Showing results for tags 'fail'. - Malwarebytes Forums

Malwarebytes 4.2.0 - Can't activate my Licence Key

LBS posted a topic in Malwarebytes for Windows Support Forum

Hello everyone. I bought a licence for my Malwarebytes today. I tried activating it, but it wouldn't work. I am constantly presented with an "Error 404101" message and the indication that my Internet is to blame. As you can see, by me writing this right now, my Internet is working fine. I have allowed Malwarebytes through my Firewall and even used the Proxy option. Sadly no difference. My Malwarebytes refuses to connect to the internet. I am the admin of my Computer, so that cannot be the problem, either. It would be nice if someone had an idea what to do, since I am at my wits end. I tried to activate it over the Program I changed the Proxy I changed the language and Proxy I activated the licence over my Malwarebytes account on the website and tried to connect that to the program I tried at least 20 different tips I have seen online about this issue No result. I am from Germany and use the program for personal use. Please, someone, help! I don't want this to become an utter waste of 40€. Sincerest Thanks LBS

August 31, 2020
6 replies
- malwarebytes
- 4.2.0
- (and 4 more)
  Tagged with:
  - malwarebytes
  - 4.2.0
  - activate license
  - key
  - fail
  - error 404101

My headsets stopped working when i restarted my pc with malwarebytes

Peepe posted a topic in Resolved Malware Removal Logs

My headsets stopped working when i removed a malware from my PC. I clicked on restart via malwarebytes for the removal process to be finished and then my PC frose on the blue screen where it says restarting and then i turned the PC off and turned it on again. But once i did my PC had remove my headsets software drive and also out of nowhere my device driver was not working properly and the troubleshooter didn't detect anything. I need help pls someone help me and also this happend to my gaming headset directly after the restart and also now i have no malware left or any threat or virus but i watched YouTube and try to see solutions and not any solution worked. So pls I need someone in Support & Help to help me because no YouTube videos could help me and also pls contact me as fast as possible or comment if you know a solution. (i have checked for update drivers for my specific headsets if didn't even have any)

May 31, 2019
2 replies
- help
- support
- (and 33 more)
  Tagged with:
  - help
  - support
  - help me
  - help me pls
  - help me god
  - helps
  - helpme
  - help and support
  - pc
  - headsets
  - malware
  - virus
  - trojan
  - system32
  - helper
  - help?
  - malwarebytes
  - antivirus
  - removal
  - success
  - succesfully
  - successfully removed
  - fail
  - failed
  - failing
  - not working
  - not working properly
  - tropic
  - create
  - search
  - bored
  - why
  - also
  - request
  - caps

AdwCleaner 7 and Malwarebytes 3.3.1 NOT finding the RocketTab virus

Lloydel posted a topic in Resolved Malware Removal Logs

I have this same problem starting thhis morning. Using Firefox on Windows 10, my Google and Bing search pages are taken over by a semi-look-alike RocketTab page. I am Malwarebytes Premium with all protections turned on. A full scan did not identify RocketTab. Looking for advice.

AdwCleaner 7 and Malwarebytes 3.3.1 NOT finding the RocketTab virus

Mikanojo posted a topic in Resolved Malware Removal Logs

Hello, This morning we suddenly found the RocketTab powered by Advertise virus has taken over our browsers, Edge and Firefox. we downloaded and reinstalled the latest trial version of Malwarebytes 3.3.1, it found nothing, then we downloaded AdwCleaner 7.0.8.0 and let it update.. and run.. and it ALSO fails to find the virus. We have a virus, pup, malware that Malwarebytes is supposed to find and remove but it is not finding or removing it. please help?

License Key does not activate

bcblitzen posted a topic in Malwarebytes for Windows Support Forum

I have a Malwarebytes 3.0 Premium (formerly Anti-Malware Premium) 3 seat purchased license that expires in June 2018 but cannot activate the installed premium software. I've re-downloaded the software twice but this does not solve the issue.

February 1, 2018
13 replies
- license key
- fail
- (and 1 more)
  Tagged with:

Chrome Recurring PUPs... reboot doesn't remove issue

jay4tek posted a topic in Resolved Malware Removal Logs

Anyone have a solution or advice on the issue... after quarantine select on all items... reboot does not eliminate this detection.

November 19, 2017
3 replies
- chrome
- pups
- (and 2 more)
  Tagged with:
  - chrome
  - pups
  - quarentine
  - fail

Error on startup - MBAMSwissArmy.sys

skEt8h posted a topic in BSOD, Crashes, Kernel Debugging

Your PC/Device needs to be repaired the operating system couldn't be loaded because a critical system driver is missing or contains errors. File: \windows\system32\drivers\MBAMSwissArmy.sys Error code: 0xc000007b not sure what to do I've gone through start up settings but to no avail, no disc reader on my pic so can't do disc recover. Need help

July 20, 2017
3 replies
- mbamswissarmy
- crash
- (and 5 more)
  Tagged with:
  - mbamswissarmy
  - crash
  - error
  - mbam
  - driver
  - fail
  - startup

Malwarebytes 3.0.6 Scan Ending at Prescan Operations.

Sheepinator3000 posted a topic in Malwarebytes for Windows Support Forum

Malwarebytes 3.0.6 Scan Ending at Prescan Operations Hello, I am experiencing issues with Malwarebytes 3.0+. I click scan and wait for it to check for updates, it gets to the start of Prescan operations and then says: All good no threats detected. Any ideas of what has caused this? I will use version 2 for the moment. Check the video out for more detail. MBAM Error.mp4

April 10, 2017
2 replies
- issue
- problem
- (and 6 more)
  Tagged with:
  - issue
  - problem
  - error
  - scan
  - prescan
  - fail
  - failure
  - bug

MBMC Service Stopping

PhillyPhotog posted a topic in Malwarebytes Management Console

My management console is failing after about 24 hours of uptime. Specifically, I am getting an error with ID 7034 from source Service Control Manager Eventlog Provider, with the detial I am running Management Console version 1.7.0.3208 I am not sure where to begin troubleshooting this one. Search of forums came up blank for me. Any guidance would be appreciated.

October 20, 2016
8 replies
- mbamc
- 7034
- (and 5 more)
  Tagged with:
  - mbamc
  - 7034
  - malwarebytes management service
  - fail
  - stopped
  - failed
  - mbmc

Cheeky Malware

DiqUnicorn posted a topic in Resolved Malware Removal Logs

I am using a Lenovo IdeaPad Z510 A couple of days ago I was noticing that there were problems with my Windows explorer, it was loading slowly so I scanned and fixed scf and dsim. That's where everything started going wrong. Restart the laptop and when logged in, the computer only showed black screen with the mouse only, tried opening the Task Manager and it still worked, but can't do anything other than that. After closing and opening several times. Suddenly the laptop worked, and now I'm here writing this post. The first thing I did was trying to open anti-malware and windows fixing programs, but the programs only appeared in the windows tray and task manager. The program's windows won't come up. ReImage PC Repair showed one malware in the uTorrents folder. MBAM's chameleon is stuck at updating MBAM, and reinstalling it seems to not work, even after using RKill. I'm really out of options with this malware here, please help.

September 24, 2016
13 replies
- malware
- fail
- (and 1 more)
  Tagged with:
  - malware
  - fail
  - doesnt open

Anti Exploit fails to launch

gabe66 posted a topic in Anti-Exploit Beta

Purchased and successfully set up Anti-Exploit (and Anti-Malware Premium). Purchased and set up another application (Nuance PaperPort Pro 14, v14.5), but first exited all security (e.g. MalwareBytes: Anti-Exploit and Anti-Malware Premium, Kaspersky Anti-Virus, too), only for purpose of running the PaperPort set up. After running PaperPort set up, I restarted my PC. The Anti-Malware started normally and automatically at windows start up (Kaspersky, too)... but NOT Anti-Exploit. *Please advise what to do to ensure Anti-Exploit runs just as it did when I 1st installed. Thanks.

April 21, 2016
11 replies
- exploit
- launch
- (and 2 more)
  Tagged with:
  - exploit
  - launch
  - fail
  - startup

Malwarebytes fails to scan.

ashaffer posted a topic in Malwarebytes for Windows Support Forum

Hi everyone, When I try to run a Malwarebytes scan, it continues to fail with error code "SDKDatabaseLoadDefaults failed with code:1812". The scan always fail after the "Pre-Scan Operations" has completed. I have tried running the Malwarebytes cleaner and reinstalling the program, but that does not help. The computer is running Windows 7 64-Bit. Thank you for your help!

April 4, 2016
3 replies
- scan failure
- fail
- (and 1 more)
  Tagged with:
  - scan failure
  - fail
  - 1812

Can't install Malwarebytes

ItielMaN posted a topic in Resolved Malware Removal Logs

Hi all, Following these topics: https://forums.malwarebytes.org/index.php?/topic/169779-cant-install-malwarebytes/ http://www.bleepingcomputer.com/forums/t/579690/cleaning-up-pc-after-picexaviewer-virus-attack/ I'm posting here a new topic by 1PW's advice. All the info you need is there about my issue. And now for the logs: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-06-2015 01Ran by sofia_d (administrator) on SOFIA on 01-07-2015 22:40:35Running from C:\Documents and Settings\sofia_d\desktopLoaded Profiles: sofia_d (Available Profiles: sofia_d & Administrator)Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)Internet Explorer Version 6 (Default browser: FF)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Logitech Inc.) C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe(Logitech Inc.) C:\WINDOWS\system32\LVCOMSX.EXE(Logitech Inc.) C:\Program Files\Logitech\Video\CameraAssistant.exe(Logitech Inc.) C:\WINDOWS\system32\ElkCtrl.exe(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe(Logitech) C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe(LogMeIn, Inc.) C:\secure\x86\LMIGuardianSvc.exe(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe(Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe(Google Inc.) C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [LVCOMSX] => C:\WINDOWS\system32\LVCOMSX.EXE [225280 2005-12-09] (Logitech Inc.)HKLM\...\Run: [LogitechCameraAssistant] => C:\Program Files\Logitech\Video\CameraAssistant.exe [489472 2005-12-07] (Logitech Inc.)HKLM\...\Run: [LogitechCameraService(E)] => C:\WINDOWS\system32\ElkCtrl.exe [262144 2004-11-01] (Logitech Inc.)HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16861184 2008-04-10] (Realtek Semiconductor Corp.)HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1753192 2010-11-04] ()HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupHKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-20] (Avast Software s.r.o.)Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2011-01-26] (ATI Technologies Inc.)HKU\S-1-5-21-515967899-583907252-682003330-1003\...\Run: [LDM] => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [32768 2011-01-08] (Logitech)HKU\S-1-5-21-515967899-583907252-682003330-1003\...\Run: [Google Update] => C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.)HKU\S-1-5-21-515967899-583907252-682003330-1003\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [53282944 2015-06-16] (Skype Technologies S.A.)HKU\S-1-5-21-515967899-583907252-682003330-1003\...\MountPoints2: {be372b5f-87be-11e0-8495-002618a3a436} - F:\KODAK_Software_Downloader.exeStartup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-01-08]ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-06-20] (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=homeHKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htmHKU\S-1-5-21-515967899-583907252-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/URLSearchHook: HKU\S-1-5-21-515967899-583907252-682003330-1003 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\shdocvw.dll (Microsoft Corporation)SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06] (Hewlett-Packard Co.)BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06] (Hewlett-Packard Co.)DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cabDPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cabHandler: bw+0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw+0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw-0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw-0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw00 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw00s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw10 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw10s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw20 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw20s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw30 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw30s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw40 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw40s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw50 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw50s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw60 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw60s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw70 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw70s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw80 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw80s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw90 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bw90s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwa0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwa0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwb0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwb0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwc0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwc0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwd0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwd0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwe0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwe0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwf0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwf0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwg0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwg0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwh0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwh0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwi0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwi0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwj0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwj0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwk0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwk0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwl0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwl0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwm0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwm0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwn0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwn0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwo0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwo0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwp0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwp0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwq0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwq0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwr0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwr0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bws0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bws0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwt0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwt0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwu0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwu0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwv0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwv0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bww0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bww0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwx0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwx0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwy0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwy0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwz0 - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: bwz0s - {549f974d-7733-4e30-8139-fe232e9af0c5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)Handler: offline-8876480 - {549F974D-7733-4E30-8139-FE232E9AF0C5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2011-01-08] (BackWeb Technologies Inc. )Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)Tcpip\Parameters: [DhcpNameServer] 10.0.0.138Tcpip\..\Interfaces\{5E4D4B81-BB03-4403-BAEE-84B1B068F773}: [DhcpNameServer] 10.0.0.138 FireFox:========FF ProfilePath: C:\Documents and Settings\sofia_d\Application Data\Mozilla\Firefox\Profiles\nzfyl4dt.defaultFF DefaultSearchEngine: GoogleFF SelectedSearchEngine: delta-homesFF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-24] ()FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-515967899-583907252-682003330-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)FF Plugin HKU\S-1-5-21-515967899-583907252-682003330-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)FF Plugin HKU\S-1-5-21-515967899-583907252-682003330-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\ozonru.xml [2015-04-07]FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\priceru.xml [2015-04-07]FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yandex-slovari.xml [2015-04-07]FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yandex.xml [2015-04-07]FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtensionFF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-05-18]FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-20] Chrome: =======CHR Profile: C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Chrome\User Data\DefaultCHR Extension: (YouTube) - C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-20]CHR Extension: (Adblock Plus) - C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-17]CHR Extension: (Google Search) - C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-20]CHR Extension: (Avast Online Security) - C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-22]CHR Extension: (Default) - C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn [2011-01-11]CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]CHR Extension: (Google Wallet) - C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]CHR Extension: (Gmail) - C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-20]CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-20]CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-20]StartMenuInternet: chrome.exe - c:\documents and settings\sofia_d\local settings\application data\google\chrome\application\chrome.exe ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-20] (Avast Software s.r.o.)R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96341 2006-03-30] (Canon Inc.) [File not signed]S3 CoordinatorServiceHost; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [79144 2008-09-09] (Dassault Systèmes SolidWorks Corp.)R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]R2 LMIGuardianSvc; C:\secure\x86\LMIGuardianSvc.exe [375120 2014-07-19] (LogMeIn, Inc.)R2 LVPrcSrv; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [81920 2005-12-09] (Logitech Inc.) [File not signed]S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation)R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]S4 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2011-05-18] (SolidWorks) [File not signed]R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12400 2007-12-18] ()R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24144 2015-06-20] ()R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [74976 2015-06-20] (Avast Software s.r.o.)R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-06-20] (Avast Software s.r.o.)R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49904 2015-06-20] ()R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787760 2015-06-20] (Avast Software s.r.o.)R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [428120 2015-06-26] (Avast Software s.r.o.)R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-06-20] (Avast Software s.r.o.)R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [209048 2015-06-20] ()S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)S3 eapihdrv; C:\Documents and Settings\sofia_d\Local Settings\Temp\ehdrv.sys [135760 2015-06-25] (ESET)S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-01-17] (HP)S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-01-17] (HP)S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-01-17] (HP)R3 Lvckap; C:\WINDOWS\system32\drivers\Lvckap.sys [2174464 2005-12-09] () [File not signed]S3 lvmvdrv; C:\WINDOWS\system32\drivers\lvmvdrv.sys [2400256 2005-12-09] () [File not signed]R3 LVPrcMon; C:\WINDOWS\system32\drivers\LVPrcMon.sys [16768 2005-12-09] () [File not signed]R3 LVUSBSta; C:\WINDOWS\System32\drivers\lvusbsta.sys [39424 2005-12-06] (Logitech Inc.)R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [100456 2010-11-12] (NVIDIA Corporation)R3 pepifilter; C:\WINDOWS\System32\DRIVERS\lv302af.sys [7136 2005-12-06] (Logitech Inc.)R3 PID_08A0; C:\WINDOWS\System32\DRIVERS\LV302AV.SYS [916096 2005-12-06] (Logitech Inc.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-01 22:40 - 2015-07-01 22:41 - 00032648 _____ C:\Documents and Settings\sofia_d\desktop\FRST.txt2015-07-01 22:37 - 2015-07-01 22:37 - 01636352 _____ (Farbar) C:\Documents and Settings\sofia_d\desktop\FRST.exe2015-06-28 23:02 - 2015-06-28 23:02 - 00010799 _____ C:\WINDOWS\setupapi.log2015-06-28 23:02 - 2015-06-28 23:02 - 00000041 _____ C:\WINDOWS\setupact.log2015-06-28 23:02 - 2015-06-28 23:02 - 00000000 _____ C:\WINDOWS\setuperr.log2015-06-27 20:51 - 2015-06-27 20:51 - 00006948 _____ C:\Documents and Settings\sofia_d\desktop\CheckResults.txt2015-06-27 20:49 - 2015-06-27 20:49 - 01682416 _____ (Malwarebytes Corporation) C:\Documents and Settings\sofia_d\desktop\mbam-check-2.1.1.1001.exe2015-06-25 22:13 - 2015-06-25 22:13 - 00000000 _____ C:\Documents and Settings\sofia_d\defogger_reenable2015-06-25 22:11 - 2015-06-25 22:11 - 00000000 ____D C:\_OTL2015-06-25 00:17 - 2015-06-25 00:17 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\sofia_d\desktop\OTL.exe2015-06-23 21:57 - 2015-06-23 22:55 - 00000000 ____D C:\Documents and Settings\sofia_d\desktop\Tweaking.com - Windows Repair2015-06-23 21:53 - 2015-06-23 21:54 - 00000000 ____D C:\AdwCleaner2015-06-23 21:44 - 2015-06-26 19:01 - 00000000 ___SD C:\32788R22FWJFW2015-06-23 21:44 - 2015-06-26 19:00 - 05631168 ____R (Swearware) C:\Documents and Settings\sofia_d\desktop\ComboFix.exe2015-06-22 22:40 - 2015-06-22 22:40 - 00000706 _____ C:\Documents and Settings\All Users\desktop\TeamViewer 10.lnk2015-06-22 22:40 - 2015-06-22 22:40 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 102015-06-21 00:09 - 2015-06-21 00:09 - 00000000 ____D C:\WINDOWS\jumpshot.com2015-06-20 23:54 - 2015-06-20 23:54 - 00000000 ____D C:\Documents and Settings\sofia_d\Application Data\AVAST Software2015-06-20 23:53 - 2015-07-01 21:59 - 00000366 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job2015-06-20 23:53 - 2015-06-26 18:53 - 00428120 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswsp.sys2015-06-20 23:53 - 2015-06-20 23:53 - 00787760 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys2015-06-20 23:53 - 2015-06-20 23:53 - 00291312 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe2015-06-20 23:53 - 2015-06-20 23:53 - 00209048 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys2015-06-20 23:53 - 2015-06-20 23:53 - 00074976 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys2015-06-20 23:53 - 2015-06-20 23:53 - 00057888 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswTdi.sys2015-06-20 23:53 - 2015-06-20 23:53 - 00055200 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr.sys2015-06-20 23:53 - 2015-06-20 23:53 - 00049904 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys2015-06-20 23:53 - 2015-06-20 23:53 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr2015-06-20 23:53 - 2015-06-20 23:53 - 00024144 _____ C:\WINDOWS\system32\Drivers\aswHwid.sys2015-06-20 23:53 - 2015-06-20 23:53 - 00001689 _____ C:\Documents and Settings\All Users\desktop\Avast Free Antivirus.lnk2015-06-20 23:53 - 2015-06-20 23:53 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software2015-06-20 23:51 - 2015-06-20 23:51 - 00000000 ____D C:\Program Files\AVAST Software2015-06-20 23:46 - 2015-06-21 00:49 - 00065536 _____ C:\WINDOWS\system32\config\WindowsPowerShell.evt2015-06-20 23:46 - 2015-06-20 23:46 - 00000000 ____D C:\WINDOWS\system32\windowspowershell2015-06-20 23:46 - 2015-06-20 23:46 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.02015-06-20 23:45 - 2015-06-20 23:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB926139-v2$2015-06-20 23:38 - 2015-06-20 23:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB942288-v3$2015-06-20 23:17 - 2015-06-20 23:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software2015-06-20 22:36 - 2015-06-20 22:36 - 00000000 __SHD C:\WINDOWS\CSC2015-06-20 21:56 - 2015-06-20 21:56 - 00000917 _____ C:\Documents and Settings\sofia_d\desktop\Revo Uninstaller.lnk2015-06-20 21:56 - 2015-06-20 21:56 - 00000000 ____D C:\Program Files\VS Revo Group2015-06-17 22:54 - 2015-06-17 22:54 - 00000000 ____D C:\Program Files\K-Lite Codec Pack2015-06-17 22:54 - 2015-06-17 22:54 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack2015-06-17 22:54 - 2015-05-31 21:00 - 00112128 _____ C:\WINDOWS\system32\ff_vfw.dll2015-06-17 22:54 - 2015-02-28 18:21 - 03591680 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw.dll2015-06-17 22:54 - 2015-02-25 19:27 - 00473088 _____ (http://www.mp3dev.org/) C:\WINDOWS\system32\lameACM.acm 2015-06-17 22:54 - 2015-02-25 01:37 - 00655872 _____ C:\WINDOWS\system32\xvidcore.dll2015-06-17 22:54 - 2015-02-25 01:37 - 00240128 _____ C:\WINDOWS\system32\xvidvfw.dll2015-06-17 22:54 - 2012-07-21 13:54 - 00122880 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm2015-06-17 22:54 - 2012-05-22 00:48 - 00000415 _____ C:\WINDOWS\system32\lame_acm.xml2015-06-17 22:54 - 2011-12-07 20:32 - 00216064 _____ ( ) C:\WINDOWS\system32\lagarith.dll2015-06-17 22:54 - 2011-06-22 17:14 - 00000714 _____ C:\WINDOWS\system32\ff_vfw.dll.manifest2015-06-17 22:54 - 2004-05-18 21:16 - 00039936 _____ (Disappearing Inc.) C:\WINDOWS\system32\huffyuv.dll2015-06-17 01:29 - 2015-07-01 22:40 - 00000000 ____D C:\FRST2015-06-16 23:29 - 2015-06-16 23:29 - 00000000 ____D C:\Documents and Settings\sofia_d\Application Data\DxCK2015-06-16 23:14 - 2015-06-16 23:14 - 00000000 ____D C:\Documents and Settings\sofia_d\Application Data\WinRAR2015-06-16 23:06 - 2015-06-16 23:06 - 00000692 _____ C:\Documents and Settings\sofia_d\Start Menu\WinRAR.lnk2015-06-16 23:06 - 2015-06-16 23:06 - 00000000 ____D C:\Program Files\WinRAR2015-06-16 23:06 - 2015-06-16 23:06 - 00000000 ____D C:\Documents and Settings\sofia_d\Start Menu\Programs\WinRAR2015-06-16 23:06 - 2015-06-16 23:06 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR2015-06-16 22:51 - 2015-06-16 23:05 - 00000000 ____D C:\Program Files\Mozilla Firefox2015-06-16 22:51 - 2015-06-16 22:51 - 00035064 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys2015-06-16 22:24 - 2015-06-16 22:24 - 00000000 ____D C:\Documents and Settings\LocalService\Start Menu\Programs\Accessories2015-06-16 22:17 - 2015-06-16 22:17 - 00000000 ____D C:\RegBackup2015-06-16 21:56 - 2015-06-16 21:56 - 00000000 ____D C:\WINDOWS\erdnt2015-06-16 21:49 - 2015-06-16 21:49 - 00000000 ___HD C:\WINDOWS\PIF2015-06-16 21:45 - 2015-06-16 21:45 - 00001734 _____ C:\Documents and Settings\sofia_d\desktop\HijackThis.lnk2015-06-16 21:45 - 2015-06-16 21:45 - 00000000 ____D C:\Program Files\Trend Micro2015-06-16 21:45 - 2015-06-16 21:45 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HijackThis2015-06-16 21:11 - 2015-06-23 09:20 - 00000000 ____D C:\Program Files\TeamViewer2015-06-16 21:11 - 2015-06-16 21:11 - 00000000 ____D C:\Documents and Settings\sofia_d\Application Data\TeamViewer ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-01 22:41 - 2011-01-07 14:58 - 00000000 ____D C:\Documents and Settings\sofia_d\Local Settings\Temp2015-07-01 22:40 - 2011-01-08 22:04 - 00000000 ____D C:\Documents and Settings\sofia_d\Application Data\Skype2015-07-01 22:16 - 2011-01-08 22:13 - 00001016 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-583907252-682003330-1003UA.job2015-07-01 21:55 - 2004-08-04 15:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl2015-07-01 21:54 - 2011-01-07 14:50 - 01207562 _____ C:\WINDOWS\WindowsUpdate.log2015-07-01 21:53 - 2014-03-09 22:01 - 00000226 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job2015-07-01 21:53 - 2011-01-07 16:34 - 00000157 _____ C:\WINDOWS\wiadebug.log2015-07-01 21:53 - 2011-01-07 16:34 - 00000050 _____ C:\WINDOWS\wiaservc.log2015-07-01 21:53 - 2011-01-07 14:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT2015-07-01 21:51 - 2011-01-07 14:54 - 00032540 _____ C:\WINDOWS\SchedLgU.Txt2015-07-01 21:43 - 2013-05-18 19:07 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job2015-07-01 21:41 - 2011-05-25 19:23 - 00000238 _____ C:\Documents and Settings\sofia_d\intlname.ols2015-07-01 20:02 - 2011-01-07 16:48 - 00002457 _____ C:\Documents and Settings\sofia_d\desktop\Microsoft Office Outlook 2003.lnk2015-07-01 20:00 - 2013-03-25 23:55 - 00001006 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-583907252-682003330-1003UA.job2015-06-30 23:00 - 2013-03-25 23:55 - 00000984 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-583907252-682003330-1003Core.job2015-06-30 21:57 - 2014-02-28 18:46 - 00002265 _____ C:\Documents and Settings\All Users\desktop\Skype.lnk2015-06-30 19:16 - 2011-01-08 22:13 - 00000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-583907252-682003330-1003Core.job2015-06-26 18:31 - 2011-01-07 14:58 - 00000000 ____D C:\Documents and Settings\sofia_d2015-06-26 18:30 - 2015-05-14 22:55 - 00000682 _____ C:\Documents and Settings\All Users\desktop\CCleaner.lnk2015-06-26 18:30 - 2015-05-14 22:55 - 00000000 ____D C:\Program Files\CCleaner2015-06-26 18:30 - 2013-05-23 18:40 - 00000000 ____D C:\Documents and Settings\sofia_d\My Documents\Загрузки2015-06-25 21:35 - 2011-01-07 16:32 - 00558374 _____ C:\WINDOWS\system32\PerfStringBackup.INI2015-06-25 21:22 - 2011-01-07 16:45 - 00002417 _____ C:\Documents and Settings\sofia_d\desktop\Microsoft Office Word 2003.lnk2015-06-24 00:43 - 2013-05-18 19:07 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe2015-06-24 00:43 - 2013-05-18 19:07 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl2015-06-23 00:31 - 2011-01-10 22:09 - 00000000 ____D C:\WINDOWS\Microsoft.NET2015-06-22 22:53 - 2011-01-08 22:14 - 00002296 _____ C:\Documents and Settings\sofia_d\desktop\Google Chrome.lnk2015-06-22 22:50 - 2011-01-08 22:13 - 00000000 ____D C:\Documents and Settings\sofia_d\Local Settings\Application Data\Temp2015-06-22 22:39 - 2011-01-07 14:50 - 00000000 ____D C:\WINDOWS\system32\Restore2015-06-22 22:35 - 2011-01-08 22:03 - 00000000 ___RD C:\Program Files\Skype2015-06-22 22:35 - 2011-01-08 22:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype2015-06-22 22:27 - 2011-01-07 16:28 - 00000211 ___SH C:\boot.ini2015-06-22 22:27 - 2011-01-07 14:58 - 00000278 ___SH C:\Documents and Settings\sofia_d\ntuser.ini2015-06-22 22:27 - 2004-08-04 15:00 - 00000638 _____ C:\WINDOWS\win.ini2015-06-22 22:27 - 2004-08-04 15:00 - 00000227 _____ C:\WINDOWS\system.ini2015-06-20 23:45 - 2011-01-07 14:59 - 00070912 _____ C:\Documents and Settings\sofia_d\Local Settings\Application Data\GDIPFONTCACHEV1.DAT2015-06-20 23:40 - 2011-01-07 16:29 - 00268600 _____ C:\WINDOWS\system32\FNTCACHE.DAT2015-06-17 23:28 - 2011-05-18 14:24 - 00002727 _____ C:\Documents and Settings\All Users\desktop\SolidWorks Explorer 2009.lnk2015-06-17 23:14 - 2013-02-06 21:12 - 00000000 ____D C:\Program Files\DScaler52015-06-16 23:56 - 2011-01-07 14:48 - 00000000 ____D C:\Program Files\MSN2015-06-16 22:51 - 2013-05-18 15:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service2015-06-16 22:24 - 2011-01-07 14:54 - 00000000 __SHD C:\Documents and Settings\LocalService2015-06-16 22:23 - 2011-01-07 14:51 - 00023392 _____ C:\WINDOWS\system32\nscompat.tlb2015-06-16 22:23 - 2011-01-07 14:51 - 00016832 _____ C:\WINDOWS\system32\amcompat.tlb2015-06-16 21:47 - 2011-01-07 16:36 - 00000000 ____D C:\WINDOWS\pss2015-06-16 21:41 - 2011-01-07 14:54 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp2015-06-11 20:31 - 2013-07-24 22:16 - 00000000 ____D C:\WINDOWS\system32\MRT2015-06-11 20:25 - 2011-01-10 14:52 - 136900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2015-06-11 18:10 - 2015-05-14 22:31 - 00000000 ____D C:\WINDOWS\CryptoGuard ==================== Files in the root of some directories ======= 2012-01-03 21:02 - 2012-01-03 21:02 - 0000130 _____ () C:\Documents and Settings\sofia_d\Local Settings\Application Data\fusioncache.dat Some files in TEMP:====================C:\Documents and Settings\sofia_d\Local Settings\Temp\IadHide5.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signedC:\WINDOWS\system32\winlogon.exe => File is digitally signedC:\WINDOWS\system32\svchost.exe => File is digitally signedC:\WINDOWS\system32\services.exe => File is digitally signedC:\WINDOWS\system32\User32.dll => File is digitally signedC:\WINDOWS\system32\userinit.exe => File is digitally signedC:\WINDOWS\system32\rpcss.dll => File is digitally signedC:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of log ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-06-2015 01Ran by sofia_d at 2015-07-01 22:41:43Running from C:\Documents and Settings\sofia_d\desktopBoot Mode: Normal========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-515967899-583907252-682003330-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\AdministratorASPNET (S-1-5-21-515967899-583907252-682003330-1005 - Limited - Enabled)Guest (S-1-5-21-515967899-583907252-682003330-501 - Limited - Disabled)HelpAssistant (S-1-5-21-515967899-583907252-682003330-1000 - Limited - Disabled)LogMeInRemoteUser (S-1-5-21-515967899-583907252-682003330-1004 - Administrator - Enabled)sofia_d (S-1-5-21-515967899-583907252-682003330-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\sofia_dSUPPORT_388945a0 (S-1-5-21-515967899-583907252-682003330-1002 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) ##CAMERADRIVERNAME## (HKLM\...\QcDrv) (Version: - )32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden4500_Help (Version: 1.00.0000 - Hewlett-Packard) HiddenAdobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)BPD_HPSU (Version: 1.00.0000 - Hewlett-Packard) Hiddenbpd_scan (Version: 3.00.0000 - Hewlett-Packard) HiddenBPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) HiddenBPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) HiddenBufferChm (Version: 100.0.170.000 - Hewlett-Packard) HiddenCanon Camera Access Library (HKLM\...\CAL) (Version: 8.3.0.1 - )Canon Camera Support Core Library (HKLM\...\CSCLIB) (Version: 7.3.1.6 - )Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM\...\CameraWindowDVC5) (Version: 5.4.5.17 - )Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.0.9 - )Canon Camera Window MC 6 for ZoomBrowser EX (HKLM\...\CameraWindowMC) (Version: 6.3.0.8 - )Canon G.726 WMP-Decoder (HKLM\...\Canon G.726 WMP-Decoder) (Version: 1.1.0.4 - )Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 2.4.0.14 - )Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 2.5.0.8 - )Canon RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.0.8 - )Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 1.1.0.8 - )Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.19.43 - )Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 5.8.0.74 - )CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) HiddenDestination Component (Version: 100.0.0.0 - Hewlett-Packard) HiddenDeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) HiddenDeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) HiddenDocMgr (Version: 100.0.201.000 - Hewlett-Packard) HiddenDocProc (Version: 10.0.0.0 - Hewlett-Packard) HiddenDocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) HiddenDWGeditor (Version: 17.00.6014 - SolidWorks) HiddeneSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) HiddenFacebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)Fax (Version: 100.0.187.000 - Hewlett-Packard) HiddenGoogle Chrome (HKU\S-1-5-21-515967899-583907252-682003330-1003\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)HP Document Manager 1.0 (HKLM\...\HP Document Manager) (Version: 1.0 - HP)HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)HP Officejet J4500 Series (HKLM\...\{CD0773D5-C18E-495c-B39B-21A96415EDD5}) (Version: 1.0 - HP)HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)HP Update (HKLM\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) HiddenHPSSupply (Version: 100.0.170.000 - Hewlett-Packard) HiddenJ4500 (Version: 50.0.165.000 - Hewlett-Packard) HiddenK-Lite Mega Codec Pack 11.2.0 (HKLM\...\KLiteCodecPack_is1) (Version: 11.2.0 - )Logitech Desktop Messenger (HKLM\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: 2.01.02 - Logitech, Inc.)Logitech QuickCam Software (HKLM\...\{C191BE7C-8542-4A61-973A-714EF76C5995}) (Version: 9.50.0000 - Logitech, Inc.)MarketResearch (Version: 100.0.170.000 - Hewlett-Packard) HiddenMicrosoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)Microsoft Office 2003 Web Components (HKLM\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)Microsoft Office Professional Edition 2003 (HKLM\...\{9011040D-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation)mobile PhoneTools (HKLM\...\{F18E8A0F-BE99-4305-96A5-6C0FD9D7D999}) (Version: 3.28 7/08/2005 - BVRP Software)Motorola Mobile Drivers Installation 5.2.0 (HKLM\...\{1D76A52C-87A6-4AB0-A7B0-08C8D5DF1D75}) (Version: 5.2.0 - Motorola Inc.)Mozilla Firefox 38.0.5 (x86 ru) (HKLM\...\Mozilla Firefox 38.0.5 (x86 ru)) (Version: 38.0.5 - Mozilla)Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)MSXML 6.0 Parser (KB925673) (HKLM\...\{FE9126DB-5F84-495A-BB46-3C724F1C2D08}) (Version: 6.00.3888.0 - Microsoft Corporation)Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )NVIDIA Graphics Driver 266.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 266.58 - NVIDIA Corporation)NVIDIA HD Audio Driver 1.1.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.1.13.1 - NVIDIA Corporation)NVIDIA nView 135.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 135.50 - NVIDIA Corporation)NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)OCR Software by I.R.I.S. 10.0 (HKLM\...\HPOCR) (Version: 10.0 - HP)PhotoView 360 (Version: 17.00.6014 - SolidWorks Corporation) HiddenProductContext (Version: 50.0.165.000 - Hewlett-Packard) HiddenPSSWCORE (Version: 2.02.0000 - Hewlett-Packard) HiddenRealtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.)Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)Scan (Version: 10.1.0.0 - Hewlett-Packard) HiddenShop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)Skype™ 7.6 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.103 - Skype Technologies S.A.)SmartWebPrintingOC (Version: 100.0.189.000 - Hewlett-Packard) HiddenSolidWorks 2009 SP0 (HKLM\...\SolidWorks Installation Manager 20090-40000-1100-200) (Version: 17.0.0.6014 - SolidWorks Corporation)SolidWorks 2009 SP0 (Version: 17.1.0003 - SolidWorks) HiddenSolidWorks eDrawings 2009 (Version: 9.0.706 - Dassault Systטmes SolidWorks Corp.) HiddenSolidWorks Explorer 2009 sp0 (Version: 17.00.6014 - SolidWorks Corporation) HiddenSolidWorks Motion 2009 SP0 (Version: 17.00.6015 - SolidWorks Corporation) HiddenSolidWorks Simulation 2009 SP0 (Version: 17.00.6015 - SolidWorks Corporation) HiddenSolidWorks viewer (Version: 17.00.6014 - SolidWorks) HiddenStatus (Version: 100.0.175.000 - Hewlett-Packard) HiddenSystem Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)Toolbox (Version: 100.0.170.000 - Hewlett-Packard) HiddenTrayApp (Version: 100.0.170.000 - Hewlett-Packard) HiddenVideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) HiddenWebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) HiddenWebReg (Version: 100.0.170.000 - Hewlett-Packard) HiddenWinDjView 1.0.3 (HKLM\...\WinDjView) (Version: 1.0.3 - Andrew Zhezherun)Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )Windows PowerShell 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hiddenחבילת תאימות עבור מהדורת 2007 של מערכת Office (HKLM\...\{90120000-0020-040D-0000-0000000FF1CE}) (Version: 12.0.6021.5000 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-515967899-583907252-682003330-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-583907252-682003330-1003_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Update\1.3.27.5\psuser.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-583907252-682003330-1003_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)CustomCLSID: HKU\S-1-5-21-515967899-583907252-682003330-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-583907252-682003330-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-583907252-682003330-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-583907252-682003330-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Chrome\Application\43.0.2357.130\delegate_execute.exe (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-583907252-682003330-1003_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)CustomCLSID: HKU\S-1-5-21-515967899-583907252-682003330-1003_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)CustomCLSID: HKU\S-1-5-21-515967899-583907252-682003330-1003_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-515967899-583907252-682003330-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-583907252-682003330-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-583907252-682003330-1003_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)CustomCLSID: HKU\S-1-5-21-515967899-583907252-682003330-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-583907252-682003330-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Update\1.3.27.5\psuser.dll (Google Inc.) ==================== Restore Points ========================= 22-06-2015 22:39:26 System Checkpoint24-06-2015 00:47:16 System Checkpoint25-06-2015 01:28:56 System Checkpoint25-06-2015 09:59:32 Revo Uninstaller's restore point - ESET Online Scanner v326-06-2015 10:59:51 System Checkpoint27-06-2015 11:08:32 System Checkpoint28-06-2015 22:14:01 System Checkpoint30-06-2015 19:56:31 System Checkpoint01-07-2015 20:57:29 System Checkpoint ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2004-08-04 15:00 - 2004-08-04 15:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exeTask: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-583907252-682003330-1003Core.job => C:\Documents and Settings\sofia_d\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exeTask: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-583907252-682003330-1003UA.job => C:\Documents and Settings\sofia_d\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-583907252-682003330-1003Core.job => C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-583907252-682003330-1003UA.job => C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exeTask: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe ==================== Loaded Modules (Whitelisted) ============== 2015-06-20 23:53 - 2015-06-20 23:53 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll2015-06-20 23:53 - 2015-06-20 23:53 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll2015-07-01 19:28 - 2015-07-01 19:28 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15070102\algo.dll2013-03-11 14:28 - 2010-11-04 09:51 - 00555624 _____ () C:\Program Files\NVIDIA Corporation\nView\nvshell.dll2015-06-20 23:53 - 2015-06-20 23:53 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll2011-01-08 21:38 - 2011-01-08 21:38 - 00061496 _____ () C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\clntutil.dll2011-01-08 21:38 - 2011-01-08 21:38 - 00147493 _____ () C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\BWfiles.dll2011-01-08 21:38 - 2011-01-08 21:38 - 00536617 _____ () C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\BWDocMapExt.dll2011-01-08 21:38 - 2011-01-08 21:38 - 00114688 _____ () C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\bwscriptext.dll2008-04-14 05:41 - 2008-04-14 05:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll2008-04-14 05:42 - 2008-04-14 05:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll2008-04-14 05:42 - 2013-01-02 09:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-515967899-583907252-682003330-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\sofia_d\Local Settings\Application Data\Microsoft\Wallpaper1.bmpDNS Servers: 10.0.0.138 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk => C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon StartupMSCONFIG\startupfolder: C:^Documents and Settings^sofia_d^Start Menu^Programs^Startup^SolidWorks Task Scheduler Engine.lnk => C:\WINDOWS\pss\SolidWorks Task Scheduler Engine.lnkStartupMSCONFIG\startupreg: Facebook Update => "C:\Documents and Settings\sofia_d\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserverMSCONFIG\startupreg: hpqSRMon => MSCONFIG\startupreg: LogitechVideo[inspector] => C:\Program Files\Logitech\Video\InstallHelper.exe /inspectMSCONFIG\startupreg: LogMeIn GUI => "C:\secure\x86\LogMeInSystray.exe"MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupMSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitMSCONFIG\startupreg: SolidWorks_CheckForUpdates => "C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe" /schedulerMSCONFIG\startupreg: Torrent2Exe => ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) DomainProfile\AuthorizedApplications: [C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe] => Enabled:Logitech Desktop MessengerStandardProfile\AuthorizedApplications: [C:\Documents and Settings\sofia_d\Local Settings\Temp\Torrent2Exe\T2E.exe] => Enabled:Torrent2ExeStandardProfile\AuthorizedApplications: [C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe] => Disabled:Logitech Desktop MessengerStandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Plugin Manager\skypePM.exe] => Enabled:Skype Extras ManagerStandardProfile\AuthorizedApplications: [C:\Documents and Settings\sofia_d\Local Settings\Application Data\Google\Chrome\Application\chrome.exe] => Enabled:Google ChromeStandardProfile\AuthorizedApplications: [C:\Documents and Settings\sofia_d\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe] => Enabled:Facebook Video Calling PluginStandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:SkypeStandardProfile\AuthorizedApplications: [C:\Program Files\TeamViewer\TeamViewer.exe] => Enabled:Teamviewer Remote Control ApplicationStandardProfile\AuthorizedApplications: [C:\Program Files\TeamViewer\TeamViewer_Service.exe] => Enabled:Teamviewer Remote Control ServiceStandardProfile\GloballyOpenPorts: [5353:UDP] => Enabled:Bonjour Port 5353StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (07/01/2015 09:53:55 PM) (Source: Windows Search Service) (EventID: 3026) (User: )Description: Advise Status Change failed. The system is probably low on resources. Free up resources and restart the service. Context: Application, SystemIndex Catalog Details:The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (0x8004117f) Error: (07/01/2015 09:53:55 PM) (Source: ESENT) (EventID: 604) (User: )Description: SearchIndexer (2836) Locale ID 0x0000040d (Hebrew Hebrew) is either invalid or not installed on this machine. Error: (07/01/2015 07:26:42 PM) (Source: Windows Search Service) (EventID: 3026) (User: )Description: Advise Status Change failed. The system is probably low on resources. Free up resources and restart the service. Context: Application, SystemIndex Catalog Details:The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (0x8004117f) Error: (07/01/2015 07:26:42 PM) (Source: ESENT) (EventID: 604) (User: )Description: SearchIndexer (3124) Locale ID 0x0000040d (Hebrew Hebrew) is either invalid or not installed on this machine. Error: (06/30/2015 06:55:41 PM) (Source: Windows Search Service) (EventID: 3026) (User: )Description: Advise Status Change failed. The system is probably low on resources. Free up resources and restart the service. Context: Application, SystemIndex Catalog Details:The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (0x8004117f) Error: (06/30/2015 06:55:41 PM) (Source: ESENT) (EventID: 604) (User: )Description: SearchIndexer (3144) Locale ID 0x0000040d (Hebrew Hebrew) is either invalid or not installed on this machine. Error: (06/29/2015 10:09:43 PM) (Source: Windows Search Service) (EventID: 3024) (User: )Description: The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again. Context: Application, SystemIndex Catalog Error: (06/28/2015 09:52:27 PM) (Source: Windows Search Service) (EventID: 3026) (User: )Description: Advise Status Change failed. The system is probably low on resources. Free up resources and restart the service. Context: Application, SystemIndex Catalog Details:The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (0x8004117f) Error: (06/28/2015 09:52:27 PM) (Source: ESENT) (EventID: 604) (User: )Description: SearchIndexer (2980) Locale ID 0x0000040d (Hebrew Hebrew) is either invalid or not installed on this machine. Error: (06/26/2015 09:12:01 PM) (Source: Windows Search Service) (EventID: 3026) (User: )Description: Advise Status Change failed. The system is probably low on resources. Free up resources and restart the service. Context: Application, SystemIndex Catalog Details:The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (0x8004117f) System errors:=============Error: (07/01/2015 09:55:19 PM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: The שירות HP CUE DeviceDiscovery Service service hung on starting. Error: (07/01/2015 09:53:49 PM) (Source: 0) (EventID: 4311) (User: )Description: Error: (07/01/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: The שירות HP CUE DeviceDiscovery Service service hung on starting. Error: (07/01/2015 07:26:33 PM) (Source: 0) (EventID: 4311) (User: )Description: Error: (06/30/2015 06:57:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: The שירות HP CUE DeviceDiscovery Service service hung on starting. Error: (06/30/2015 06:55:26 PM) (Source: 0) (EventID: 4311) (User: )Description: Error: (06/28/2015 09:53:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: The שירות HP CUE DeviceDiscovery Service service hung on starting. Error: (06/28/2015 09:52:12 PM) (Source: 0) (EventID: 4311) (User: )Description: Error: (06/26/2015 09:13:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: The שירות HP CUE DeviceDiscovery Service service hung on starting. Error: (06/26/2015 09:11:39 PM) (Source: 0) (EventID: 4311) (User: )Description: Microsoft Office:=========================Error: (07/01/2015 09:53:55 PM) (Source: Windows Search Service) (EventID: 3026) (User: )Description: Context: Application, SystemIndex Catalog Details:The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (0x8004117f) Error: (07/01/2015 09:53:55 PM) (Source: ESENT) (EventID: 604) (User: )Description: SearchIndexer28360x0000040dHebrewHebrew Error: (07/01/2015 07:26:42 PM) (Source: Windows Search Service) (EventID: 3026) (User: )Description: Context: Application, SystemIndex Catalog Details:The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (0x8004117f) Error: (07/01/2015 07:26:42 PM) (Source: ESENT) (EventID: 604) (User: )Description: SearchIndexer31240x0000040dHebrewHebrew Error: (06/30/2015 06:55:41 PM) (Source: Windows Search Service) (EventID: 3026) (User: )Description: Context: Application, SystemIndex Catalog Details:The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (0x8004117f) Error: (06/30/2015 06:55:41 PM) (Source: ESENT) (EventID: 604) (User: )Description: SearchIndexer31440x0000040dHebrewHebrew Error: (06/29/2015 10:09:43 PM) (Source: Windows Search Service) (EventID: 3024) (User: )Description: Context: Application, SystemIndex Catalog Error: (06/28/2015 09:52:27 PM) (Source: Windows Search Service) (EventID: 3026) (User: )Description: Context: Application, SystemIndex Catalog Details:The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (0x8004117f) Error: (06/28/2015 09:52:27 PM) (Source: ESENT) (EventID: 604) (User: )Description: SearchIndexer29800x0000040dHebrewHebrew Error: (06/26/2015 09:12:01 PM) (Source: Windows Search Service) (EventID: 3026) (User: )Description: Context: Application, SystemIndex Catalog Details:The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (0x8004117f) ==================== Memory info =========================== Processor: Intel® Core2 Duo CPU E8400 @ 3.00GHzPercentage of memory in use: 53%Total physical RAM: 2047.04 MBAvailable physical RAM: 946.8 MBTotal Virtual: 3939.82 MBAvailable Virtual: 2908.99 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:149.04 GB) (Free:123.45 GB) NTFS ==>[Drive with boot components (Windows XP)]Drive d: () (Fixed) (Total:149.04 GB) (Free:133.04 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 2C6B2C6A)Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=149 GB) - (Type=OF Extended) ==================== End of log ============================

July 1, 2015
49 replies
- setup
- install
- (and 2 more)
  Tagged with:
  - setup
  - install
  - fail
  - runtime

Can't install Malwarebytes

ItielMaN posted a topic in Malwarebytes for Windows Support Forum

Hey there, Been using MBAM for about 5 years now My friend's PC had a virus attack (PicexaViewer) and after help from nasdaq from Bleeping Computer (would be better if you first read this topic since FRST log is there) her PC is clean now (I think) but I can't run/install MBAM. Right upon installation I get this error: Now I know MBAM installer is not to blame but I still want to find a solution to this since I'm out of more ideas. Using Windows XP SP3, Avast antivirus free installed. Things I've tried: 1. Try installing in Safe mode. Same issue. 2. Runnig mbam-clean-2.1.1.1001 (although unnecessary since MBAM was never installed). 3. Seeking help (as I said) from Bleeping Computer to see if a virus is stopping MBAM from running- Windows supposed to be clean now. 4. Running mbam chameleon- to no avail. 5. I've seen reports over the internet that installing Microsoft Visual C++ 2005 Runtime would help. I think installation failed but can't be sure about it. No "installation completed" message in the end. 6. I had ESET SS before. Tried uninstalling it totally (normally and afterwards with ESET own uninstaller ESETUninstaller.exe from safe mode) and rebooted- and still the same without any security product installed. 7. Trying this. 8. Applying some fixes (see the topic above from Bleeping Computer). Notes: 1. Can't run sfc /scannow since I'm connected to this PC via TeamViewer and Windows XP installation disk is not around. 2. Combofix also won't run since it gives an error (Warning!! Do not run ComboFix in Compatibility Mode. Doing so may damage the machine) also from safe mode. Note that this user is the administrator. Any thoughts about this? Thanks.

June 26, 2015
5 replies
- setup
- install
- (and 2 more)
  Tagged with:
  - setup
  - install
  - fail
  - runtime

SDKDatabaseLoadDefaults failed with code: 2

kylesmithyyy posted a topic in Malwarebytes for Windows Support Forum

When trying to run a MalwareBytes Anti-Malware scan on a Remote Desktop I am met with the following error: "SDKDatabaseLoadDefaults failed with code: 2" Tried restarting MalwareBytes, no luck. Any suggestions? Thanks.

June 16, 2014
8 replies
- scan fail
- fail
- (and 7 more)
  Tagged with:
  - scan fail
  - fail
  - scan
  - error
  - error 2
  - code 2
  - sdk
  - database
  - failed

cant install mbam

alzoran posted a topic in Malwarebytes for Windows Support Forum

pls help me sir i have downloaded mbam because my computer was infected by a malware when there is a mysterious CMD promt everytime i start my computer, at first i try to not allow it but i was really annoyed by it and allowed it (im stupid) and now after i reboot my computer my antivirus and my mbam are not launching and cant be opened. so deleted it. and tried to reinstall it but now i get this prompt from the setup pls help. im not good at this kind of problem so please bare with me i do not also know how to post logs need urgent help

April 13, 2014
1 reply
- mbam
- failed
- (and 7 more)
  Tagged with:
  - mbam
  - failed
  - cant cant install
  - installation
  - install
  - malwarebytes
  - fail installation
  - fail
  - setup fail

Unable to install MBAM (access denied to unspecified directory)

bigfoot1291 posted a topic in Resolved Malware Removal Logs

So I've never really had an issue with MBAM before, but recently when I went to do a routine scan, I noticed that MBAM would just crash almost instantly upon choosing any scan options. The only other scanning software I use is MSSE, so naturally I fired that up and it didn't find anything of note. I tried rebooting, but still wouldn't run MBAM. Uninstalled MBAM to try and reinstall, and now it's telling me the error as seen in the screenshot below. Tried a few other misc. things, but nothing seemed to work. My computer is otherwise running as normal and doesn't seem to be showing any signs of malicous software running, but I would MUCH rather be safe than sorry, especially when something isn't running correctly that has served me well for years. Thank you for any assistance. attach.txt dds.txt

January 27, 2014
19 replies
- Install
- fail
- (and 6 more)
  Tagged with:
  - Install
  - fail
  - access
  - denied
  - malware
  - bytes
  - malwarebytes
  - mbam

Malware updates fails to update in network profile with limited rights

1800askruss posted a topic in Malwarebytes for Windows Support Forum

I was testing malware pro for a friend in a network environment (xp machines, 2003 server, roaming profiles). The users could never install applications due to right restrictions. The malware did not ever seem to update. He removed and went to test other solutions. To malware staff and the group was there a way to make this work. Also what could be done when a full program update was needed? Thank You

September 3, 2012
1 reply
- update
- fail
- (and 2 more)
  Tagged with:
  - update
  - fail
  - network
  - rights

Search the Community

Search By Tags

Search By Author

Content Type

Forums

Find results in...

Find results that contain...

Date Created

Start

End

Last Updated

Start

End

Filter by number of...

Minimum number of comments

Minimum number of replies

Minimum number of views

Joined

Start

End

Group

AIM

MSN

Website URL

ICQ

Yahoo

Jabber

Location

Interests

Important Information