Jump to content

Search the Community

Showing results for tags 'boot'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 25 results

  1. I realize that this is a very anecdotal report but I wanted to mention it nonetheless... I recently updated from Malwarebytes 4.8.12 to 4.10.4 using the apps built-in updater on a MacBook (Mid 2010) running macOS 10.13.6 (with FileVault enabled.) Shortly afterwards I restarted the machine, selected a user and entered the password. The fans on the machine started running at seemingly full blast and the login progress bar failed to show any activity. This continued for at least 20 minutes at which point I reluctantly decided to force the machine to power off by holding down the power button. After waiting a few minutes I powered on the machine and was able to successfully login and boot up.
  2. I used Malwarebytes Free to scan my pc because of this stubborn Generic Trojan KD virus I could not remove. My anti virus that I'm using is Bitdefender. It detects and blocks it but it couldn't remove no matter what I do. I tried using other free malware alternatives but they still couldn't remove this Trojan. While Malwarebytes was scanning, it caused this issue. This happened before which is why I was hesitant in using and purchasing Malwarebytes. But after searching far and wide in the internet, many are praising malwarebytes as the best one out there. But my issue is that it causes this error and I can't fix it anymore. Please help me! Thank you
  3. Hi all, First time with this type of trouble and I've come across this forum via a Google search which I had started reading through this thread here: I will try to do my best here in understanding and communicating with the everyone and your knowledge. Thank you in advance for any help. I'll try and keep this simple and broken down into what I know. To start I am running Windows 10 on a Cyberpower PC that I purchased about 3 months ago. As briefly as I can be I use this PC strictly for iRacing and use only a limited number of applications that run along with it. I use Chrome as a web browser which is pretty much just familiarity and a preference. This whole adventure started when the command prompt opened on me in the middle of a race. I noticed in the task bar following this race that Internet Explorer and Chromium were there. Not thinking too much of it as this was the first time it happened I unpinned them and continued what I was doing. This happened again several hours later and I got to investigating this Chromium deal. I am now familiar with what it is and how it works and I also learned more about Electron and how it operates some of the apps I use such as Discord and Simracingapps. More familiar with how this all comes together I continued with trying to get these apps removed. Im almost positive I had uninstalled Chromium via the command prompt and a hidden folder in This PC>Windows(C:)>Users. I also took a second look at SAntivirus which is my fault for not noticing sooner and I found out all about that.. I followed instructions to remove SAntivirus by rebooting in "Safe Mode with Networking". The following step is to download and install Malwarebytes. As there seems to be no way to connect via WI-FI in this mode (which is currently all I am able to use) I downloaded on my Surface and tried to install but it still needs to download during this time so I could not do so. I went on to the next steps as they were 2 more removal softwares so I figured leaving one out would be just fine. These were HitmanPro and then Adwdefender. Following the instructions to reboot after the Adwdefender scan all I booted to was a black screen. I restarted using the power button on the tower out of frustration at this point with this already being a 4 hour headache. When I powered back on I navigated back to where I was given the options that included "Safe Mode with Networking" and others. Since I was familiar with that one during this process I chose it. Boot to black screen. Reset again and believe I chose the startup troubleshooting after finding it and chose some type of boot recovery. This is where i was starting to see red so I cant remember exactly and I dont want to really do much else on here using that route unless instructed to do so. But that sounds about right. This went through and finished and the pc booted and I am at my desktop and logged in. Now whatever it did to recover gave me a sigh of relief but now I have the apps that I originally started this process to try and remove(Chromium and SAntivirus)back again along with 2 or 3 others that I have decided not to use and had previously uninstalled. All I want is Chromium off of my computer for good. I'm sick of saying the word. I'm sick of looking at it. SAntivirus Realtime Protection Lite off my computer for good. I'm already planning on being more vigilant for these things as the SA snuck in thetr on me. Also using all three of these softwares in the future to help me do thst... if Malwarebytes doesn't hang up on installing that would be great too. Seems I'm at a point here where I can try this all again with some of your help. Thank you for your time, Ryan
  4. Long story short, I downloaded a file which contains a virus; tried to run CCleaner, Avast, and finally Safe mode, when I realized keyboard is disabled during boot. I thought of system restoring using Comodo Time Machine, but that was after booting Safe Mode. After I reboot, I can't boot into safe mode, and Comodo is hindering me with something I need to press OK for, but keyboard isn't working.
  5. Since I paid the license of Malwarebytes, my PC became heavy. While free/trial, it was not, not at all. There is too much hard disk activity durig Windows boot up and still a while later. It slurp my battery. My notebook is a HP Pavilion x360, Intel Core-M 2.0GHz, 4 GB ram, 1 TB HD. Before the license, Windows loading process was not that fast but now is that slow. Sometimes, Malwarebytes stays doing scans without I ask. I'd like an option to override obligatory scans.
  6. I have a Z87-g45 gaming motherboard and I can't get it to boot to usb. My computer completely crashed after I ran hitman and malewarbytes. I ran both scans and each told me a restart was needed so I waited for both to finish since they both required a restart. Prob was not good idea since now my computer won't boot at all. Once I was prompted of a failed startup I chose to restart from last known good configuration. It just got hung on the starting Windows screen for over 3 hours. So I tried changing the bios to ufei instead of legacy+ufei and tried to see if that helped. It didn't. I've tried restoring bios to defaults to see if it helped it did not. Stuck on loading Windows screen. I took the battery out of the mother board and left it out for 5 mins and tried to start it. Same thing stuck on loading Windows. After trying to load to safe mode with network and without network and trying to load to command prompt and it all still getting stuck I decided to go purchase a new computer to try to get some recovery software to try to fix the problem. So my first choice of programs to try is Hiren. I downloaded Hiren and it was an iso file. So I formatted my usb thumbnail to Fat32 and used PowerISO to burn the Hiren ISO to the usb. (Using the create bootable usb option) after it was finished burning to the usb. I removed it from computer and put it into broken PC. Booted PC up and push F10 till I got to the bios. Changed boot priority to #1 uefi usb #2 usb. Saved changes and restarted. Went to stuck loading Windows screen. Power off, power on F10 changed bios from uefi+legacy to just uefi and booted usb first priority. Saved and rebooted. Went to stuck loading Windows screen. Figured I'd just try to see if command promp would work. Power off, power on F10 changed to default bios settings saved and restarted. Windows failed to load restart with command promp. Stuck on Windows loading screen but it finally worked and I was in command promp. Trying several commands to figure out what drive the usb was and looking on Google trying to find list of commands to use with command prompt. The computer automatically just restarted and I didn't even execute any command. Now unsure I can get to command prompt again. Tried rebooting again and again about 4 or 5 times and get stuck on Windows loading screen and no option of boot to command prompt. I can get to efi shell easily but don't think that's gonna help me with what I need. I honestly don't know what I should run off of hirens even if I do get it to run. I'll use to research Google as I go. My biggest problem is trying to get the usb to load then if someone would like to walk me to diagnose the problem id be forever grateful! Please help me. I've repaired computers that have crashed before but this is first time this computer with this motherboard has crashed and I just can't get it to do right and it's been killing many days just watching a stuck screen. Please! TY in advance!
  7. Hello, My pc apparently has been infected with annoying adware. When I start up my PC, a CMD window flashes, then chrome starts up with an ad page called www.dipladoks.org I ran Malwarebytes, Windows Defender, even in safe mode. I cleaned up my chrome settings, and checked my PC using chrome, yet nothing seems to work
  8. Hello,  Just installed new version 3 of MBAM on my computer, over a v2 that I had since years. Installed this V3 yesterday, reboot today, and no more boot, win stops & blocked just after powering up, on win logo. (win 10 x64 pro) At first, didn't even made a relation between no boot and MBAM, but, after I tried win tools to fix, with no success, I booted on Malekal liveCd USB key to have a look at "srtTrail.txt" in c:\windows\system32\logfiles\Srt, then I found an error with the bootres.dll. I googled a few, and found a thread here related to MBAM, srttrail, and bootres.dll. Now, it seems evident that the fresh MBAM installation (yesterday) is linked to my non-boot today, my Win10 is clean, and never caused me any boot neither stability trouble. So, I need, please, help...? What i've done, first, is using a restore point, didn't solve anything. Then, may be it was not intelligent, was to use the "fixlist.txt" you attached to the thread mentioned above. (of course ?) didn't solve my problem...? ... So, what I can do is to attach my original FRST log, done before using the fixlist > file "FRST_1.txt" I also attach the fixlist I used, given on the thread above mentioned > file "Fixlog.txt" I also attach the second FRST log, the lastest a actual, done after I used the Fixlog > file "FRST_2.txt". Done nothing else since, except rebooting on my Malekal LiveCD, to post on this forum. So the FRST_2.txt is my actual report. Hoping you'll be able to build me an efficient fixlog, or any other solution... THX ? FRST_1.txt Fixlog.txt FRST_2.txt
  9. Hey guys I recently upgraded to windows 8 through a Bootable USB and in the Bios settings I didn't see the USB option for boot in USB section but I got the USB option in hard disk and I booted my computer and everything worked fine but whenever I restart the PC I get a error USB not found for boot! Whereas I have already successfully installed Windows on my computer, so I insert the USB without pressing anything do I don't go to any setup of the windows and while I wait for seconds I get the windows working normally and fine! When I login my computer I remove the USB and nothing is special as my windows runs properly when I remove USB only after I insert it and want for login the computer and then remove it! Please help because I need the perceive for other purpose and it's weird to insert USB Everytime! Thanks,
  10. i have windows 7 dual installed with linux working just fine, and then i downloaded a torrent file with a codec pack exe file, and the video would'nt still work, so i uninstalled software from the uninstaller in windows, and i ran a adaware from malwarebytes, and then it cleaned it all up and then it restart, and wont boot up again, grub boot menu comes up and when i choose linux it starts, but when i choose windows it comes only blackscreen with this _/- its "-" or "_" just blinking, nothing happends after that been on for hours nothing, when control alt delete it reboots. no sign of windows boot logo or anything else. how can i fix this asap? thx in advance for everybit of information that might help :)) im currently logged into my linux.
  11. ok so today i was on my computer and everything was fine, then the malawarebytes tray application popped up and said "scan complete. there may be one or more viruses on your computer" or something along those lines bec i wasnt really paying attention but i found the forum where someone had the same original problem as i did, but mine is different now, but here is the forum post that was like my problem. so i read through it and it was exactly like my problem, but before i found this forum, i found a differant one and followed the instructions there, but they were for a differant problem that was simular to mine, but just made my problem worse, i am linking that forum as well to show u what i did. http://www.techsupportforum.com/forums/f217/solved-startup-repair-cannot-repair-this-computer-automatically-768938-2.html at post #39 it gave me the screen on startup "Windows has failed to start. A recent hardware or software change might be the cause. to fix the problem: 1.Insert your windows installation disc then restart your computer. 2.choose your language settings then click next. 3.click "repair your computer." if you do not have this disc, contact your system administrator or computer manufacturer for assistance. File: /windows/system32/drivers/mbamswissarmy.sys status: 0xc0000098 info:windows has failed to load because a critical system driver is missing or corrupt." and now i dont know what to due bec there is no other person who is stupid to follow instructions on a forum without making sure it fits their situation exactly. please help.
  12. In attempt to resolve the "Cannot "Allow" MalwareBytes system extension with 10.13 (High Sierra)" issue I disconnected my TeamViewer session and had the client click on Allow. Then took another remote session. The Security setting was allowed and the installer completed successfully. Then I restarted. The iMac no longer starts up. Apple Logo, progress bar slowly moves toward 100% but never completes. I tried having her boot into Safe Mode but that didn't work either. Even if it is Apple's fault. The computer was not having problems prior to installing Malwarebytes for Mac. This is terrible behavior for Malwarebytes and makes me look bad. I mean I'm a Malwarebytes partner and I recommended installing this application. Now I cannot charge for the hours of support. This client is also a friend and she is 265 miles from my office. So I either have to walk this 80 years-of-age woman through booting the iMac into Recovery mode and restoring her computer from her Time Machine backup, or I have to drive up there to fix this. This is the last time I install Malwarebytes remotely. I am hoping someone has seen this and has a simple fix, fingers crossed!
  13. Howdy, Every time I install, it says it needs to reboot to complete, after reboot, it tries to install, says it needs to reboot to complete, etc. I read through: and I don't have the registry keys for: 1. HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1 2. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1 Attached are my results from Check, Clean, and FRST. Thanks, Harold mb-check-results.zip
  14. I received a malware alert about 2 files from my avast anti-virus, it recommended that I press OK to delete them, I did, and then it said something about a " boot scan " and I pressed OK, my system started to restart ( I realized what a boot scan was, haha ) then instead of the usual boot up things with the logo and stuff it started a scan, since I knew those 2 files were not malware I canceled the scan and Windows started, but the screen was darker, taskbar was back to classic style, sound was disabled, the wi-fi icon didn't even appear, and my usb mouse was not working but my phone was connected and charging, I couldn't do some things like adjust the brightness, etc. After I went to dr. Google in order to find a fix I found a forum thread and the recommended fix was to go to msconfig, services tab, and check enable all. Indeed my services were all stopped except for the Avast Anti-Virus ones, I enabled all, restarted, everything returned to normal except my mouse which is not working at all, no lights as well. (Had problems with this when mouse's under light and clicks were working but the cursor was not moving ) . My phone connects through USB normally. Everything seems to be working normally except for my mouse. Connected it to other PC's and the mouse works normally there.
  15. Hello, My windows 8.1 cannot start and shows up error message with blue screen about: mbamswissarmy.sys is missing. I can't succeed enter to windows also with safe mode can I run FRST64 and send the logs here? Thanks. Roy
  16. Hi I recently Installed a New CPU fan as mine was getting hot for some reason. I went to boot my PC after installing the new fan and I now get the message "That a critical driver is missing2 This appears to be "system32/driver/MBAMSwissarmy.sys" which apparently something to do with Malwarebytes" I cant get past the boot menu so I cant get onto my PC. Is this a virus and how do i fix it?
  17. I've installed the latest Anti-Ransomware Beta and no problems getting the protection active. But ever since installing it have very often trouble signing into Windows after a reboot/restart. When this happens, either the screen turns black after signing in and stays that way or I get a message that I'm signed out of Windows because of problems. So, then every time those problems happen I either need to push the power button in the former case since nothing else is working or do a restart in the latter case. For now I have uninstalled it and have no more those problems, but miss very much the protection. What can be done to get this annoyance fixed since I'm very interested in Anti-Ransomware.
  18. First of all I have to apologize if my english is not good enough please ask if there is anything that need to be clarifies I need help I cant boot my system after restarting after finish scanning with malwarebytes and detecting+removing a few malware. These error keep showing I cannot even boot in safe mode. windows boot manager File : D:\windows\system32\drivers\qibx.sys Status: 0xc0000098 Info: Windows failed to load because a critical system driver is missing, or corrupt Ive have made a copy of windows 7 os in my flash drive and try to fix with run startup repair but not working
  19. Hello, I have run Malawarebytes on my computer (free version) for several years now always with great results. Like a month ago I downloaded the available version (I do not have internet at all times), but I did not run it until now. However, this time my windows xp boots when Malawarebytes is getting ready to scan (before it actually starts the scan there is a progress bar). When the progress bar is about to complete, my screen computer goes blue, white letter come up with a long message. The blue screen is less than a secon, then it automatically boots. I have tried both in normal mode and safety mode with the same result. I dont know if this is related to my pendrive or as someone told me to a nasty infection my computer has. Please advise and thanks in advance!
  20. Hi all, I installed and ran Malwarebytes on my Win7 Lenovo laptop because of some malware that had appeared on it. I put the selected files in quarantine and now the machine boots to the point of showing me the desktop but that's it, it hangs and nothing will launch. Normal or safe mode Help?! John
  21. Hello! I changed from Panda Cloud Antivir to test out Malwarebytes. I am running 2.0.2.1012 Free version. The antivir doesn't start when I boot my machine, and hasn't made a startup event in msconfig. Is this normal behavior of the Free version or is there a problem?
  22. Hello After installing and running malwarebytes it did a scan and i choose to put the bad files in quarentine. After that he asked to restart and since then I can't do anything anymore including running windows 7 in safe mode. So I ran the farbar recovery tool and this is what I got but I don't know what to do next. Thanks Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014 Ran by SYSTEM on MININT-V08F039 on 03-08-2014 19:22:17 Running from F:\ Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log. The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [296960 2010-11-20] (Microsoft Corporation) HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-05-11] (Malwarebytes Corporation) HKU\-\...\Run: [uTorrent] => C:\Users\-\AppData\Roaming\uTorrent\uTorrent.exe [1413200 2014-08-01] (BitTorrent Inc.) HKU\Default\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\Default User\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 TBSrv; C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe [350528 2014-04-10] (ClientConnect Ltd.) S3 sppsvc; %SystemRoot%\system32\sppsvc.exe [X] S3 sppuinotify; %SystemRoot%\system32\sppuinotify.dll [X] S3 WatAdminSvc; %SystemRoot%\system32\Wat\WatAdminSvc.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S0 bjxsqjjm; C:\Windows\System32\drivers\ofch.sys [79064 2014-08-03] (Malwarebytes Corporation) S2 secdrv; No ImagePath S3 AcpiPmi; \SystemRoot\system32\drivers\acpipmi.sys [X] S3 adp94xx; \SystemRoot\system32\drivers\adp94xx.sys [X] S3 adpahci; \SystemRoot\system32\drivers\adpahci.sys [X] S3 adpu320; \SystemRoot\system32\drivers\adpu320.sys [X] S3 agp440; \SystemRoot\system32\drivers\agp440.sys [X] S3 aliide; \SystemRoot\system32\drivers\aliide.sys [X] S3 amdide; \SystemRoot\system32\drivers\amdide.sys [X] S3 AmdK8; \SystemRoot\system32\drivers\amdk8.sys [X] S3 amdkmdag; system32\DRIVERS\atikmdag.sys [X] S3 amdkmdap; system32\DRIVERS\atikmpag.sys [X] S3 AmdPPM; \SystemRoot\system32\drivers\amdppm.sys [X] S3 amdsata; \SystemRoot\system32\drivers\amdsata.sys [X] S3 amdsbs; \SystemRoot\system32\drivers\amdsbs.sys [X] S0 amdxata; system32\drivers\amdxata.sys [X] S3 arc; \SystemRoot\system32\drivers\arc.sys [X] S3 arcsas; \SystemRoot\system32\drivers\arcsas.sys [X] S3 b06bdrv; \SystemRoot\system32\drivers\bxvbda.sys [X] S3 b57nd60a; system32\DRIVERS\b57nd60a.sys [X] S3 BCM43XX; system32\DRIVERS\bcmwl664.sys [X] S1 blbdrive; system32\DRIVERS\blbdrive.sys [X] S3 BrFiltLo; \SystemRoot\system32\drivers\BrFiltLo.sys [X] S3 BrFiltUp; \SystemRoot\system32\drivers\BrFiltUp.sys [X] S3 Brserid; \SystemRoot\System32\Drivers\Brserid.sys [X] S3 BrSerWdm; \SystemRoot\System32\Drivers\BrSerWdm.sys [X] S3 BrUsbMdm; \SystemRoot\System32\Drivers\BrUsbMdm.sys [X] S3 BrUsbSer; \SystemRoot\System32\Drivers\BrUsbSer.sys [X] S3 BTHMODEM; \SystemRoot\system32\drivers\bthmodem.sys [X] S3 circlass; \SystemRoot\system32\drivers\circlass.sys [X] S3 cmdide; \SystemRoot\system32\drivers\cmdide.sys [X] S0 Compbatt; system32\DRIVERS\compbatt.sys [X] S4 crcdisk; \SystemRoot\system32\drivers\crcdisk.sys [X] S3 ebdrv; \SystemRoot\system32\drivers\evbda.sys [X] S3 elxstor; \SystemRoot\system32\drivers\elxstor.sys [X] S3 ErrDev; \SystemRoot\system32\drivers\errdev.sys [X] S3 fdc; \SystemRoot\system32\drivers\fdc.sys [X] S3 flpydisk; \SystemRoot\system32\drivers\flpydisk.sys [X] S3 gagp30kx; \SystemRoot\system32\drivers\gagp30kx.sys [X] S3 hcw85cir; \SystemRoot\system32\drivers\hcw85cir.sys [X] S3 HECIx64; system32\DRIVERS\HECIx64.sys [X] S3 HidBatt; \SystemRoot\system32\drivers\HidBatt.sys [X] S3 HidBth; \SystemRoot\system32\drivers\hidbth.sys [X] S3 HidIr; \SystemRoot\system32\drivers\hidir.sys [X] S3 HpSAMD; \SystemRoot\system32\drivers\HpSAMD.sys [X] S3 iaStorV; \SystemRoot\system32\drivers\iaStorV.sys [X] S3 iirsp; \SystemRoot\system32\drivers\iirsp.sys [X] S3 intelide; \SystemRoot\system32\drivers\intelide.sys [X] S3 IPMIDRV; \SystemRoot\system32\drivers\IPMIDrv.sys [X] S3 isapnp; \SystemRoot\system32\drivers\isapnp.sys [X] S3 LSI_FC; \SystemRoot\system32\drivers\lsi_fc.sys [X] S3 LSI_SAS; \SystemRoot\system32\drivers\lsi_sas.sys [X] S3 LSI_SAS2; \SystemRoot\system32\drivers\lsi_sas2.sys [X] S3 LSI_SCSI; \SystemRoot\system32\drivers\lsi_scsi.sys [X] S3 megasas; \SystemRoot\system32\drivers\megasas.sys [X] S3 MegaSR; \SystemRoot\system32\drivers\MegaSR.sys [X] S3 mpio; \SystemRoot\system32\drivers\mpio.sys [X] S0 msahci; system32\drivers\msahci.sys [X] S3 msdsm; \SystemRoot\system32\drivers\msdsm.sys [X] S3 MTConfig; \SystemRoot\system32\drivers\MTConfig.sys [X] S3 nfrd960; \SystemRoot\system32\drivers\nfrd960.sys [X] S3 nvraid; \SystemRoot\system32\drivers\nvraid.sys [X] S3 nvstor; \SystemRoot\system32\drivers\nvstor.sys [X] S3 nv_agp; \SystemRoot\system32\drivers\nv_agp.sys [X] S3 ohci1394; \SystemRoot\system32\drivers\ohci1394.sys [X] S3 Parport; \SystemRoot\system32\drivers\parport.sys [X] S3 pcmcia; \SystemRoot\system32\drivers\pcmcia.sys [X] S3 Processor; \SystemRoot\system32\drivers\processr.sys [X] S3 ql2300; \SystemRoot\system32\drivers\ql2300.sys [X] S3 ql40xx; \SystemRoot\system32\drivers\ql40xx.sys [X] S3 rdpbus; \SystemRoot\system32\drivers\rdpbus.sys [X] S3 RTL8167; system32\DRIVERS\Rt64win7.sys [X] S3 sbp2port; \SystemRoot\system32\drivers\sbp2port.sys [X] S3 Serenum; \SystemRoot\system32\drivers\serenum.sys [X] S3 Serial; \SystemRoot\system32\drivers\serial.sys [X] S3 sffdisk; \SystemRoot\system32\drivers\sffdisk.sys [X] S3 sffp_mmc; \SystemRoot\system32\drivers\sffp_mmc.sys [X] S3 sffp_sd; \SystemRoot\system32\drivers\sffp_sd.sys [X] S3 sfloppy; \SystemRoot\system32\drivers\sfloppy.sys [X] S3 SiSRaid2; \SystemRoot\system32\drivers\SiSRaid2.sys [X] S3 SiSRaid4; \SystemRoot\system32\drivers\sisraid4.sys [X] S3 stexstor; \SystemRoot\system32\drivers\stexstor.sys [X] S3 swenum; system32\DRIVERS\swenum.sys [X] S3 TsUsbGD; \SystemRoot\system32\drivers\TsUsbGD.sys [X] S3 uagp35; \SystemRoot\system32\drivers\uagp35.sys [X] S3 uliagpkx; \SystemRoot\system32\drivers\uliagpkx.sys [X] S3 UmPass; \SystemRoot\system32\drivers\umpass.sys [X] S3 usbcir; \SystemRoot\system32\drivers\usbcir.sys [X] S3 usbohci; \SystemRoot\system32\drivers\usbohci.sys [X] S3 usbprint; \SystemRoot\system32\drivers\usbprint.sys [X] S3 usbuhci; \SystemRoot\system32\drivers\usbuhci.sys [X] S3 vhdmp; \SystemRoot\system32\drivers\vhdmp.sys [X] S3 viaide; \SystemRoot\system32\drivers\viaide.sys [X] S3 vsmraid; \SystemRoot\system32\drivers\vsmraid.sys [X] S3 WacomPen; \SystemRoot\system32\drivers\wacompen.sys [X] S3 Wd; \SystemRoot\system32\drivers\wd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-03 19:17 - 2014-08-03 19:22 - 00000000 ____D () C:\FRST 2014-08-03 02:36 - 2014-08-03 02:36 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\ofch.sys 2014-08-03 02:14 - 2014-08-03 02:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys 2014-08-03 02:13 - 2014-08-03 17:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-08-03 02:13 - 2014-08-03 02:13 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\-\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-03 02:13 - 2014-08-03 02:13 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-08-03 02:13 - 2014-08-03 02:13 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-03 02:13 - 2014-05-11 21:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys 2014-08-03 02:13 - 2014-05-11 21:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys 2014-08-03 02:13 - 2014-05-11 21:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2014-08-03 02:11 - 2014-08-03 02:36 - 2552701033 _____ () C:\Users\-\Downloads\Blitzkrieg.rar 2014-08-03 01:51 - 2014-08-03 17:44 - 00000000 ____D () C:\Users\-\Documents\Command And Conquer Generals Zero Hour Data 2014-08-03 01:51 - 2014-08-03 01:51 - 00000000 ____D () C:\Users\-\Documents\Command and Conquer Generals Data 2014-08-02 10:23 - 2014-08-02 18:24 - 00000000 ____D () C:\Users\-\Downloads\Western Gold 2014-08-02 10:06 - 2014-08-03 02:36 - 1713151515 _____ () C:\Users\-\Downloads\The_Island.mov 2014-08-02 08:45 - 2014-08-03 17:44 - 00000000 ____D () C:\Users\-\Downloads\Die.Trying.S01E03.Yosemite.Death.Climb.PROPER.480p.HDTV.x264-mSD 2014-08-02 08:27 - 2014-08-02 10:11 - 3932717648 _____ () C:\Users\-\Downloads\BBC.The.Great.Climb.2010.Sron.Uladail.1080p.HDTV.x264.AC3.MVGroup.org.mkv 2014-08-02 08:24 - 2014-08-02 10:19 - 1832471202 _____ () C:\Users\-\Downloads\Smitten.2011.720p.mov 2014-08-02 08:21 - 2014-08-02 09:14 - 2127868769 _____ () C:\Users\-\Downloads\The Network 2013 (climbing movie).mp4 2014-08-02 08:20 - 2014-08-02 08:53 - 00000000 ____D () C:\Users\-\Downloads\The Long Hope 720p 2014-08-02 08:18 - 2014-08-02 08:18 - 00000000 ____D () C:\Users\-\Downloads\Mountaineering Freedom 2014-08-02 06:05 - 2014-08-03 17:44 - 00000000 ____D () C:\Users\-\Downloads\Subtitles-ChinaJam 2014-08-02 04:54 - 2014-08-02 05:33 - 1904167415 _____ () C:\Users\-\Downloads\China%20Jam-HD.mp4 2014-08-02 04:50 - 2014-08-02 04:50 - 00000000 ____D () C:\ProgramData\Sun 2014-08-02 04:50 - 2014-08-02 04:50 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-02 04:50 - 2014-08-02 04:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-08-02 04:49 - 2014-08-02 04:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-08-02 04:49 - 2014-08-02 04:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-08-02 04:49 - 2014-08-02 04:49 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-08-02 04:49 - 2014-08-02 04:49 - 00000000 ____D () C:\Program Files (x86)\Java 2014-08-02 04:38 - 2014-08-02 04:54 - 1845970051 _____ () C:\Users\-\Downloads\Venezuela_Jungle_Jam.HD.mp4 2014-08-01 02:04 - 2014-08-01 02:58 - 00000000 ____D () C:\Users\-\Downloads\Gomorra stagione 1 - ITA 2014-08-01 01:20 - 2014-08-02 08:33 - 00000112 _____ () C:\Windows\setupact.log 2014-08-01 01:20 - 2014-08-01 01:20 - 00000000 _____ () C:\Windows\setuperr.log 2014-08-01 01:19 - 2014-08-02 08:33 - 00001884 _____ () C:\Windows\PFRO.log 2014-07-31 07:06 - 2014-07-31 07:06 - 00000000 ____D () C:\Users\-\Downloads\Basecamp Freizeitkarte 2014-07-31 06:11 - 2014-07-31 07:37 - 00281768 _____ () C:\Users\-\Documents\BaseCamp 2014-07-31.Backup 2014-07-30 06:15 - 2014-07-30 06:16 - 10569893 _____ () C:\Users\-\Downloads\presentatie Italie.pptx 2014-07-30 04:08 - 2014-07-30 04:08 - 00220047 _____ () C:\Users\-\Documents\Kroatie 2007.gpx 2014-07-30 01:48 - 2014-08-03 17:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-30 01:42 - 2014-07-30 01:42 - 00052667 _____ () C:\Users\-\Documents\4DAAGSE.gpx 2014-07-30 01:42 - 2014-07-30 01:42 - 00017190 _____ () C:\Users\-\Documents\4DAAGSE.txt 2014-07-30 00:29 - 2014-07-30 00:29 - 00000000 ____D () C:\Users\-\Documents\My Garmin 2014-07-29 23:56 - 2014-07-30 02:45 - 00000000 ____D () C:\Users\-\Documents\Topo 2014-07-29 23:56 - 2014-07-29 23:56 - 00000000 ____D () C:\Garmin 2014-07-29 23:50 - 2014-08-03 17:44 - 00000000 ____D () C:\Users\-\AppData\Local\GARMIN_Corp 2014-07-29 23:50 - 2014-07-30 02:33 - 00000000 ____D () C:\Users\-\AppData\Local\Garmin 2014-07-29 23:50 - 2014-07-30 01:42 - 00000000 ____D () C:\ProgramData\Garmin 2014-07-29 09:31 - 2014-08-03 17:44 - 00000000 ____D () C:\Freizeitkarte 2014-07-29 09:30 - 2014-08-03 17:44 - 00000000 ____D () C:\Program Files\DIFX 2014-07-29 09:30 - 2014-07-30 02:34 - 00000000 ____D () C:\Users\-\AppData\Roaming\Garmin 2014-07-29 09:30 - 2014-07-29 09:30 - 00000000 ____D () C:\Program Files (x86)\Garmin 2014-07-29 09:22 - 2014-07-29 09:23 - 53913608 _____ () C:\Users\-\Downloads\BaseCamp_434.exe 2014-07-29 08:04 - 2014-07-29 08:04 - 00000000 ____D () C:\Users\-\AppData\Local\Adobe 2014-07-29 08:03 - 2014-07-30 04:45 - 00000000 ____D () C:\ProgramData\Adobe 2014-07-29 08:03 - 2014-07-29 08:03 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-07-29 07:06 - 2010-02-04 00:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2014-07-29 07:06 - 2010-02-04 00:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2014-07-29 07:06 - 2010-02-04 00:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2014-07-29 07:06 - 2010-02-04 00:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2014-07-29 07:06 - 2009-09-04 07:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2014-07-29 07:06 - 2009-09-04 07:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2014-07-29 07:06 - 2009-09-04 07:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2014-07-29 07:06 - 2009-09-04 07:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2014-07-29 07:06 - 2009-09-04 07:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2014-07-29 07:06 - 2009-09-04 07:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2014-07-29 07:06 - 2009-09-04 07:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2014-07-29 07:06 - 2009-09-04 07:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2014-07-29 07:06 - 2009-03-16 04:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2014-07-29 07:06 - 2009-03-16 04:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2014-07-29 07:06 - 2009-03-16 04:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2014-07-29 07:06 - 2009-03-09 05:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2014-07-29 07:06 - 2009-03-09 05:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll 2014-07-29 07:06 - 2009-03-09 05:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll 2014-07-29 07:06 - 2008-10-27 00:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2014-07-29 07:06 - 2008-10-27 00:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2014-07-29 07:06 - 2008-10-14 20:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2014-07-29 07:06 - 2008-10-14 20:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-07-29 07:06 - 2008-10-14 20:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2014-07-29 07:05 - 2014-07-29 07:05 - 00009857 _____ () C:\Windows\DirectX.log 2014-07-29 07:05 - 2008-10-27 00:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2014-07-29 07:05 - 2008-10-27 00:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2014-07-29 07:05 - 2008-07-31 00:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2014-07-29 07:05 - 2008-07-31 00:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2014-07-29 07:05 - 2008-07-31 00:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2014-07-29 07:05 - 2008-07-10 01:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2014-07-29 07:05 - 2008-07-10 01:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2014-07-29 07:05 - 2008-07-10 01:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2014-07-29 07:05 - 2008-05-30 04:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2014-07-29 07:05 - 2008-05-30 04:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2014-07-29 07:05 - 2008-05-30 04:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2014-07-29 07:05 - 2008-05-30 04:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2014-07-29 07:05 - 2008-05-30 04:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2014-07-29 07:05 - 2008-05-30 04:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2014-07-29 07:05 - 2008-05-30 04:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2014-07-29 07:05 - 2008-03-05 06:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2014-07-29 07:05 - 2008-03-05 06:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2014-07-29 07:05 - 2008-03-05 06:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2014-07-29 07:05 - 2008-03-05 05:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2014-07-29 07:05 - 2008-03-05 05:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2014-07-29 07:05 - 2008-02-05 13:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2014-07-29 07:05 - 2007-10-21 17:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2014-07-29 07:05 - 2007-10-21 17:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2014-07-29 07:05 - 2007-10-12 05:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll 2014-07-29 07:05 - 2007-10-12 05:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2014-07-29 07:05 - 2007-10-01 23:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2014-07-29 07:05 - 2007-07-19 14:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2014-07-29 07:05 - 2007-07-19 08:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll 2014-07-29 07:05 - 2007-07-19 08:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2014-07-29 07:05 - 2007-07-19 08:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2014-07-29 07:05 - 2007-06-20 10:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2014-07-29 07:05 - 2007-05-16 06:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll 2014-07-29 07:05 - 2007-05-16 06:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2014-07-29 07:05 - 2007-05-16 06:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2014-07-29 07:05 - 2007-04-04 08:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2014-07-29 07:05 - 2007-04-04 08:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2014-07-29 07:05 - 2007-03-15 06:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2014-07-29 07:05 - 2007-03-12 06:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2014-07-29 07:05 - 2007-03-12 06:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2014-07-29 07:05 - 2007-03-05 02:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2014-07-29 07:05 - 2007-01-24 05:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2014-07-29 07:05 - 2006-12-08 02:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2014-07-29 07:05 - 2006-11-29 03:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2014-07-29 07:05 - 2006-11-29 03:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2014-07-29 07:05 - 2006-09-28 06:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2014-07-29 07:05 - 2006-09-28 06:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2014-07-29 07:05 - 2006-07-27 23:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2014-07-29 07:05 - 2006-07-27 23:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2014-07-29 07:05 - 2006-05-30 21:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2014-07-29 07:05 - 2006-03-31 02:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2014-07-29 07:05 - 2006-03-31 02:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2014-07-29 07:05 - 2006-03-31 02:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2014-07-29 07:05 - 2006-02-02 22:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2014-07-29 07:05 - 2006-02-02 22:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2014-07-29 07:05 - 2006-02-02 22:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2014-07-29 07:05 - 2005-12-05 08:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2014-07-29 07:05 - 2005-07-22 09:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2014-07-29 07:05 - 2005-05-26 05:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2014-07-29 07:05 - 2005-03-18 07:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2014-07-29 07:05 - 2005-02-05 09:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2014-07-29 06:54 - 2014-08-03 13:43 - 00000000 ____D () C:\Users\-\AppData\Roaming\DAEMON Tools Lite 2014-07-29 06:53 - 2014-08-03 15:23 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-07-29 06:48 - 2014-07-29 06:48 - 00000000 ____D () C:\users\New Folder 2014-07-29 05:14 - 2014-08-03 13:43 - 00000000 ____D () C:\Program Files (x86)\7-Zip 2014-07-29 05:04 - 2014-07-29 05:04 - 00058016 _____ () C:\Users\-\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-29 05:03 - 2014-08-03 17:44 - 00000000 ____D () C:\Users\-\AppData\Roaming\uTorrent 2014-07-29 05:03 - 2014-07-29 05:03 - 00000809 _____ () C:\Users\-\Desktop\µTorrent.lnk 2014-07-29 03:18 - 2014-08-03 13:43 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-29 03:18 - 2014-07-29 03:18 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-07-09 02:02 - 2014-06-17 18:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\System32\osk.exe 2014-07-09 02:02 - 2014-06-17 17:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 02:02 - 2014-06-17 17:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2014-07-09 02:01 - 2014-06-20 12:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2014-07-09 02:01 - 2014-06-20 11:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 02:01 - 2014-06-18 17:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2014-07-09 02:01 - 2014-06-18 17:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2014-07-09 02:01 - 2014-06-18 17:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2014-07-09 02:01 - 2014-06-18 16:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2014-07-09 02:01 - 2014-06-18 16:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2014-07-09 02:01 - 2014-06-18 16:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2014-07-09 02:01 - 2014-06-18 16:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll 2014-07-09 02:01 - 2014-06-18 16:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2014-07-09 02:01 - 2014-06-18 16:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2014-07-09 02:01 - 2014-06-18 16:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2014-07-09 02:01 - 2014-06-18 16:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2014-07-09 02:01 - 2014-06-18 16:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2014-07-09 02:01 - 2014-06-18 16:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2014-07-09 02:01 - 2014-06-18 16:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2014-07-09 02:01 - 2014-06-18 16:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 02:01 - 2014-06-18 16:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2014-07-09 02:01 - 2014-06-18 16:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2014-07-09 02:01 - 2014-06-18 15:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-07-09 02:01 - 2014-06-18 15:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 02:01 - 2014-06-18 15:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2014-07-09 02:01 - 2014-06-18 15:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2014-07-09 02:01 - 2014-06-18 15:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2014-07-09 02:01 - 2014-06-18 15:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2014-07-09 02:01 - 2014-06-18 15:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2014-07-09 02:01 - 2014-06-18 15:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 02:01 - 2014-06-18 15:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 02:01 - 2014-06-18 15:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 02:01 - 2014-06-18 15:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 02:01 - 2014-06-18 15:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2014-07-09 02:01 - 2014-06-18 15:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 02:01 - 2014-06-18 15:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 02:01 - 2014-06-18 15:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 02:01 - 2014-06-18 15:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2014-07-09 02:01 - 2014-06-18 15:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2014-07-09 02:01 - 2014-06-18 15:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 02:01 - 2014-06-18 15:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 02:01 - 2014-06-18 15:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 02:01 - 2014-06-18 15:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 02:01 - 2014-06-18 15:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 02:01 - 2014-06-18 15:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 02:01 - 2014-06-18 14:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 02:01 - 2014-06-18 14:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2014-07-09 02:01 - 2014-06-18 14:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 02:01 - 2014-06-18 14:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 02:01 - 2014-06-18 14:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2014-07-09 02:01 - 2014-06-18 14:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 02:01 - 2014-06-18 14:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 02:01 - 2014-06-18 14:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 02:01 - 2014-06-18 14:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 02:01 - 2014-06-18 14:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2014-07-09 02:01 - 2014-06-18 14:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2014-07-09 02:01 - 2014-06-18 14:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 02:01 - 2014-06-18 14:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 02:01 - 2014-06-18 14:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 02:01 - 2014-06-06 02:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll 2014-07-09 02:01 - 2014-06-06 01:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 02:01 - 2014-05-29 22:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys 2014-07-09 02:00 - 2014-06-05 06:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll 2014-07-09 02:00 - 2014-06-05 06:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 02:00 - 2014-06-05 06:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-03 19:22 - 2014-08-03 19:17 - 00000000 ____D () C:\FRST 2014-08-03 17:44 - 2014-08-03 02:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-08-03 17:44 - 2014-08-03 01:51 - 00000000 ____D () C:\Users\-\Documents\Command And Conquer Generals Zero Hour Data 2014-08-03 17:44 - 2014-08-02 08:45 - 00000000 ____D () C:\Users\-\Downloads\Die.Trying.S01E03.Yosemite.Death.Climb.PROPER.480p.HDTV.x264-mSD 2014-08-03 17:44 - 2014-08-02 06:05 - 00000000 ____D () C:\Users\-\Downloads\Subtitles-ChinaJam 2014-08-03 17:44 - 2014-07-30 01:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-08-03 17:44 - 2014-07-29 23:50 - 00000000 ____D () C:\Users\-\AppData\Local\GARMIN_Corp 2014-08-03 17:44 - 2014-07-29 09:31 - 00000000 ____D () C:\Freizeitkarte 2014-08-03 17:44 - 2014-07-29 09:30 - 00000000 ____D () C:\Program Files\DIFX 2014-08-03 17:44 - 2014-07-29 05:03 - 00000000 ____D () C:\Users\-\AppData\Roaming\uTorrent 2014-08-03 17:44 - 2014-05-26 23:35 - 00000000 ____D () C:\Users\-\AppData\Roaming\vlc 2014-08-03 17:44 - 2014-05-26 23:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-08-03 17:44 - 2014-05-26 13:39 - 00000000 ____D () C:\users\- 2014-08-03 17:44 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat 2014-08-03 15:23 - 2014-07-29 06:53 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-08-03 13:43 - 2014-07-29 06:54 - 00000000 ____D () C:\Users\-\AppData\Roaming\DAEMON Tools Lite 2014-08-03 13:43 - 2014-07-29 05:14 - 00000000 ____D () C:\Program Files (x86)\7-Zip 2014-08-03 13:43 - 2014-07-29 03:18 - 00000000 ____D () C:\Program Files\CCleaner 2014-08-03 02:36 - 2014-08-03 02:36 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\ofch.sys 2014-08-03 02:36 - 2014-08-03 02:11 - 2552701033 _____ () C:\Users\-\Downloads\Blitzkrieg.rar 2014-08-03 02:36 - 2014-08-02 10:06 - 1713151515 _____ () C:\Users\-\Downloads\The_Island.mov 2014-08-03 02:36 - 2014-05-26 13:23 - 01433559 _____ () C:\Windows\WindowsUpdate.log 2014-08-03 02:24 - 2014-05-26 23:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-03 02:14 - 2014-08-03 02:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys 2014-08-03 02:13 - 2014-08-03 02:13 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\-\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-03 02:13 - 2014-08-03 02:13 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-08-03 02:13 - 2014-08-03 02:13 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-03 01:51 - 2014-08-03 01:51 - 00000000 ____D () C:\Users\-\Documents\Command and Conquer Generals Data 2014-08-03 01:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\winevt 2014-08-03 01:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sysprep 2014-08-03 01:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\spool 2014-08-03 01:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\SMI 2014-08-03 01:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\Setup 2014-08-03 01:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\oobe 2014-08-03 01:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\MUI 2014-08-03 01:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\Msdtc 2014-08-03 01:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\com 2014-08-02 18:24 - 2014-08-02 10:23 - 00000000 ____D () C:\Users\-\Downloads\Western Gold 2014-08-02 10:19 - 2014-08-02 08:24 - 1832471202 _____ () C:\Users\-\Downloads\Smitten.2011.720p.mov 2014-08-02 10:11 - 2014-08-02 08:27 - 3932717648 _____ () C:\Users\-\Downloads\BBC.The.Great.Climb.2010.Sron.Uladail.1080p.HDTV.x264.AC3.MVGroup.org.mkv 2014-08-02 09:14 - 2014-08-02 08:21 - 2127868769 _____ () C:\Users\-\Downloads\The Network 2013 (climbing movie).mp4 2014-08-02 08:53 - 2014-08-02 08:20 - 00000000 ____D () C:\Users\-\Downloads\The Long Hope 720p 2014-08-02 08:33 - 2014-08-01 01:20 - 00000112 _____ () C:\Windows\setupact.log 2014-08-02 08:33 - 2014-08-01 01:19 - 00001884 _____ () C:\Windows\PFRO.log 2014-08-02 08:33 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-02 08:18 - 2014-08-02 08:18 - 00000000 ____D () C:\Users\-\Downloads\Mountaineering Freedom 2014-08-02 05:33 - 2014-08-02 04:54 - 1904167415 _____ () C:\Users\-\Downloads\China%20Jam-HD.mp4 2014-08-02 04:54 - 2014-08-02 04:38 - 1845970051 _____ () C:\Users\-\Downloads\Venezuela_Jungle_Jam.HD.mp4 2014-08-02 04:50 - 2014-08-02 04:50 - 00000000 ____D () C:\ProgramData\Sun 2014-08-02 04:50 - 2014-08-02 04:50 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-02 04:49 - 2014-08-02 04:50 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-08-02 04:49 - 2014-08-02 04:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-08-02 04:49 - 2014-08-02 04:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-08-02 04:49 - 2014-08-02 04:49 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-08-02 04:49 - 2014-08-02 04:49 - 00000000 ____D () C:\Program Files (x86)\Java 2014-08-01 02:58 - 2014-08-01 02:04 - 00000000 ____D () C:\Users\-\Downloads\Gomorra stagione 1 - ITA 2014-08-01 01:20 - 2014-08-01 01:20 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-31 07:37 - 2014-07-31 06:11 - 00281768 _____ () C:\Users\-\Documents\BaseCamp 2014-07-31.Backup 2014-07-31 07:06 - 2014-07-31 07:06 - 00000000 ____D () C:\Users\-\Downloads\Basecamp Freizeitkarte 2014-07-30 06:16 - 2014-07-30 06:15 - 10569893 _____ () C:\Users\-\Downloads\presentatie Italie.pptx 2014-07-30 04:45 - 2014-07-29 08:03 - 00000000 ____D () C:\ProgramData\Adobe 2014-07-30 04:08 - 2014-07-30 04:08 - 00220047 _____ () C:\Users\-\Documents\Kroatie 2007.gpx 2014-07-30 02:45 - 2014-07-29 23:56 - 00000000 ____D () C:\Users\-\Documents\Topo 2014-07-30 02:34 - 2014-07-29 09:30 - 00000000 ____D () C:\Users\-\AppData\Roaming\Garmin 2014-07-30 02:33 - 2014-07-29 23:50 - 00000000 ____D () C:\Users\-\AppData\Local\Garmin 2014-07-30 01:42 - 2014-07-30 01:42 - 00052667 _____ () C:\Users\-\Documents\4DAAGSE.gpx 2014-07-30 01:42 - 2014-07-30 01:42 - 00017190 _____ () C:\Users\-\Documents\4DAAGSE.txt 2014-07-30 01:42 - 2014-07-29 23:50 - 00000000 ____D () C:\ProgramData\Garmin 2014-07-30 01:38 - 2014-05-26 13:40 - 00000000 ____D () C:\Users\-\AppData\Local\VirtualStore 2014-07-30 00:29 - 2014-07-30 00:29 - 00000000 ____D () C:\Users\-\Documents\My Garmin 2014-07-29 23:56 - 2014-07-29 23:56 - 00000000 ____D () C:\Garmin 2014-07-29 09:30 - 2014-07-29 09:30 - 00000000 ____D () C:\Program Files (x86)\Garmin 2014-07-29 09:23 - 2014-07-29 09:22 - 53913608 _____ () C:\Users\-\Downloads\BaseCamp_434.exe 2014-07-29 08:04 - 2014-07-29 08:04 - 00000000 ____D () C:\Users\-\AppData\Local\Adobe 2014-07-29 08:04 - 2014-05-26 23:27 - 00000000 ____D () C:\Users\-\AppData\Roaming\Adobe 2014-07-29 08:03 - 2014-07-29 08:03 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-07-29 07:05 - 2014-07-29 07:05 - 00009857 _____ () C:\Windows\DirectX.log 2014-07-29 06:48 - 2014-07-29 06:48 - 00000000 ____D () C:\users\New Folder 2014-07-29 05:04 - 2014-07-29 05:04 - 00058016 _____ () C:\Users\-\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-29 05:03 - 2014-07-29 05:03 - 00000809 _____ () C:\Users\-\Desktop\µTorrent.lnk 2014-07-29 03:24 - 2014-05-26 23:20 - 00000000 ____D () C:\Windows\Panther 2014-07-29 03:18 - 2014-07-29 03:18 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-07-16 07:12 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache 2014-07-09 02:24 - 2014-05-26 23:42 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 02:24 - 2014-05-26 23:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!. ==================== Restore Points ========================= Restore point made on: 2014-07-29 03:05:12 Restore point made on: 2014-07-29 06:54:52 Restore point made on: 2014-07-29 07:00:48 Restore point made on: 2014-07-29 07:03:34 Restore point made on: 2014-07-29 07:04:55 Restore point made on: 2014-08-02 04:48:57 Restore point made on: 2014-08-03 01:49:08 ==================== Memory info =========================== Percentage of memory in use: 19% Total physical RAM: 2996.52 MB Available physical RAM: 2406.75 MB Total Pagefile: 2994.72 MB Available Pagefile: 2395.38 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:297.99 GB) (Free:173.96 GB) NTFS Drive f: () (Removable) (Total:3.73 GB) (Free:3.72 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: E9BF6079) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 4 GB) (Disk ID: 69686373) No partition Table on disk 1. LastRegBack: 2014-07-29 04:09 ==================== End Of Log ============================
  23. Hello I have already changed several things on this system but without previous attempts to cure it the most annoying symptom was the Windows/Explorer.exe crashing every 3 seconds not allowing programs to be run, AND no internet access, disabling the security, enabling or even authorising Malware as OK. (I remember seeing somewhere in McAfee about 8 known PUP and malware being authorised as Trusted but cleaned them and not been able to find that section/setting since) I've tried Malwarebytes and it seemed to cure it - only to find it reappears at next boot. the resident sheild is McAfee but it finds nothing even if using the highest/most sensitive search. I've run all the programs in sfae mode or at least ried to = MalwareBytes reports it cannot run in safe mode. I have tried Windows Defender Offline and McAfee Stinger. I've cleaned literally dozens of infections from well over 100 places on the system. The only one I found that seems to keep re-ocurring was the DOS/Rovnix.gg which has very little presence online - Microsoft only had rovnix.a or rovnix.v etc not .gg .. The microsoft site says Microsoft Safety Scanner can cure it but With McAfee paid Total Care installed I did not want to un-install it completely to load a new resident protection (esp as someone said that it may only cure certain different strains anyway). My next step was to try that and find a Windows 7 Disk to fix BootRec as Microsoft advised on a link I found while searching rovnix cures but the McAfee Forum recommended you and a couple other sites. I've been dealing with this for over a week and though I have made massive progress enabling me to submit this on the affected laptop I am getting annoyed and frutrated. The only thing that seems to constantly give a stable (semi stable) system is Running Windows Memory Diagnostic during start-up and this is even after Changing the RAM. I downloaded the Chameleon but have not used it as of yet. I ran RogueKiller before joining this forum and it showed many variations/infections but I have not done any changes since reading the proceedure for this Forum. Both logs are available now. I may have done more previously and not mentioned it here but it has been a long hard road so far. This Trojan Dropper as someone called it seems to let the system get infected with many others so it's a lot to correct. The system is a Sony Vaio with Windows 7 H Prem. 64Bit Now with a 4Gb DIMM not the 2 stick making 3Gb. Addition.txt FRST.txt RKreport0_S_04272014_085916.txt
  24. Thanks in advance for any help you can offer! DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 Run by wifikyla at 19:01:14 on 2014-01-23 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6142.3238 [GMT -6:00] . AV: Norton AntiVirus Online *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton AntiVirus Online *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Prey\platform\windows\cronsvc.exe C:\Users\wifikyla\AppData\Local\CrossLoop\CrossLoopService.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe C:\Windows\system32\locator.exe C:\Program Files\Soluto\SolutoLauncherService.exe C:\Windows\system32\taskhost.exe c:\program files\soluto\soluto.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe C:\Program Files (x86)\Memeo\AutoBackup\MemeoUpdater.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files\Soluto\SolutoService.exe C:\Program Files\Soluto\SolutoRemoteService.exe C:\program files (x86)\google\google calendar sync\googlecalendarsync.exe C:\Users\wifikyla\appdata\roaming\dropbox\bin\dropbox.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Firefox\firefox.exe C:\Program Files (x86)\Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe C:\Windows\system32\notepad.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:Tabs uURLSearchHooks: FCToolbarURLSearchHook Class: {6f52f077-2dbf-f864-8da7-73cc1a21005a} - C:\Program Files (x86)\Upromise RewardU Toolbar\Helper.dll uURLSearchHooks: <No Name>: - LocalServer32 - <no file> mWinlogon: Userinit = userinit.exe, BHO: Upromise RewardU Toolbar BHO: {2E1946E4-D51E-6074-C16F-ED7E0D98A8E4} - C:\Program Files (x86)\Upromise RewardU Toolbar\Toolbar.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ips\ipsbho.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL TB: Upromise RewardU Toolbar: {BCB2559D-DE26-E8F4-D552-AE05CE2BAC69} - C:\Program Files (x86)\Upromise RewardU Toolbar\Toolbar.dll uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [CenturyLinkTouchPointAgent] "C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe" /autostart mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" StartupFolder: C:\Users\wifikyla\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\wifikyla\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GOOGLE~1.LNK - C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: SoftwareSASGeneration = dword:3 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.0.1 205.171.3.25 TCP: Interfaces\{2CFDD833-8A72-4ECC-B72B-4B8BFC2DFB3C} : DHCPNameServer = 192.168.0.1 205.171.3.25 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,c:\program files\soluto\soluto.exe /userinit x64-BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned> x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned> . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\wifikyla\AppData\Roaming\Mozilla\Firefox\Profiles\213f5a7b.default\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\wifikyla\AppData\Local\Citrix\Plugins\97\npappdetector.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll . ---- FIREFOX POLICIES ---- FF - user.js: extentions.y2layers.installId - e28da934-b1cc-4364-b0a5-48769c5cf2ef FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,buzzdock,YontooNewOffers FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - 0049d4b500000000000000219b003045 FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15847 FF - user.js: extensions.delta.vrsn - 1.8.21.5 FF - user.js: extensions.delta.vrsni - 1.8.21.5 FF - user.js: extensions.delta.vrsnTs - 1.8.21.519:18:38 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=119351&tt=gc_ FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - ss FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false . ============= SERVICES / DRIVERS =============== . R0 Soluto;Soluto;C:\Windows\System32\drivers\Soluto.sys [2014-1-14 54728] R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NAVx64\1404000.028\symds64.sys [2013-10-19 493656] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NAVx64\1404000.028\symefa64.sys [2013-10-19 1139800] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [2014-1-22 1526488] R1 ccSet_NAV;Norton AntiVirus Settings Manager;C:\Windows\System32\drivers\NAVx64\1404000.028\ccsetx64.sys [2013-10-19 169048] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20140123.001\IDSviA64.sys [2014-1-23 521944] R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NAVx64\1404000.028\ironx64.sys [2013-10-19 224416] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NAVx64\1404000.028\symnets.sys [2013-10-19 433752] R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2011-2-15 19968] R2 CrossLoopService;CrossLoop Service;C:\Users\wifikyla\AppData\Local\CrossLoop\CrossLoopService.exe [2013-11-15 569072] R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccsvchst.exe [2013-10-19 144368] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-10-9 1153368] R2 SolutoLauncherService;Soluto Launcher Service;C:\Program Files\Soluto\SolutoLauncherService.exe [2013-11-14 182848] R2 SolutoService;Soluto PCGenome Core Service;C:\Program Files\Soluto\SolutoService.exe [2013-11-14 856128] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-1-19 137648] R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;C:\Windows\System32\drivers\InputFilter_FlexDef2b.sys [2010-6-19 17920] R3 SolutoRemoteService;Soluto Remote Service;C:\Program Files\Soluto\SolutoRemoteService.exe [2013-11-14 1942016] R3 VST64_DPV;VST64_DPV;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] R3 VST64HWBS2;VST64HWBS2;C:\Windows\System32\drivers\VSTBS26.SYS [2009-7-13 411136] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-1-24 25824] S2 Stratus Client;Stratus Data Link Service;C:\Program Files (x86)\Stratus\wrapper.exe [2011-11-16 204800] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-2-6 102936] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-11 111616] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-10-4 19456] S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2014-1-19 31800] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-2-6 203544] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-10-4 57856] S3 tvnserver;TightVNC Server;C:\Users\wifikyla\AppData\Local\CrossLoop\tvnserver.exe [2013-11-15 814080] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-9-27 1255736] S3 XENfiltv;XENfiltv;C:\Windows\System32\drivers\XENfiltv.sys [2009-7-31 25600] S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-20 203776] . =============== Created Last 30 ================ . 2014-01-19 16:14:27 -------- d-----w- C:\Users\wifikyla\AppData\Local\VS Revo Group 2014-01-19 16:14:23 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys 2014-01-19 16:14:23 -------- d-----w- C:\ProgramData\VS Revo Group 2014-01-19 16:14:21 -------- d-----w- C:\Program Files\VS Revo Group 2014-01-15 12:10:52 376768 ----a-w- C:\Windows\System32\drivers\netio.sys 2014-01-15 00:40:30 3156480 ----a-w- C:\Windows\System32\win32k.sys 2014-01-15 00:40:19 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2014-01-15 00:40:19 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2014-01-15 00:40:19 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2014-01-15 00:40:19 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2014-01-15 00:40:19 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2014-01-15 00:40:19 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2014-01-15 00:40:19 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2014-01-15 00:26:09 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin 2014-01-15 00:25:19 54728 ----a-w- C:\Windows\System32\drivers\Soluto.sys 2014-01-15 00:25:15 -------- d-----w- C:\Program Files\Soluto 2013-12-25 01:58:59 -------- d-----w- C:\Program Files (x86)\Dungeon Scroll . ==================== Find3M ==================== . 2014-01-24 00:48:40 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat 2013-12-10 23:37:15 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-12-10 23:37:15 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll 2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll 2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll 2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll 2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll 2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll . ============= FINISH: 19:01:33.18 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume3 Install Date: 9/25/2011 7:35:05 PM System Uptime: 1/23/2014 5:03:37 PM (2 hours ago) . Motherboard: Dell Inc. | | 0FM586 Processor: Intel® Core2 Quad CPU Q9300 @ 2.50GHz | Socket 775 | 2498/333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 697 GiB total, 503.368 GiB free. D: is FIXED (NTFS) - 2 GiB total, 0.961 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable J: is FIXED (NTFS) - 298 GiB total, 207.649 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP233: 8/29/2013 3:00:11 AM - Windows Update RP234: 9/3/2013 6:33:18 AM - Windows Update RP235: 9/8/2013 12:50:25 PM - Windows Backup RP236: 9/12/2013 3:07:23 PM - Windows Update RP237: 9/12/2013 3:59:36 PM - Windows Update RP238: 9/17/2013 6:43:19 PM - Windows Update RP239: 9/22/2013 8:18:53 AM - Windows Backup RP240: 9/22/2013 5:53:07 PM - Windows Backup RP241: 9/24/2013 6:52:19 PM - Windows Update RP242: 9/27/2013 8:46:03 PM - Windows Update RP243: 10/1/2013 7:23:50 PM - Windows Update RP244: 10/4/2013 8:45:29 PM - Windows Update RP245: 10/4/2013 10:05:23 PM - Removed Skype™ 6.6 RP246: 10/4/2013 10:14:52 PM - Removed Relentless Software Prerequisites RP247: 10/4/2013 10:18:10 PM - Removed Stratus Data Link Service RP248: 10/5/2013 7:26:29 PM - Removed Stratus Data Link Service RP249: 10/5/2013 7:31:47 PM - Removed Stratus Data Link Service RP250: 10/5/2013 7:44:57 PM - Removed Microsoft Silverlight RP251: 10/5/2013 7:45:42 PM - Removed Stratus Data Link Service RP252: 10/6/2013 12:26:06 PM - Windows Backup RP253: 10/6/2013 1:29:06 PM - Windows Backup RP254: 10/8/2013 9:00:29 PM - Windows Update RP255: 10/8/2013 9:18:47 PM - Windows Update RP256: 10/15/2013 3:35:48 PM - Windows Update RP257: 10/18/2013 8:15:30 PM - Windows Update RP258: 10/19/2013 3:43:28 PM - Installed CenturyLink Installer RP259: 10/20/2013 11:01:10 AM - Windows Backup RP261: 10/28/2013 5:56:58 PM - Scheduled Checkpoint RP262: 11/3/2013 8:50:06 AM - Windows Backup RP263: 11/10/2013 7:04:21 PM - Scheduled Checkpoint RP264: 11/13/2013 7:00:57 PM - Windows Update RP265: 11/17/2013 9:50:29 AM - Windows Backup RP266: 11/24/2013 4:15:42 PM - Scheduled Checkpoint RP267: 11/26/2013 7:00:22 PM - Windows Update RP268: 11/27/2013 7:00:11 PM - Windows Update RP269: 12/5/2013 8:14:14 PM - Scheduled Checkpoint RP270: 12/11/2013 6:43:42 AM - Windows Update RP271: 12/15/2013 7:00:14 PM - Windows Update RP272: 12/23/2013 7:02:39 PM - Scheduled Checkpoint RP273: 12/30/2013 7:26:58 PM - Scheduled Checkpoint RP274: 1/6/2014 7:55:37 PM - Scheduled Checkpoint RP275: 1/14/2014 6:40:36 PM - Windows Update RP276: 1/15/2014 6:20:36 AM - Windows Update RP277: 1/18/2014 10:39:04 AM - before CenturyLink PC health RP278: 1/18/2014 10:42:22 AM - Installed CenturyLink Installer RP280: 1/19/2014 10:15:42 AM - Revo Uninstaller Pro's restore point - 360Amigo System Speedup Free RP282: 1/19/2014 10:16:31 AM - Revo Uninstaller Pro's restore point - 360Amigo System Speedup Free RP284: 1/19/2014 10:17:25 AM - Revo Uninstaller Pro's restore point - 3D Fish School 4 Screen Saver RP286: 1/19/2014 10:18:38 AM - Revo Uninstaller Pro's restore point - 3D Sci-Fi Movie Maker RP288: 1/19/2014 10:20:45 AM - Revo Uninstaller Pro's restore point - ABViewer RP290: 1/19/2014 10:21:38 AM - Revo Uninstaller Pro's restore point - Ad-Aware Free Antivirus + RP292: 1/19/2014 11:42:16 AM - Revo Uninstaller Pro's restore point - COMODO System Cleaner RP294: 1/19/2014 11:43:20 AM - Revo Uninstaller Pro's restore point - Clean Disk Security(1) RP296: 1/19/2014 11:44:01 AM - Revo Uninstaller Pro's restore point - Clean My Registry RP298: 1/19/2014 11:44:46 AM - Revo Uninstaller Pro's restore point - Clean Space 2013 RP300: 1/19/2014 11:46:33 AM - Revo Uninstaller Pro's restore point - CleanCenter RP302: 1/19/2014 11:47:14 AM - Revo Uninstaller Pro's restore point - Corel PaintShop Pro X5 RP304: 1/19/2014 1:37:44 PM - Revo Uninstaller Pro's restore point - Clean Disk Security RP306: 1/19/2014 1:38:53 PM - Revo Uninstaller Pro's restore point - Dungeon Defenders RP308: 1/19/2014 1:43:18 PM - Revo Uninstaller Pro's restore point - IrfanView (remove only) RP310: 1/19/2014 1:44:11 PM - Revo Uninstaller Pro's restore point - GoToMeeting 5.8.0.1189 RP312: 1/19/2014 1:45:46 PM - Revo Uninstaller Pro's restore point - Opera 12.14 RP314: 1/19/2014 1:47:26 PM - Revo Uninstaller Pro's restore point - Stratus Data Link Service RP316: 1/23/2014 6:48:55 PM - Revo Uninstaller Pro's restore point - office Convert Pdf to PowerPoint for ppt Free . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.06) Amazon MP3 Downloader 1.0.15 Apple Application Support Apple Mobile Device Support Apple Software Update Bonjour Canon MP Navigator EX 3.1 Canon MX340 series MP Drivers CenturyLink Installer CrossLoop 2.82 CutePDF Writer 2.8 D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell Driver Download Manager Dropbox Dungeon Scroll Gold Edition (remove only) Families Sync Family Tree Maker 2012 Google Apps Migration For Microsoft Outlook® 2.3.12.34 Google Calendar Sync Google Earth Google Update Helper HiJackThis iCloud Intuit SiteBuilder iTunes Legacy 7.5 Malwarebytes Anti-Malware version 1.75.0.1300 Memeo Instant Backup Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Money Plus Microsoft Money Shared Libraries Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual J# 2.0 Redistributable Package Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Mozilla Firefox 26.0 (x86 en-US) Mozilla Maintenance Service MSVCRT Nancy Drew: Message in a Haunted Mansion Norton AntiVirus Notepad++ oDesk Team QuickTime Revo Uninstaller Pro 3.0.8 Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2) Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SnagIt 8 Soluto Spybot - Search & Destroy Steam TrueCrypt Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition Upromise RewardU Toolbar Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Media Encoder 9 Series Xenu's Link Sleuth . ==== Event Viewer Messages From Past Week ======== . 1/23/2014 5:58:13 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5. 1/23/2014 5:12:46 PM, Error: Service Control Manager [7034] - The Stratus Data Link Service service terminated unexpectedly. It has done this 1 time(s). 1/23/2014 5:12:42 PM, Error: Service Control Manager [7009] - A timeout was reached (120000 milliseconds) while waiting for the Soluto PCGenome Core Service service to connect. 1/23/2014 5:12:42 PM, Error: Service Control Manager [7000] - The Soluto PCGenome Core Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 1/23/2014 5:10:37 PM, Error: Service Control Manager [7009] - A timeout was reached (120000 milliseconds) while waiting for the MemeoBackgroundService service to connect. 1/23/2014 5:10:37 PM, Error: Service Control Manager [7000] - The MemeoBackgroundService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 1/22/2014 8:59:23 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS. 1/19/2014 11:57:16 AM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 1/19/2014 11:57:16 AM, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure. . ==== End Of File ===========================
  25. Hi there all, I'm finally at my wit's end with this: A guy on my course gave me his laptop to have a look at as apparently it went from "fine" to the unusable condition it's in now literally overnight (I'm no expert but I've helped fix a few friends/relatives computers in the past with the help of sites like this) - firstly, there WAS an instance of uTorrent on there when I recieved it, which I have deleted as recommended (and I also assume is the cause of the problem in the first place - although I'm unable to find any keygens or other obvious "warez" by searching on the drive, so aside from individually going through his private files I'll assume it's piracy-free...or was at least "cleaned up" before he gave it to me). Right, basically the boot time now takes anything up to ten minutes and windows has hung and failed to boot on a few occasions, seemingly at random. RAM use is seemingly normal, but the CPU spikes at roughly 50% in intermittent but regular patterns (to clarify, the timing of when this happens is intermittent, but the pattern of the CPU spikes is regular and looks like a "sawtooth" wave) and the computer becomes essentially locked-up while this happens for up to ten minutes at a time. Firefox hangs and then asks to be restarted almost every time you click it - also, this morning on booting it said that the windows copy wasn't legit, but after running a system restore that issue at least has been resolved (he hasn't backed anything up, there seemed to be 3 restore points I could choose and I picked the most recent - they were all from about 3 days ago within 12 hours of each other - not sure if there were automatically generated as he didn't know what I meant when I asked if he'd already tried a system restore - when I get this working again I'll image his drive for him so either myself or someone else doesn't have to fix it for him again!). I've seperately scanned with Malware Bytes, SuperAntiSpyware, IOBit Advanced System Care just to make sure, all of which came back as clean. Hijackthis wouldn't create a log file yesterday, but for reasons unknown, now will (maybe something to do with the system restore I did earlier today) - it still says that it can't access the HOST file though - there was an alarming amount of red-flagged entries when I passed the HJT log through an automated scanner, but I didn't wish to make any changes without first checking with folks more knowledgable than myself! (also, after reading a few posts on here, it seems HJT isn't as relavent nowadays anyway) The requested "attach.txt" and "dds.txt" should be attached. Apologies for the long rant, I incorrectly assumed this would be a quick and easy fix and I'm just frustrated at my own lack of know-how. P.S. - if there is anything on the logs that shouldn't be there that I've missed (piracy or otherwise) please just tell me and I'll delete it immediately - I've no interest in helping someone break the law. Thanks in advance X attach.txt dds.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.