: 2e01 Additional Information 4: 2e01b10c887fd7f971b05773252074eeFRST.txt Addition.txt
  12. mbamchameleon is filling my System event log - ~32000 items in the past week and a half - with errors like "Mbamchameleon Failed to obtain file name information - C000000D", "Mbamchameleon Failed to obtain file name information - C00000BE", "Mbamchameleon Failed to obtain file name information - C0000034", and "Failed to verify the digital signature for \??\C:\Program Files\Windows Defender\MpCmdRun.exe " Just now:
  13. I'm constantly getting a Malwarebytes error message saying my databases are out of date. I click Update Now and get nothing. I try to remove and it returns. How do I get rid of this message?
  14. Hey I got some virus again on my PC that runs on Win 8 and it seems to mess up my registry since Rundll error pops up every time I turn on the systém. I've conductet scan via FRST this is result post first scan and in attached files is addition txt. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2014 Ran by tomas_000 (administrator) on TOMAS on 28-04-2014 11:34:21 Running from C:\Users\tomas_000\Desktop Windows 8 (X64) OS Language: Czech Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (BlueStack Systems, Inc.) c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (MSI) C:\Program Files (x86)\SCM\Radio Manager.exe (MSI) C:\Program Files (x86)\SCM\SCM.exe () C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe (WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE (MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-27] (Realtek Semiconductor) HKLM\...\Run: [btServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-04-27] (ELAN Microelectronics Corp.) HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-24] (MSI) HKLM\...\Run: [sCM] => C:\Program Files (x86)\SCM\SCM.exe [406944 2013-04-24] (MSI) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [27648 2013-01-07] (Creative Technology Ltd.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation) HKLM-x32\...\Run: [sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd) HKLM-x32\...\Run: [updReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-02-07] (MSI) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.) HKLM-x32\...\Run: [blueStacks Agent] => c:\Program Files (x86)\BlueStacks\HD-Agent.exe [597880 2013-01-08] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-28] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1699877965-1772311906-267468670-1002\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1825984 2014-04-24] (Valve Corporation) HKU\S-1-5-21-1699877965-1772311906-267468670-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) HKU\S-1-5-21-1699877965-1772311906-267468670-1002\...\MountPoints2: {2c7e839b-00ed-11e3-be78-806e6f6e6963} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\autorun.exe HKU\S-1-5-21-1699877965-1772311906-267468670-1002\...\MountPoints2: {a1232edd-6ef0-11e3-be94-240a644aa602} - "G:\SETUP.EXE" AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.) Startup: C:\Users\tomas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jbfrxhb.lnk ShortcutTarget: jbfrxhb.lnk -> C:\PROGRA~3\bhxrfbj.gsa (No File) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com SearchScopes: HKLM - DefaultScope {004887DC-5E12-420E-ABBD-4542392F48A2} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS; SearchScopes: HKLM - {004887DC-5E12-420E-ABBD-4542392F48A2} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS; SearchScopes: HKLM-x32 - {004887DC-5E12-420E-ABBD-4542392F48A2} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS; SearchScopes: HKCU - DefaultScope {004887DC-5E12-420E-ABBD-4542392F48A2} URL = SearchScopes: HKCU - {004887DC-5E12-420E-ABBD-4542392F48A2} URL = BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 05 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 06 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 18 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 05 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 06 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 18 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 FireFox: ======== FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @kb-ext.cz/PKIComponent - C:\Users\tomas_000\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.) Chrome: ======= CHR Extension: (Dokumenty Google) - C:\Users\tomas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-28] CHR Extension: (Disk Google) - C:\Users\tomas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-28] CHR Extension: (YouTube) - C:\Users\tomas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-28] CHR Extension: (VyhledávánĂ­ Google) - C:\Users\tomas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-28] CHR Extension: (avast! Online Security) - C:\Users\tomas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-28] CHR Extension: (Peněženka Google) - C:\Users\tomas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-28] CHR Extension: (Gmail) - C:\Users\tomas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-28] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-28] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-28] (AVAST Software) S2 BstHdAndroidSvc; c:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-01-08] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-01-08] (BlueStack Systems, Inc.) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] () R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99664 2013-04-27] (ELAN Microelectronics Corp.) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation) S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-24] (Micro-Star International Co., Ltd.) S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [154112 2013-02-08] (MSI) S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-26] () R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] () S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-03-28] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-03-28] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-28] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-03-28] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-03-28] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-03-28] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-03-28] () R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.) R2 BstHdDrv; c:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-01-08] (BlueStack Systems) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) R3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-12-28] (Disc Soft Ltd) S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows ® Win 7 DDK provider) R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.) S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [524360 2013-04-27] (Realtek Semiconductor Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-04-27] (RTS Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1552456 2013-04-27] (Realtek Semiconductor Corporation ) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-28 11:34 - 2014-04-28 11:34 - 00019844 _____ () C:\Users\tomas_000\Desktop\FRST.txt 2014-04-28 11:34 - 2014-04-28 11:34 - 00000000 ____D () C:\FRST 2014-04-28 11:31 - 2014-04-28 11:31 - 02061824 _____ (Farbar) C:\Users\tomas_000\Desktop\FRST64.exe 2014-04-21 05:31 - 2014-04-24 22:28 - 00000000 ____D () C:\ProgramData\2992199F9A 2014-04-12 21:21 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-12 21:21 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-12 21:21 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe 2014-04-12 21:21 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2014-04-12 21:21 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll 2014-04-12 21:21 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2014-04-12 21:21 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-04-12 21:21 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2014-04-12 21:21 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll 2014-04-12 21:21 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-04-12 21:21 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-04-12 21:21 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-12 21:21 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-04-12 21:21 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-04-12 21:21 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml 2014-04-12 21:21 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2014-04-12 21:21 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-04-12 21:21 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-04-12 21:21 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2014-04-12 21:21 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-04-12 20:18 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-12 20:18 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-12 20:18 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-12 20:18 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-12 20:18 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-12 20:18 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-12 20:18 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-04-12 20:18 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-12 20:18 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-12 20:18 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-04-12 20:18 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-04-12 20:18 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-12 20:18 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-12 20:18 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-04-12 20:18 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-12 20:18 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-12 20:18 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-12 20:18 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-04-12 20:18 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-12 20:18 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2014-04-12 20:18 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-12 20:18 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-12 20:18 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-09 14:21 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-09 14:21 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-04-09 14:21 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-04-09 14:21 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-04 14:11 - 2014-04-04 14:11 - 00000000 ____D () C:\Windows\System32\Tasks\GenericSettingsHandler ==================== One Month Modified Files and Folders ======= 2014-04-28 11:34 - 2014-04-28 11:34 - 00019844 _____ () C:\Users\tomas_000\Desktop\FRST.txt 2014-04-28 11:34 - 2014-04-28 11:34 - 00000000 ____D () C:\FRST 2014-04-28 11:34 - 2013-10-03 16:10 - 00037564 _____ () C:\Users\tomas_000\AppData\Local\BTServer.log 2014-04-28 11:31 - 2014-04-28 11:31 - 02061824 _____ (Farbar) C:\Users\tomas_000\Desktop\FRST64.exe 2014-04-28 11:30 - 2013-10-03 16:49 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-04-28 11:23 - 2013-10-03 16:07 - 01203466 _____ () C:\Windows\WindowsUpdate.log 2014-04-28 11:21 - 2013-04-28 01:51 - 00000000 ____D () C:\ProgramData\Realtek 2014-04-28 11:14 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru 2014-04-28 11:13 - 2014-03-28 05:57 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-26 17:25 - 2013-10-03 16:19 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1699877965-1772311906-267468670-1002 2014-04-26 16:45 - 2014-03-28 05:57 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-26 16:45 - 2013-04-28 01:49 - 00000000 ____D () C:\ProgramData\Bigfoot Networks 2014-04-26 00:26 - 2013-10-04 01:09 - 00000000 ____D () C:\Users\tomas_000\AppData\Local\CrashDumps 2014-04-25 22:46 - 2013-11-05 22:22 - 00000000 ____D () C:\Users\tomas_000\AppData\Roaming\TS3Client 2014-04-25 22:06 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-25 22:03 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-04-24 22:28 - 2014-04-21 05:31 - 00000000 ____D () C:\ProgramData\2992199F9A 2014-04-24 22:28 - 2013-10-03 16:11 - 00000000 ___RD () C:\Users\tomas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-18 21:04 - 2014-03-19 05:35 - 00000222 _____ () C:\Users\tomas_000\Desktop\Wargame Red Dragon.url 2014-04-18 08:45 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent 2014-04-16 18:53 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache 2014-04-16 14:37 - 2013-10-03 16:11 - 00000000 ___RD () C:\Users\tomas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-04-16 14:36 - 2013-02-22 09:00 - 01331294 _____ () C:\Windows\PFRO.log 2014-04-16 14:33 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData 2014-04-16 14:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore 2014-04-15 13:49 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-14 17:22 - 2013-10-08 15:41 - 00395264 ___SH () C:\Users\tomas_000\Desktop\Thumbs.db 2014-04-13 20:26 - 2013-11-29 00:43 - 00000000 ____D () C:\Users\tomas_000\AppData\Local\Game Dev Tycoon - Steam 2014-04-10 23:38 - 2013-11-30 00:10 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-04-10 03:04 - 2013-10-05 16:07 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-10 03:02 - 2013-10-05 16:07 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-04 14:11 - 2014-04-04 14:11 - 00000000 ____D () C:\Windows\System32\Tasks\GenericSettingsHandler 2014-04-03 17:37 - 2013-10-03 16:07 - 00000000 ____D () C:\Users\tomas_000 2014-03-31 23:18 - 2013-11-16 21:39 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-31 23:18 - 2013-11-16 21:39 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-31 05:08 - 2014-03-28 05:57 - 00003942 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-03-31 05:08 - 2014-03-28 05:57 - 00003706 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-30 02:42 - 2013-10-03 16:42 - 00000000 ___RD () C:\Users\tomas_000\Desktop\PC Stuff Some content of TEMP: ==================== C:\Users\tomas_000\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-27 11:54 ==================== End Of Log ============================ Addition.txt
  15. Hi,s I had malwarebytes pro and it wouldn't open, did a full scan with avast nothing detected, so I assumed the program had gone a bit funny. I Uninstalled it and tried to download it again, but it keeps coming up with errors such as: Internal error: Expression error 'Runtime Error (at 57:177): External exception E06D7363. and Runtime Error (at 49:252): External exception E06D7363. Could this be malware or a virus? Or is it a conflict of programs? I use Malwarebytes Pro, Avast Pro and zonealarm firewall.
  16. I can't install MBAE because of a error that requires 110.dll Is this normal? Running Windows 7 starter with MBAM, Avast, and windows firewall.
  17. Dear Admin, I am not unable to uninstall my MBAM PRO, everytime I try uninstall it, it will show the error as on the image shown as attachment. CCleaner also not able to uninstall as same error code appears. Please help.
  18. hello, i have been using Malwarebytes Aint-malware 2.0 on 2 of my PCs and on both i get "Error: Malwarebytes was unable to load the Anti-Rootkit Driver. Error codeL 20025? I am running windows 8.1 does that have something to do with this? thanks
  19. Hi there! Im a first-timer on these forums, so I apologize if I'm sort of naïve to the workings around here. But to get to my problem, I've recently came across a two-fer of problems on this computer. It started with what I believe is adware, and I'm still having issues removing it despite trying MalwareBytes, and many other antiviruses as well as rootkit killers(?). I'm not too worried about that right now, as I have another problem that has wreaked havoc and barely lets me use my computer for more than 10 minutes at a time. It doesn't seem to have any correlation with certain programs, but I keep getting an error message that says "Plug and Play/DCOM service has terminated unexpectedly and must now restart." or something along those lines. Sometimes it wont give me a reason and it just says "Windows will shut down in 1 minute" and it will proceed to restart. It can happen immediately when I log onto my computer up to an hour or so after I've logged in and I've been going about my business, but there's no doubt it will happen multiple times in a day no matter what I do or when it happens. It usually happens every 10 minutes. Is there any way to fix this? I use my computer for work so I can't let this keep happening, and I'm not about to reformat it just yet. Thanks in advance for any advice or fixes!
  20. When I install Malwarebytes on my Windows Professional 64bit SP1 with the latest version there is always the rules.def file not installed. The system asks if I want to update from the internet (as "database is corrupt or missing") and then starts downloading. Still, after the download the rules.def is never be installed in the "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware" directory. I also tried to copy the rules.def (and even all files in the path above) from another computer (where everything runs smoothly) but every time I start MBAM the rules.def is deleted and the systems asks to download a new database. Again, the systems downloads from the internet but is never able to create the rules.def (getting a PROGRAM_ERROR_LOAD_DATABASE error)! I'm running Avast 7 but I don't see a any blockages here. The solution in the FAQ does not work as there is no rules.def in the directory resp. it is alyways deleted when I copy it there. I run also mbam-clean.exe but also no success. It makes me want to tear my hear out! Any ideas?
  21. Hey everyone! Today I decided I'll set up a virtual machine and do some malware hunting. I've downloaded VirtualBox and went through the steps of setting it up. I've run into the first error immediately, which was "No bootable medium found", but I solved that one. Now, I get "CDBOOT: Couldn't find NTLDR" everytime I start up. I googled around, but didn't find anything meaningful. Hope someone can help me. Mateotis
  22. I've been having some trouble with my computer; it switches MY browser for suspicious ones, my computer is acting super slow (for my computer anyway), so I tried to delete the weird browser and it won't let me. My cousin suggested that I download Malwarebytes, and now I'm pretty sure that the malware is preventing me from getting the anti-malware software on my computer. All I'm getting is error messages. I don't know what to do. It's frustrating because my computer has never been buggy before. Need help.....
  23. RUNDLL _WHNSKE.init problem. The specified module could not be found. This is happening when I connect flash drive to my system. A shortcut is getting created and when I double click it to open, above mentioned error occurs. Can you help?
  24. I was infected by a virus recently and I used malwarebytes to clear it up but now when I right click on anything in my windows I get a RunDLL Error message saying { "there was a problem starting C:\Users\Mommy\AppData\Local\Temp\stnwcpq\svaubdr\wow.dll The specified midule could not be found. " } What does this mean?...I know it's obviously bad and how can I get rid of it?
  25. Ok, so I got my computer to a good point to where I can use it, but I wanted to use my Malwarebytes to clean the rest up, and I tried to run it and I get this Error: Run Time Error 339 Component ieframe.dll or one of its dependancies is not correctly registered: a file is missing or invalid. What do I do to fix this so I can run the program?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.