Jump to content

Search the Community

Showing results for tags 'Hangs'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 22 results

  1. PC running windows 7 will not shut down with Malwarebytes Ransomware enabled. I also have Norton 360 which plays nicely with Malwarebytes. Premium. I have worked with support and sent replies and logs as requested without a fix. The last email requested I submit this information to Engineering which I highly doubt exists since the has been no fixes either for myself or others reporting the same problem as far back as 2018.
  2. I was sent here from https:// forums.malwarebytes.com/topic/254035-mwb-scan-hangs after they could not figure out the problem and thought you'd be interested. I am experienced with computers and do not believe I have a malware problem but it is curious MWB scan hangs during the file scan phase although the timer advances. You can see various things have been tried, cleanups done, etc. but there is still a problem with the scan. Anyone care to try to figure this out?
  3. It actually was hanging up too but I have yet to Re-up my premium account status and follow up on troubleshooting as I have been swamped with work. I will get to it this weekend
  4. I have never had or suspected a virus or malware issue on my machine. It's old. Used to be Win 7 and now Win 10. This all started with me being excited about the new MWB 4.0 so I installed and ran a scan. SCAN NEVER COMPLETES. Timer continues but scan has stopped in various places including Checking for updates section once and other places but usually in the file scan (last) section. Previous MWB help could not solve and suggested I go here due to this and other things they saw which I suspect are harmless and due to other protective software I use and have used. I uninstalled AVAST and enabled and ran WIndows Defender to find nothing except the EICAR virus test file I have. I reran the MWB installer and reran scan. Again, hung. This time on last section item 164,161 (this varies). I ran FRST64.exe and attached logs. Thanks for your help. Very odd the scan will not complete. FRST.txt Addition.txt
  5. I am a premium home subscriber. I am using an up-to-date 64-bit version of Windows 10. A popup window alerted me that a Malwarebytes update to version 3.4 was available. I clicked to download the update and enabled changes to my computer. The installation window opened and the progress bar remained at zero. In Taskmanager, I could see two 32-bit installation processes running, but neither was using any CPU time. I killed the processes, downloaded a new installation package and tried to reinstall, with the same result. Help! mb-check-results.zip
  6. When I install Malwarebytes premium it will eventually cause chrome to hang (apparently). Other programs continue to function but chrome becomes unresponsive. Has anybody else seen this behavior? The only cure I have found is to uninstall MBAM. Sophos is also running and is reporting no problems. Windows Defender is also happy with my config.
  7. OS: Windows 10 Pro 32 Bit (Updated) Antivirus: Avira Free Antivirus (updated) Firewall: Comodo Firewall 10 (updated) Asus Notebook working. Problem encountered during a simple routine check (other on-demand control / cleaning programs, and the same Avira, have never detected infections). Malwarebytes 3: the threat scan is completed without detecting any infection. Malwarebytes 3: custom scanning, with all available options (and only the disk where the operating system is installed) selected, after about an hour, hangs the computer. The monitor starts flashing and, then, the screen becomes black (black screen). I must therefore brutally shut down down the machine (hard reset). Completely removed Malwarebytes 3, then I installed Malwarebytes Anti-Malware 2.2.1 and I tried again. The above reported problem (with no other mutations in the system) does not occur with the Malwarebytes Anti-Malware 2.2.1 version: scanning (even with the same settings as Malwarebytes 3) is regularly completed (detecting even the same PUPs), although it takes more than three hours. The disks control did not reveal any problems. Now I'm using version 2.2.1. Thank you for your attention and excuse my English! Greetings from Italy.
  8. My main MS Word editing machine is an older Dell laptop (XPS L702X) running Windows 7--Dell informs me it can NOT be upgraded to Windows 10 due to not being supported via drivers, etc. Of course I found this after giving Windows 10 a try last summer, and after finding the fan ran continuously, backed out and reverted to Windows 7 again. I've been using the free version of Malwarebytes for ages on 5 household machines which consist of two Windows 10 Dell and Acer laptops (all purchased within the last 6 months), an older Toshiba laptop running Windows 8.1 and a Dell XPS desktop system about 3 years old running Windows 10, plus this errant machine. When MWB 3 came out, I was impressed by how well it worked on two of the Windows machines and decided to purchase licenses for the full versions: I now have a 5 license paid version of Malwarebytes 3.x. This new version is installed on the Windows 10 desktop (runs flawlessly), the new Dell Windows 10 laptop (runs flawlessly) and this problematic older Dell laptop running Windows 7. Each scan I run, either the default or a custom including root kits and limited to the C drive, will hang between 30k and 65k files scanned. It just stops and will spin endlessly on some random file. Sometimes but not always, memory will get jammed when it hangs and it becomes very difficult to close an open browser that's been sitting idle and reboot the machine. Attached are the required files. Hope this information is helpful. I may have to revert to the Malwarebytes 2.x version. Will my new license work with that version? JW_MBAM_LOGS.zip MB-CheckResult.txt Addition.txt FRST.txt
  9. After upgrading to Malwarebytes (MB) 3.0.6 Premium, a scan would hang (stop processing) on a few files (i.e. item 517 or 518 or etc.) if rootkits were included in the scan. Googling this issue led me to think it had something to do with Macrium Reflect (MR) Backup Software. When I upgraded MR from version 6 to version 7, I thought the problem would go away. Not the case as the problem persisted. Followed all the advice from MB Support but no avail. Then one day, a patch was available for MR. MB scan with rootkit successfully executed. I thought the problem was fixed BUT after a reboot the problem came back. I was more convinced though that the issue had something to do with MR. A few days ago, I got an Event ID 4 with the Source as FilterManager in my Event Viewer. The error said "failed to attach to volume \Device\HarddiskVolumeShadowCopy8". In researching this issue I came across a message thread relating to Macrium Reflect VSS error troubleshooting. The MR troubleshooting document shared many potential fixes. One of the fixes was easy to execute. It said to turn the "VSS Service" from Manual to Automatic. After doing this, BINGO, a MB scan with rootkits enable executed successfully. It has been repeatable over multiple reboots and various other non-related tasks. So the fix is holding. Either just turning the VSS Service from Manual to Automatic is THE fix OR it's a fix in combination with the various MR version 7 patches. MB Support is aware of this solution. Maybe I was the only one who had this issue but in case there are others, thought I'd share this solution.
  10. I previously posted in early February that Malwarebytes 3.06 would hang when scanning with rootkits enabled. Malwarebytes support had been looking into the issue for many weeks. In the end, the issue was related to a conflict between Malwarebytes and Macrium Reflect Backup Software. Macrium Reflect released a series of patches to their new updated version 7 software. An unrelated patch to this software released March 16th, 2017 fixed the issue. With Macrium Reflect updated to v7.0.2079, the issue has been resolved. I've passed information to the Malwarebyte support folks so they at least know how this conflict arose.
  11. I have malwarebytes premium 3.0.6.1469. Every time I try to do a custom scan it hangs after about an hour or so. Each time it seems to be on a different file.. I have tried disabling rootkit scan. I have removed it and re-installed. I have used TFC.exe to clean the PC. all of these to no avail. I have attached all the log files and scan results asked for - can someone help please? FRST.txt Addition.txt MB-CheckResult.txt MAWB screeshot.docx MAWB logs.zip
  12. Malwarebytes Premium 3.0.5 was downloaded and installed today. When first run progressed to Scan File System but failed to complete. Manually aborted the program. Deleted temporary files per Google search recommendation then rebooted. Second run progressed in Scan File System to item 56,535 and is still there after 1.5 hours. See attached file. What do you advise to resolve? Malwarebytes dashboard GaryReed 20170117.docx
  13. This MBAM 3.0.4 feels definitely not ready for prime time in many many ways.... On my machine running Win 7 64-bit SP1 with an i7 processor, loads of memory (32gb) and SSDs - after installing 3.0.4 over existing 2.x (latest/licensed), my machine (and I believe others that I am helping people with) experience very long shutdown times: 4 minutes and 38 seconds on my machine with just 'Windows is Shutting Down'. Really unacceptable! I uninstalled MBAM. Shut down: less than 5 seconds. Takes 24 seconds from pressing power to Windows logon screen (which includes about 11 seconds of the bios stuff before windows starts to load). Re-installed MBAM, first shutdown 18 seconds. Reboot, and used Chrome browser for few minutes. Shutdown - again takes 4 minutes and 38 seconds! (I'm using smartphone stopwatch - it's the same unacceptable time to shutdown!) (I'm having issues with other computers I support as well - super long time to boot up, unresponsive after install of MBAM 3.0.4.)
  14. So i scanned with malwarebytes and it gives me a notice about backdoor.bot everytime i open a new tab on chrome or even start a new window. Now I can't access chrome as it will not respond and I'm afraid that I need to wipe off my whole hard disk. This is the FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-01-2015 Ran by Jonard (administrator) on JONARD-PC on 07-01-2015 04:48:37 Running from C:\Users\Jonard\Downloads Loaded Profile: Jonard (Available profiles: Jonard) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 10 (Default browser: Chrome) Boot Mode: Safe Mode (with Networking) Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation) HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1941696 2015-01-06] (Valve Corporation) HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google) HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\Run: [f.lux] => C:\Users\Jonard\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\Run: [unified Remote v2] => C:\Program Files (x86)\Unified Remote\RemoteServer.exe [333008 2014-06-03] (Unified Intents AB) HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-05-07] () HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30878816 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\Policies\system: [DisableLockWorkstation] 0 ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: [iDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-929801286-2439710914-3047627991-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://iat.ninemsn.com.au/tickler/default.aspx?ocid=iehp SearchScopes: HKLM-x32 -> DefaultScope value is missing. BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Winsock: Catalog9 01 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex) Winsock: Catalog9 02 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex) Winsock: Catalog9 03 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex) Winsock: Catalog9 04 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex) Winsock: Catalog9 15 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex) Winsock: Catalog9-x64 01 C:\Windows\system32\WTFastDrv.dll [79464] (Initex) Winsock: Catalog9-x64 02 C:\Windows\system32\WTFastDrv.dll [79464] (Initex) Winsock: Catalog9-x64 03 C:\Windows\system32\WTFastDrv.dll [79464] (Initex) Winsock: Catalog9-x64 04 C:\Windows\system32\WTFastDrv.dll [79464] (Initex) Winsock: Catalog9-x64 15 C:\Windows\system32\WTFastDrv.dll [79464] (Initex) Hosts: Hosts file not detected in the default directory Tcpip\Parameters: [DhcpNameServer] 198.142.0.51 211.29.132.12 198.142.235.14 FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Jonard\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall) FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-929801286-2439710914-3047627991-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jonard\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-929801286-2439710914-3047627991-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Jonard\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\Jonard\AppData\Roaming\IDM\idmmzcc5 [2014-09-23] Chrome: ======= CHR Profile: C:\Users\Jonard\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Magic Actions for YouTube™) - C:\Users\Jonard\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-10-30] CHR Extension: (BetterTTV) - C:\Users\Jonard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-12-07] CHR Extension: (Google Drive) - C:\Users\Jonard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-01] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jonard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14] CHR Extension: (Chromoji - Emoji for Google Chrome™) - C:\Users\Jonard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahedbegdkagmcjfolhdlechbkeaieki [2014-09-20] CHR Extension: (Pushbullet) - C:\Users\Jonard\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2014-12-04] CHR Extension: (Chrome Remote Desktop) - C:\Users\Jonard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-12-04] CHR Extension: (AdBlock) - C:\Users\Jonard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-22] CHR Extension: (Reddit Enhancement Suite) - C:\Users\Jonard\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-07-24] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jonard\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-08] CHR Extension: (Google Wallet) - C:\Users\Jonard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-21] CHR Extension: (AlienTube for YouTube™) - C:\Users\Jonard\AppData\Local\Google\Chrome\User Data\Default\Extensions\opgodjgjgojjkhlmmhdlojfehcemknnp [2014-08-04] CHR HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Jonard\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-02-01] CHR HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-07-11] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.) S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) S2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\39.0.2171.46\remoting_host.exe [56648 2014-10-29] (Google Inc.) S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-04-06] (Creative Labs) [File not signed] S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed] S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-18] (NVIDIA Corporation) S2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender) S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165144 2012-03-29] (Intel Corporation) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-18] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-18] (NVIDIA Corporation) S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-04-07] () S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-10] () S2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute) [File not signed] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender) U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2015-01-07] (BitDefender) S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender) S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.) S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.) S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.) R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-06] (DT Soft Ltd) S1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC) S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-08-09] () S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-07] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) R1 networx; C:\Windows\System32\drivers\networx.sys [58360 2012-11-26] (NetFilterSDK.com) S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-18] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-04] (NVIDIA Corporation) R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-09-05] (Razer Inc) S3 rzjoystk; C:\Windows\System32\DRIVERS\rzjoystk.sys [19968 2011-03-24] (Razer USA Ltd) R3 rzjstk; C:\Windows\System32\DRIVERS\rzjstk.sys [27816 2014-09-05] (Razer Inc) R3 rzkeypadendpt; C:\Windows\System32\DRIVERS\rzkeypadendpt.sys [33448 2014-09-05] (Razer Inc) S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows ® Win 7 DDK provider) S2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-10] (Razer, Inc.) S2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-10-24] (Razer, Inc.) S3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [157184 2011-07-14] (Razer USA Ltd) [File not signed] U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [30312 2014-08-08] () S0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.) S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2012-06-11] (Texas Instruments) S3 ALSysIO; \??\C:\Users\Jonard\AppData\Local\Temp\ALSysIO64.sys [X] S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-07 04:48 - 2015-01-07 04:49 - 00021004 _____ () C:\Users\Jonard\Downloads\FRST.txt 2015-01-07 04:48 - 2015-01-07 04:48 - 02123776 _____ (Farbar) C:\Users\Jonard\Downloads\FRST64.exe 2015-01-07 04:48 - 2015-01-07 04:48 - 00000000 ____D () C:\FRST 2015-01-07 03:21 - 2015-01-07 03:21 - 00000000 ____D () C:\Users\Jonard\AppData\Roaming\AVG2015 2015-01-07 03:20 - 2015-01-07 03:20 - 00000965 _____ () C:\Users\Public\Desktop\AVG 2015.lnk 2015-01-07 03:20 - 2015-01-07 03:20 - 00000000 ____D () C:\Users\Jonard\AppData\Roaming\TuneUp Software 2015-01-07 03:20 - 2015-01-07 03:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-01-07 03:19 - 2015-01-07 03:20 - 00000000 ____D () C:\ProgramData\AVG2015 2015-01-07 03:19 - 2015-01-07 03:19 - 00000000 ___HD () C:\$AVG 2015-01-07 03:19 - 2015-01-07 03:19 - 00000000 ____D () C:\Program Files (x86)\AVG 2015-01-07 03:17 - 2015-01-07 03:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys 2015-01-07 03:09 - 2015-01-07 03:09 - 00000000 ____T () C:\Windows\system32\lic2tmp.xml20129 2015-01-07 02:49 - 2015-01-07 03:24 - 00000000 ____D () C:\Users\Jonard\AppData\Local\Avg2015 2015-01-07 02:49 - 2015-01-07 03:24 - 00000000 ____D () C:\ProgramData\MFAData 2015-01-07 02:49 - 2015-01-07 02:49 - 04637504 _____ (AVG Technologies) C:\Users\Jonard\Downloads\avg_free_stb_all_2015_5557_cnet.exe 2015-01-07 02:49 - 2015-01-07 02:49 - 00000000 ____D () C:\Users\Jonard\AppData\Local\MFAData 2015-01-07 02:29 - 2015-01-07 03:08 - 00000504 _____ () C:\Windows\setupact.log 2015-01-07 02:29 - 2015-01-07 02:29 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-07 02:28 - 2015-01-07 04:39 - 00000690 _____ () C:\Windows\PFRO.log 2015-01-07 00:15 - 2015-01-07 00:15 - 00073676 _____ () C:\Users\Jonard\Documents\cc_20150107_001541.reg 2015-01-06 17:16 - 2014-12-10 09:21 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys 2015-01-06 17:04 - 2015-01-06 17:04 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA% 2015-01-04 02:10 - 2015-01-04 02:10 - 00000000 ____D () C:\Users\Jonard\Documents\SavedGames 2014-12-31 17:02 - 2014-12-31 17:02 - 00000208 _____ () C:\Users\Jonard\Downloads\Wireless (11).htm 2014-12-29 00:54 - 2014-12-29 22:32 - 00000000 ____D () C:\Users\Jonard\Downloads\Avatar The Last Airbender Book 1,2,3[Water,Earth,Fire] Complete episods Salman Sk Silver RG 2014-12-29 00:53 - 2014-12-29 00:53 - 00024501 _____ () C:\Users\Jonard\Downloads\[kickass.so]avatar.the.last.airbender.book.1.2.3.water.earth.fire.complete.episods.salman.sk.silver.rg.torrent 2014-12-22 19:57 - 2014-12-22 19:57 - 00000208 _____ () C:\Users\Jonard\Downloads\Wireless (10).htm 2014-12-19 14:22 - 2014-12-19 14:22 - 00009728 _____ (Razer Inc.) C:\Windows\SysWOW64\RzStats.IPC.dll 2014-12-19 03:15 - 2014-12-19 03:16 - 00000076 _____ () C:\Users\Jonard\Desktop\New Text Document.txt 2014-12-17 00:29 - 2014-12-17 00:29 - 00000208 _____ () C:\Users\Jonard\Downloads\Wireless (9).htm 2014-12-13 17:51 - 2014-12-13 17:51 - 00010452 _____ () C:\Users\Jonard\Downloads\[kickass.so]american.hustle.2013.720p.brrip.x264.yify.torrent 2014-12-12 06:23 - 2014-12-12 06:23 - 00000000 ____D () C:\ProgramData\GZ 2014-12-12 02:01 - 2014-12-12 02:01 - 00019514 _____ () C:\Users\Jonard\Downloads\[kickass.so]inglourious.basterds.2009.720p.brrip.x264.yify.torrent 2014-12-10 03:54 - 2014-12-10 03:54 - 00000000 ____D () C:\Users\Jonard\AppData\Local\RzStats 2014-12-08 21:24 - 2014-12-08 21:24 - 00260888 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-07 04:31 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\Globalization 2015-01-07 04:25 - 2013-04-07 17:32 - 00000000 ____D () C:\Users\Jonard\AppData\Roaming\Skype 2015-01-07 04:10 - 2013-04-06 00:52 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-07 03:44 - 2014-08-08 23:46 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-07 03:41 - 2013-04-07 16:10 - 00000000 ____D () C:\Program Files\Call of Duty- Modern Warfare 3 2015-01-07 03:23 - 2013-04-06 02:28 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-01-07 03:19 - 2013-08-13 18:03 - 00004966 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Jonard-PC-Jonard Jonard-PC 2015-01-07 03:19 - 2009-07-14 15:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-07 03:19 - 2009-07-14 15:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-07 03:16 - 2014-09-23 02:53 - 00000000 ____D () C:\Users\Jonard\AppData\Roaming\IDM 2015-01-07 03:15 - 2013-04-05 23:20 - 01639953 _____ () C:\Windows\WindowsUpdate.log 2015-01-07 03:14 - 2014-10-15 18:18 - 00003756 _____ () C:\Windows\System32\Tasks\AutoKMS 2015-01-07 03:14 - 2014-10-08 17:39 - 00000000 ____D () C:\Users\Jonard\AppData\Local\CrashDumps 2015-01-07 03:14 - 2013-04-06 00:52 - 00000000 ____D () C:\Program Files (x86)\Google 2015-01-07 03:07 - 2014-10-06 21:06 - 00003496 _____ () C:\Windows\System32\Tasks\gg_uac_daemon_Jonard 2015-01-07 03:07 - 2013-05-10 23:13 - 00000000 ___RD () C:\Users\Jonard\Google Drive 2015-01-07 03:07 - 2013-04-06 00:52 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-07 03:07 - 2009-07-14 16:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-07 03:06 - 2013-06-07 00:40 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-07 02:59 - 2013-04-25 12:56 - 00000000 ____D () C:\Program Files (x86)\RocketDock 2015-01-07 02:51 - 2013-07-07 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope 2015-01-07 02:50 - 2013-06-02 18:07 - 00000000 ____D () C:\Users\Jonard\AppData\Roaming\Antares 2015-01-07 02:50 - 2013-06-02 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antares Audio Technologies 2015-01-07 00:20 - 2013-04-07 21:01 - 00000000 ____D () C:\Users\Jonard\AppData\Roaming\vlc 2015-01-07 00:16 - 2013-04-08 13:22 - 00007599 _____ () C:\Users\Jonard\AppData\Local\resmon.resmoncfg 2015-01-07 00:14 - 2014-02-22 15:27 - 00000000 ____D () C:\Windows\Minidump 2015-01-07 00:14 - 2013-04-06 15:09 - 00000000 ____D () C:\Windows\Panther 2015-01-07 00:14 - 2013-04-06 10:01 - 00000000 ____D () C:\Users\Jonard\AppData\Roaming\DAEMON Tools Pro 2015-01-07 00:14 - 2013-04-06 01:55 - 00000000 ____D () C:\Users\Jonard\AppData\Roaming\uTorrent 2015-01-06 17:43 - 2014-07-10 02:32 - 00139264 _____ () C:\Users\Jonard\Downloads\StartD2MP (7).exe 2015-01-06 02:29 - 2013-04-06 02:03 - 00000000 ____D () C:\Users\Jonard\AppData\Roaming\DMCache 2015-01-04 15:22 - 2013-04-06 02:03 - 00000000 ____D () C:\Users\Jonard\Downloads\Compressed 2015-01-04 04:18 - 2013-08-01 19:44 - 00000000 ____D () C:\Users\Jonard\AppData\Roaming\Spotify 2015-01-03 22:40 - 2013-04-06 01:35 - 00037810 _____ () C:\Windows\system32\lvcoinst.log 2015-01-03 17:05 - 2014-02-09 21:31 - 03849596 _____ () C:\Users\Jonard\Downloads\cudaminer-2014-02-04.zip 2015-01-03 15:08 - 2013-08-01 19:44 - 00000000 ____D () C:\Users\Jonard\AppData\Local\Spotify 2015-01-03 14:59 - 2014-08-08 23:45 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-01-03 14:59 - 2014-08-08 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-01-03 14:59 - 2014-08-08 23:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-01-02 19:30 - 2013-04-06 02:03 - 00000000 ____D () C:\Users\Jonard\Downloads\Video 2015-01-02 16:18 - 2009-07-14 16:13 - 00781302 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-01 23:51 - 2009-07-14 16:08 - 00032586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-12-30 17:21 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-12-20 15:25 - 2013-04-08 22:21 - 00000000 ____D () C:\Users\Jonard\Documents\My Games 2014-12-19 20:24 - 2013-04-07 17:32 - 00000000 ____D () C:\ProgramData\Skype 2014-12-19 20:23 - 2013-04-07 17:32 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-12-19 03:16 - 2014-09-11 00:48 - 00000000 ____D () C:\Users\Jonard\Desktop\New folder ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-04 03:12 ==================== End Of Log ============================ And my Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-01-2015 Ran by Jonard at 2015-01-07 04:49:25 Running from C:\Users\Jonard\Downloads Boot Mode: Safe Mode (with Networking) ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - ) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Algebrator 5.1 rc1 (HKLM-x32\...\Algebrator_is1) (Version: - Softmath Inc) Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach) Assassins Creed IV Black Flag version 1.0.0.0 (HKLM-x32\...\Assassins Creed IV Black Flag_is1) (Version: 1.0.0.0 - RePack by SEYTER) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies) AVG 2015 (Version: 15.0.4257 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.7 - EA Digital Illusions CE AB) BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version: - ) BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version: - Gaijin Games) Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games) CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ‪Canon Inc.‬) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬) Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform) Chrome Remote Desktop Host (HKLM-x32\...\{8432E4EF-ABFB-48C8-B77B-24728E71D3DD}) (Version: 39.0.2171.46 - Google Inc.) Company of Heroes (HKLM-x32\...\Company of Heroes_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version: - Relic) Core Temp 1.0 RC5 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CPUID CPU-Z 1.63.0 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited) Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited) Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited) Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - ) Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited) DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd) Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version: - Techland) Dead Space (HKLM-x32\...\Steam App 17470) (Version: - EA Redwood Shores) Dogecoin (HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\Dogecoin) (Version: 1.5.1.0 - Dogecoin) <==== ATTENTION! Dolphin x86 (HKLM-x32\...\Dolphin x86) (Version: 4.0.2 - Dolphin Development Team) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve ) Driver Fusion (HKLM-x32\...\{100C8F3B-82D6-4B14-BB7A-5E8C3FF810C8}_is1) (Version: 1.6.0 - Treexy) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) f.lux (HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\Flux) (Version: - ) Far Cry 3 (HKLM-x32\...\Far Cry 3_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky) FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line) Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Guacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version: - DrinkBox Studios) Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version: - Muse Games) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) iTunes (HKLM\...\{427174C0-096E-40D9-9684-9C109BEE2CBF}) (Version: 11.0.5.5 - Apple Inc.) Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad) K-Lite Codec Pack 10.6.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - ) League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games) League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Lethal League (HKLM-x32\...\Steam App 261180) (Version: - Team Reptile) Live Update 5 (HKLM-x32\...\{36F6E986-D2D1-403C-8BD3-D95EF7BC705D}}_is1) (Version: 5.0.109 - MSI) Livestreamer 1.8.0 (HKLM-x32\...\Livestreamer) (Version: - ) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Mazaika 2.7 (HKLM-x32\...\Mazaika_is1) (Version: - Boris A. Glazer) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Project Professional 2013 (HKLM\...\Office15.PRJPRO) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPRO) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE) Mortal Kombat Komplete Edition (HKLM-x32\...\Steam App 237110) (Version: - NetherRealm Studios) Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{402E168F-CC02-11E3-812F-F04DA23A5C58}) (Version: 13.0.932 - Sony) MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD) MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD) NBA 2K13 (HKLM-x32\...\{D96B6543-A0C0-4351-AF96-73DEF1DD6820}) (Version: 1.0.0 - 2K Sports) NBA 2K14 (HKLM-x32\...\{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}) (Version: 1.0.0 - 2K Sports) NetWorx 5.2.7 (HKLM\...\NetWorx_is1) (Version: - Softperfect Research) NVIDIA 3D Vision Controller Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation) NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation) NVIDIA CUDA Documentation 5.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADocumentation_5.5) (Version: 5.5 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation) NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation) NVIDIA Nsight Visual Studio Edition 3.1.0.13141 (HKLM\...\{46665C63-E5FA-45FE-ACBC-C1B6A78483F3}) (Version: 3.1.0.13141 - NVIDIA Corporation) NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version: - Silver Dollar Games) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version: - Spiral Game Studios) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert) RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.4-1.0.7299.14 - raidcall.com) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0 beta r2022 - ) Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.10 - Razer Inc.) Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 5.1.2 (HKLM-x32\...\RTSS) (Version: 5.1.2 - Unwinder) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.) SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden Sid Meier's Civilization V Brave New World (HKLM-x32\...\U2lkTWVpZXJzQ2l2aWxpemF0aW9uVg==_is1) (Version: 1 - ) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion) Sniper Ghost Warrior 2 (HKLM-x32\...\Sniper Ghost Warrior 2_is1) (Version: - ) Speccy (HKLM\...\Speccy) (Version: 1.22 - Piriform) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spotify (HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version: - Firefly Studios) Symphony (HKLM-x32\...\Steam App 207750) (Version: - Empty Clip Studios) Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) The Showdown Effect (HKLM-x32\...\Steam App 204080) (Version: - Arrowhead Game Studios) The T-Pain Effect Bundle (HKLM-x32\...\The T-Pain Effect Bundle_is1) (Version: 1.02 - iZotope, Inc.) TI-Nspire™ CAS Student Software (HKLM-x32\...\{F03A8756-7FCB-4DCD-9AC1-12C63A6075F1}) (Version: 3.9.0.463 - Texas Instruments Inc.) Titan Quest (HKLM-x32\...\Steam App 4540) (Version: - Iron Lore Entertainment) Tombraider (HKLM-x32\...\Tombraider_is1) (Version: - ) Tracker (HKLM-x32\...\OSP Tracker) (Version: 4.82 - Open Source Physics) Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte) Unified Remote (HKLM-x32\...\{BD96B1DF-2A2E-4ED1-B255-F8050DEB1B3D}) (Version: 2.14.2.0 - Unified Remote) Unity Web Player (HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Virtual DJ Pro Full - Atomix Productions (HKLM-x32\...\Virtual DJ Pro Full - Atomix Productions) (Version: - ) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.) WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WTFast 3.2 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 3.2.12.259 - Initex & AAA Internet Publishing) XBMC (HKU\S-1-5-21-929801286-2439710914-3047627991-1000\...\XBMC) (Version: - Team XBMC) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 07-01-2015 03:18:55 Installed AVG 2015 07-01-2015 03:19:13 Installed AVG 2015 ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {027A7BED-2665-4887-87D7-0DE6DDF4F1E8} - System32\Tasks\{4F96AF2A-D01B-403C-B324-A91ECEAC2489} => pcalua.exe -a "C:\Users\Jonard\Downloads\StartD2MP (1).exe" -d C:\Users\Jonard\Downloads Task: {03BB3A88-FE9F-4584-96DC-90475A8D7221} - System32\Tasks\{1936A6A7-1E99-48D2-B5A3-97B3B8D078DD} => pcalua.exe -a "C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Dependencies\dotnetfx35.exe" -d "C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Dependencies" Task: {0B1C0290-6CA4-44FE-A64D-35DB55BB8A9B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {0FC7B48F-7961-4E91-A9D0-A436D3721979} - System32\Tasks\{B7E5F235-6C5C-410E-9B6F-208D40F3984A} => pcalua.exe -a C:\Users\Jonard\Downloads\Programs\vcredist_x86.exe -d C:\Users\Jonard\AppData\Roaming\IDM Task: {33BE316E-394C-4257-BB5F-B6A57F50349F} - System32\Tasks\{FC4DC3D0-4450-4E86-A1CA-AAEE51AD25A7} => pcalua.exe -a "C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2" -c /register Task: {348D2F6E-7523-4C86-AB41-2F5B11B4861C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {3A476F30-9402-4FDA-B04A-7AAE2D9FDA21} - System32\Tasks\gg_uac_daemon_Jonard => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2013-07-10] () Task: {3D95F4D2-DC62-42F3-9EA4-50002DBCA283} - \EPUpdater No Task File <==== ATTENTION Task: {3DFB0315-65A0-4D4D-B8AA-DA93CC5A0543} - System32\Tasks\Core Temp Autostart Jonard => C:\Program Files\Core Temp\Core Temp.exe [2013-03-01] () Task: {599F3D7A-7DD6-4F2D-B44D-2226A4D6F8FE} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION Task: {5AD0EC59-DA5F-4AAA-AD17-85554FE373EE} - System32\Tasks\{A60CB732-D086-419E-A40C-ACC34A8C627D} => pcalua.exe -a "C:\Program Files (x86)\TI Education\TI-Nspire CAS Student Software\TI-Nspire CAS Student Software.exe" Task: {648C69DD-8F51-416C-A875-8FACF7ACF232} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-22] (Piriform Ltd) Task: {70A13F36-D181-4ECD-A1F9-50F65172B73E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {7321B985-C18B-4B1E-9A0E-76D6E750B9DD} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-02-04] () Task: {8F05BF14-3406-4C5F-A89A-925B479A6A61} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {928DD18B-AFFF-472D-ABA8-9D2591E5930B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-06] (Google Inc.) Task: {B12F4381-C343-492B-8A8B-B954E88EB46F} - System32\Tasks\{426AAF4E-4F8E-49E4-9E1E-66EEE8343156} => C:\Program Files (x86)\Origin\Origin.exe Task: {BDA784CB-C82C-447E-845A-8595BBA343F3} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION Task: {C33B574E-D9E5-41B2-96E8-7C26AE0CDD10} - System32\Tasks\{BCF29404-194D-4D8B-B988-E0A660A39943} => pcalua.exe -a C:\Users\Jonard\Downloads\StartD2MP.exe -d C:\Users\Jonard\Downloads Task: {C343AC01-3D2C-4EFA-8329-63E44CD3E0A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-06] (Google Inc.) Task: {C9159835-6F47-42BD-A72C-6E44563E6731} - System32\Tasks\{F3FEBC18-7421-4E69-83CF-B67320F5CC67} => pcalua.exe -a C:\Users\Jonard\Downloads\Programs\vcredist_x86_2.exe -d C:\Users\Jonard\AppData\Roaming\IDM Task: {D6FF7E9B-712D-4843-900B-BF2FF3EA2F05} - System32\Tasks\{DCB96D00-FCF6-416B-969D-3DB8DC065D0A} => C:\Program Files (x86)\Origin\Origin.exe Task: {EA4D3010-45FC-4638-8AFA-1AF4AE65CDE7} - System32\Tasks\{AB54B34A-497F-4283-9C81-74E6C3416CC8} => C:\Program Files (x86)\Origin\Origin.exe Task: {F06A138D-9ED8-43FD-AAA6-B35EE87F562D} - \BrowserProtect No Task File <==== ATTENTION Task: {FA5DF392-3A1E-41AB-9098-98DEF2E94965} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Jonard-PC-Jonard Jonard-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2013-09-10] (Microsoft Corporation) Task: {FE0C5078-5B8C-48C8-8F0D-BBC0902AFA5A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-10-17 11:25 - 2013-10-17 11:25 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Jonard\Downloads\RazerSurroundInstaller_v2.00.10.exe:BDU AlternateDataStreams: C:\Users\Jonard\Downloads\StartD2MP (7).exe:BDU ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Users^Jonard^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide MSCONFIG\startupreg: MurGee.com Auto Clicker => C:\Users\Jonard\AppData\Local\Auto Clicker\AutoClicker.exe :silent MSCONFIG\startupreg: NetWorx => "C:\Program Files\NetWorx\networx.exe" /auto MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" MSCONFIG\startupreg: RocketDock => "C:\Program Files (x86)\RocketDock\RocketDock.exe" MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Spotify => "C:\Users\Jonard\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Jonard\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: uTorrent => "C:\Users\Jonard\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED MSCONFIG\startupreg: WTFast Tray => "C:\Program Files (x86)\WTFast\WTFast.exe" trayonly ========================= Accounts: ========================== Administrator (S-1-5-21-929801286-2439710914-3047627991-500 - Administrator - Disabled) Guest (S-1-5-21-929801286-2439710914-3047627991-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-929801286-2439710914-3047627991-1002 - Limited - Enabled) Jonard (S-1-5-21-929801286-2439710914-3047627991-1000 - Administrator - Enabled) => C:\Users\Jonard ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Security Processor Loader Driver Description: Security Processor Loader Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: spldr Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (01/07/2015 04:41:36 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/07/2015 03:14:12 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: Product: Chrome Remote Desktop Host -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2739. The arguments are: , , Error: (01/07/2015 03:12:55 AM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/07/2015 03:12:55 AM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: The search service has detected corrupted data files in the index {id=3800}. The service will attempt to automatically correct this problem by rebuilding the index. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/07/2015 03:12:35 AM) (Source: Application Error) (EventID: 1005) (User: ) Description: Windows cannot access the file C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\43a5fc0dffa4a254749608452df27b6a\PresentationCore.ni.dll for one of the following reasons: there is a problem with the network connection, the disk that the file is stored on, or the storage drivers installed on this computer; or the disk is missing. Windows closed the program Razer Synapse because of this error. Program: Razer Synapse File: C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\43a5fc0dffa4a254749608452df27b6a\PresentationCore.ni.dll The error value is listed in the Additional Data section. User Action 1. Open the file again. This situation might be a temporary problem that corrects itself when the program runs again. 2. If the file still cannot be accessed and - It is on the network, your network administrator should verify that there is not a problem with the network and that the server can be contacted. - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from a backup copy. 5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for further assistance. Additional Data Error value: C0000185 Disk type: 3 Error: (01/07/2015 03:12:35 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RzSynapse.exe, version: 1.18.18.23036, time stamp: 0x545732e1 Faulting module name: clr.dll, version: 4.0.30319.18063, time stamp: 0x526767c6 Exception code: 0xc0000006 Fault offset: 0x00008434 Faulting process id: 0x9a4 Faulting application start time: 0xRzSynapse.exe0 Faulting application path: RzSynapse.exe1 Faulting module path: RzSynapse.exe2 Report Id: RzSynapse.exe3 Error: (01/07/2015 03:11:08 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: RzSynapse.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Runtime.InteropServices.SEHException Stack: at System.Windows.Media.Imaging.BitmapDecoder.CreateFromUriOrStream(System.Uri, System.Uri, System.IO.Stream, System.Windows.Media.Imaging.BitmapCreateOptions, System.Windows.Media.Imaging.BitmapCacheOption, System.Net.Cache.RequestCachePolicy, Boolean) at System.Windows.Media.Imaging.BitmapFrame.CreateFromUriOrStream(System.Uri, System.Uri, System.IO.Stream, System.Windows.Media.Imaging.BitmapCreateOptions, System.Windows.Media.Imaging.BitmapCacheOption, System.Net.Cache.RequestCachePolicy) at System.Windows.Media.ImageSourceConverter.ConvertFrom(System.ComponentModel.ITypeDescriptorContext, System.Globalization.CultureInfo, System.Object) at System.Windows.Baml2006.TypeConverterMarkupExtension.ProvideValue(System.IServiceProvider) at MS.Internal.Xaml.Runtime.ClrObjectRuntime.CallProvideValue(System.Windows.Markup.MarkupExtension, System.IServiceProvider) at MS.Internal.Xaml.Runtime.PartialTrustTolerantRuntime.CallProvideValue(System.Windows.Markup.MarkupExtension, System.IServiceProvider) at System.Xaml.XamlObjectWriter.Logic_ProvideValue(MS.Internal.Xaml.Context.ObjectWriterContext) at System.Xaml.XamlObjectWriter.Logic_AssignProvidedValue(MS.Internal.Xaml.Context.ObjectWriterContext) at System.Xaml.XamlObjectWriter.WriteEndMember() at System.Xaml.XamlWriter.WriteNode(System.Xaml.XamlReader) Error: (01/07/2015 03:09:16 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/07/2015 02:58:17 AM) (Source: SideBySide) (EventID: 59) (User: ) Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3. Invalid Xml syntax. Error: (01/07/2015 02:54:13 AM) (Source: SideBySide) (EventID: 59) (User: ) Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3. Invalid Xml syntax. System errors: ============= Error: (01/07/2015 04:49:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (01/07/2015 04:49:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (01/07/2015 04:49:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (01/07/2015 04:48:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (01/07/2015 04:48:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (01/07/2015 04:48:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (01/07/2015 04:48:12 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (01/07/2015 04:48:12 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (01/07/2015 04:48:12 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (01/07/2015 04:47:08 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Microsoft Office Sessions: ========================= Error: (01/07/2015 04:41:36 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/07/2015 03:14:12 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: Product: Chrome Remote Desktop Host -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2739. The arguments are: , , (NULL)(NULL)(NULL)(NULL)(NULL) Error: (01/07/2015 03:12:55 AM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) The catalog is corrupt Error: (01/07/2015 03:12:55 AM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) 3800 Error: (01/07/2015 03:12:35 AM) (Source: Application Error) (EventID: 1005) (User: ) Description: C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\43a5fc0dffa4a254749608452df27b6a\PresentationCore.ni.dllRazer SynapseC00001853 Error: (01/07/2015 03:12:35 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: RzSynapse.exe1.18.18.23036545732e1clr.dll4.0.30319.18063526767c6c0000006000084349a401d029cadc62dabaC:\Program Files (x86)\Razer\Synapse\RzSynapse.exeC:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dlld314d68d-95be-11e4-9cff-d43d7e293e0a Error: (01/07/2015 03:11:08 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: RzSynapse.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Runtime.InteropServices.SEHException Stack: at System.Windows.Media.Imaging.BitmapDecoder.CreateFromUriOrStream(System.Uri, System.Uri, System.IO.Stream, System.Windows.Media.Imaging.BitmapCreateOptions, System.Windows.Media.Imaging.BitmapCacheOption, System.Net.Cache.RequestCachePolicy, Boolean) at System.Windows.Media.Imaging.BitmapFrame.CreateFromUriOrStream(System.Uri, System.Uri, System.IO.Stream, System.Windows.Media.Imaging.BitmapCreateOptions, System.Windows.Media.Imaging.BitmapCacheOption, System.Net.Cache.RequestCachePolicy) at System.Windows.Media.ImageSourceConverter.ConvertFrom(System.ComponentModel.ITypeDescriptorContext, System.Globalization.CultureInfo, System.Object) at System.Windows.Baml2006.TypeConverterMarkupExtension.ProvideValue(System.IServiceProvider) at MS.Internal.Xaml.Runtime.ClrObjectRuntime.CallProvideValue(System.Windows.Markup.MarkupExtension, System.IServiceProvider) at MS.Internal.Xaml.Runtime.PartialTrustTolerantRuntime.CallProvideValue(System.Windows.Markup.MarkupExtension, System.IServiceProvider) at System.Xaml.XamlObjectWriter.Logic_ProvideValue(MS.Internal.Xaml.Context.ObjectWriterContext) at System.Xaml.XamlObjectWriter.Logic_AssignProvidedValue(MS.Internal.Xaml.Context.ObjectWriterContext) at System.Xaml.XamlObjectWriter.WriteEndMember() at System.Xaml.XamlWriter.WriteNode(System.Xaml.XamlReader) Error: (01/07/2015 03:09:16 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/07/2015 02:58:17 AM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exeC:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe0 Error: (01/07/2015 02:54:13 AM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exeC:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe0 ==================== Memory info =========================== Processor: Intel® Core i3-3225 CPU @ 3.30GHz Percentage of memory in use: 15% Total physical RAM: 8126.93 MB Available physical RAM: 6836.69 MB Total Pagefile: 16252.05 MB Available Pagefile: 14971.05 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:18.75 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:465.75 GB) (Free:269 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7F98C05A) Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== End Of Log ============================ **NOTE THAT I BOOTED ON SAFE MODE NOW AND USING IE TO POST THIS**
  15. Hello Internet, my name is Midas (Obvious alias is obvious) and I have been cleaning up some old computers around the office for a few months now. Since the latest MBAM update, I've noticed that the program tends to hang on some computers, always in the same spot (i.e. on the same file), when running a scan. I am using an free version of Malwarebytes Anti-Malware. I update the program fully before starting the scans. This has occurred about 5 times between mid September to today. More informatin: The program never stops responding, and I can even cancel a hanging scan. But I've let it sit for three hours, and it didn't budge an inch.
  16. Always recommended Malwarebytes to customers and friends but sadly this new version is bugged. The very first scan I did after upgrading worked fine. Tried various subversions of V2 free since including the latest 2.0.2.1007 and it now always hangs during the Heuristics scan. The program cannot be paused, cancelled or closed once the file count is stuck and so the process has to be killed off. I tried the usual recommendation of the uninstaller, reboot, reinstall - it makes no difference. Turning off "Use Advanced Heuristics Engine" doesn't actually turn off the Heuristics scan like you would expect. So sadly a useful utility now useless until its fixed!
  17. I am attempting to clean my daughter's laptop. She was running an expired pre-installed version of MacAfee when she clicked on a link for source data, given to her by her professor, to complete an assignment. Shortly after clicking, the PC was full of advertisements and finally locked up. She brought the laptop to me to fix. I run Malwarebytes Premium on my PC, so I attempted to clear the PC using MB. I have tried running Malwarebytes several times and it always gets stuck during the heuristic scan. Originally there was 1300+ PUP detects. I tried running in safe mode with the same results. I downloaded and installed an older version of Malwarebytes it was able to complete a scan and remove most of the PUP detections. I updated to the new version of MBAM and it still hung on the heuristic scan. I have run scans using MS Defender, and Kaspersky and both scan the laptop as clean. I downloaded and attempted to run Malwarebytes Anti-Rootkit but it also hung, even when run in safe mode. I performed the MBAM clean removal process as instructed on the forum, and the scan still hangs. My gut tells me this laptop is infected. The laptop is a Dell Series 5 UltraTouch, running 64bit Windows 8.1. I have attached the FRST.txt and addition.txt files, and the CheckResults.txt Please take a look. I would appreciate any help you can provide. Thanks. Addition.txt FRST.txt CheckResults.txt
  18. Hi, hoping someone can help Malwarebytes Anti-Malware (Premium) 2.0.1.1004 hangs everytime I try to run a "Custom Scan" If I select the Option "Scan for Rookits" and If I click on "Cancel Scan" nothing happens, I need to force MBAM to quit the program and reboot. Specially in the following paths: C:\Windows\WindowsMobile\es-ES\ *.* C:\Windows\WindowsMobile\es-ES\rapimgr.dll.mui I can't save the log, the scan never finish Should I attach the files where MBAM hangs? Thanks in advance Came
  19. Hi, malewarebytes hangs on removal. WeatherAlerts is what it seems to hang on. following this link instructions: https://forums.malwarebytes.org/index.php?showtopic=9573 files attached, please help. Don dds.txt attach.txt
  20. Hi. I am a computer tech, web designer, and help businesses and individuals remove viruses and malware on their systems using a number of hi-tech software tools. I recently purchased the Pro version of MalwareBytes Anti-Malware and have tried several times to use it at a client's business to remove the threats it found. MalwareBytes Anti-Malware Hangs for Hours When Attempting to Remove the Checked Threats - And I can't do anything else with it. The system runs Window 7 Ultimate, on a Core i7, with 16GB RAM and Several Drives of 1TB to 2TB. I want to clean up my client's system before doing a Windows 7 Ultimate "Repair" to further clean up other issues. Would appreciate some help. Thanks in advance, - Carlos P.S. I have attached screenshots of the files it found and I have checked. The unchecked files are installations of my own set of tools to help my clients and appear as malware because of the way they scour the computer.
  21. My PC has been running slower and slower and hangs periodically for 3-10 minutes while the hard drive grinds away. I have removed several bugs in the past but I suspect my machine is still infected. I would wipe it and rebuild from scratch but the OS and MS Office has limited install rights. Any help you can provide would be appreciated. I'm just not sure where to start. Here is the most recent Malwarebytes log: Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.10.27.06 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Admin :: DELL1 [administrator] 10/28/2012 12:53:41 PM mbam-log-2012-10-28 (12-53-41).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 231904 Time elapsed: 12 minute(s), 9 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.