Jump to content

Search the Community

Showing results for tags 'failed'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 19 results

  1. My headsets stopped working when i removed a malware from my PC. I clicked on restart via malwarebytes for the removal process to be finished and then my PC frose on the blue screen where it says restarting and then i turned the PC off and turned it on again. But once i did my PC had remove my headsets software drive and also out of nowhere my device driver was not working properly and the troubleshooter didn't detect anything. I need help pls someone help me and also this happend to my gaming headset directly after the restart and also now i have no malware left or any threat or virus but i watched YouTube and try to see solutions and not any solution worked. So pls I need someone in Support & Help to help me because no YouTube videos could help me and also pls contact me as fast as possible or comment if you know a solution. (i have checked for update drivers for my specific headsets if didn't even have any)
  2. I had problems that had prevented me from installing or using any anti-virus software. I had to run a special build of Malwarebytes anti-rootkit from here to solve that problem and install Malware Bytes. Here's the forum where I posted my problems and was helped. I was redirected to this post and was able to do the threat scan; however, whenever I click on the link for the Farbar Recovery Scan tool, my browser closes. I am using Microsoft Edge as I had to uninstall both Google Chrome and Mozilla Firefox when they faced numerous problems and refused to open. I was strongly recommended to post here despite having Malware Bytes running on my computer. Here are the logs: quarantine log.txt threat log.txt system-log.txt mbar-log-2018-04-09 (12-49-04).txt mbar-log-2018-04-09 (17-18-19).txt
  3. Error message says "Download Failed. Check Internet connection and try again." My Internet connection is okay however.
  4. Hello, I'm unable to activate my premium after upgrading to version 3. This is the first time I'm having this issue and I believe I have a lifetime premium subscription. Is it safe to upload a screenshot with my key? Many thanks for your help.
  5. I recently got a virus and removed around 500 malware using malwarebytes and adwcleaner, but there is still 37 stubborn malware still affecting my pc. I scan via malwarebytes and quarantine which prompts a reboot, however, those 37 malware are still on my pc due to the repeated action of "removal failed". Each time I rescan and attempt to quarantine, the malware just keeps reappearing and not being deleted. When I run adwcleaner, it says "no unwanted element found!". but there are still trojans on my pc. I have included my exported log: log.txt and my adwcleaner log: AdwCleaner[S5].txt
  6. FIrst I should note that I am running the free version of Malwarebytes. I received a notification that Malwarebytes detected an issue through my Windows 7 pop-up notification tray. When I clicked on it to see the status of Malwarebytes and the "issue" nothing happened. Now when I attempt to run Malwarebytes the program won't open. A quick Google search led me to Chameleon but that doesn't seem to be helping either. No matter what icon I click on provided in the zip file I can't see the Chameleon program I've seen in screenshots that shows the different Tests. I click on each one and a DOS window appears attempting to either download Malwarebytes or scan. The best result I've had was Chameleon successfully downloading and installing Malwarebytes once more but the issue persists. The program will not open. I wouldn't be surprised if there is some user error behind troubleshooting this issue, but any help would be greatly appreciated.
  7. My management console is failing after about 24 hours of uptime. Specifically, I am getting an error with ID 7034 from source Service Control Manager Eventlog Provider, with the detial I am running Management Console version 1.7.0.3208 I am not sure where to begin troubleshooting this one. Search of forums came up blank for me. Any guidance would be appreciated.
  8. Hi, A remote user uninstalled Malwarebytes anti-malware and installed installed the anti-ransomware BETA and got this error below. Any thoughts? ["There was a problem activating your Malwarebytes anti-ransomware Beta". Your license failed to activate. ] Thank you. MR
  9. Hi there, I downloaded the beta from your website. I installed it as an Administrator. After installation it says ''Your license failed to activate''. Do i need a license for this beta ? and how will i get hold of a license ? I use Comodo Internet Security Premium v8.4.0.5076 I also use Malwarebytes Anti Malware and Malwarebytes Anti Exploit cheers xD
  10. Hi! I've been suffering with some malware that opens ads on the web browser (ad block is not working anymore) and don't let me download some softwares, like antivirus, including Malwarebytes, and my windows Firewall is constantly deactivating. I had to download Malwarebytes from other computer and copy here, but it didn't open. So I tried to use the Chameleon, but this is what happens: MBAM-Chameleon ver. 3.1.29.0 Press any key to continue Installing Driver... Protected Path: C:\Users\hehe_\Desktop\mbam-chameleon-3.1.29.0\Chameleon\Windows\ ...Done! Trying to start Malwarebytes Anti-Malware, please wait... ...Done! Updating MBAM... Response from update: Failed to start the update. Killing known malicious processes, please wait... Mbam-killer Timeout set to 1800 seconds. Mbam-killer is scanning - Press C to cancel... 3033: C:\ProgramData\System32\Download ...205130: C:\Users\hehe_\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.lo.209211: C:\Users\hehe_\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_hdapp1008-a.akamaihd.net_0.loc.210520: C:\Windows\Temp\zdengine.log .213770: HKLM\SOFTWARE\WOW6432NODE\omniboxesSoftware .216943: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\XBOX|ImagePath .221038: HKU\S-1-5-21-2225122007-2866054802-3030607489-1001\SOFTWARE\SIMPLEFILES .288840: C:\Users\hehe_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage\Configure.lnk .296801: C:\Users\hehe_\AppData\Roaming\SimpleFiles .299109: HKU\S-1-5-21-2225122007-2866054802-3030607489-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page .Mbam-killer scan is complete. Mbam-killer is exiting. Trying to start a scan - please wait... Failed to start the scan Removing protection driver... ...Done! Press any key to continue Can someone help please!!! I don't know what to do!
  11. My previous topic is here I have no idea what is causing this error, and if it is malware or not and I was told that I can get better support here. Some things to note: My disk is not encrypted with TrueCryptI have no other installed AVs besides MBAMA scan I did with Comodo Internet Security turned up cleanClean uninstalling and then reinstalling MBAM doesn't fix this errorThis error happens in Chameleon mode and Safe Mode Attached are the FRST and MBAM logs. Addition.txt CheckResults.txt FRST.txt
  12. Hello everyone, just a quick question. I usually use FRST to find any suspicious activity in my PC. Luckly, I never find anything. But today, something new happened. Some processes were marked with "Failed to access process", even if I'm in admin mode, I also found like 3 dllhost.exe running. Is that some kind of malware not letting me access Windows process (and also infecting them)? I will post both my .txt files (plus, I used Avast, MBAM and ESET Online scans - nothing infected). Thank you guys for helping me, and sorry for any problems caused. FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2015 Ran by SERN (administrator) on IBM-5100 on 08-02-2015 01:44:16Running from C:\Users\SERN-ADM\DownloadsLoaded Profiles: SERN & SERN-ADM (Available profiles: SERN & SERN-ADM)Platform: Windows 8.1 Pro (X64) OS Language: Português (Brasil)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) Failed to access process -> smss.exeFailed to access process -> csrss.exeFailed to access process -> csrss.exeFailed to access process -> services.exe(AMD) C:\Windows\System32\atiesrxx.exe(AMD) C:\Windows\System32\atieclxx.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe() C:\Windows\System32\PnkBstrA.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16.0.3327.1030_x64__8wekyb3d8bbwe\onenoteim.exe(Microsoft Corporation) C:\Windows\System32\UserAccountBroker.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2561848 2014-12-10] (Malwarebytes Corporation)HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-31] (AVAST Software)HKLM\...\RunOnce: [LaunchWebURL] => C:\ProgramData\LaunchURL.bat [141 2014-12-13] ()HKLM\...\RunOnce: [*Restore] => C:\WINDOWS\System32\rstrui.exe [271872 2014-09-24] (Microsoft Corporation)HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\6cb874d6-85a5-43b2-9e77-e0ebec44d9f8.exe /checkHKLM-x32\...\RunOnce: [{080B3DF2-8815-4E3E-AFBF-FA72E88B8A0E}] => cmd.exe /C start /D "C:\Users\SERN\AppData\Local\Temp" /B {080B3DF2-8815-4E3E-AFBF-FA72E88B8A0E}.exe -accepteula -accepteulaksn -activeimages -postbootShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-465716547-1104618823-2389287588-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pt-br/?ocid=iehpHKU\S-1-5-21-465716547-1104618823-2389287588-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pt-br/?ocid=iehpBHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cabTcpip\Parameters: [DhcpNameServer] 201.6.2.137 201.6.2.67 192.168.0.1 FireFox:========FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-22] Chrome: =======CHR Profile: C:\Users\SERN\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Apresentações) - C:\Users\SERN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-24]CHR Extension: (Google Docs) - C:\Users\SERN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-24]CHR Extension: (Google Drive) - C:\Users\SERN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-24]CHR Extension: (YouTube) - C:\Users\SERN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-24]CHR Extension: (Pesquisa do Google) - C:\Users\SERN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-24]CHR Extension: (Planilhas do Google) - C:\Users\SERN\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-24]CHR Extension: (Google Wallet) - C:\Users\SERN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-24]CHR Extension: (Gmail) - C:\Users\SERN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-24]CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-22] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-22] (AVAST Software)R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2015-01-22] (AVAST Software)R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [555320 2014-12-10] (Malwarebytes Corporation)S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-19] (Electronic Arts)R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-12-15] ()R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-12-15] ()S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-22] ()R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2015-01-22] (AVAST Software)R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-22] (AVAST Software)R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2015-01-22] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-22] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-22] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-22] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-22] (AVAST Software)R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-22] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-22] ()R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2014-12-10] ()S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-08 01:25 - 2015-02-08 01:43 - 00024616 _____ () C:\Users\SERN-ADM\Downloads\Addition.txt2015-02-08 01:24 - 2015-02-08 01:44 - 00009908 _____ () C:\Users\SERN-ADM\Downloads\FRST.txt2015-02-08 01:23 - 2015-02-08 01:23 - 00000000 ____D () C:\Users\SERN-ADM\Downloads\FRST-OlderVersion2015-02-03 18:02 - 2015-02-03 18:02 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\SERN-ADM\Downloads\mbam-setup-2.0.4.1028.exe2015-02-03 18:02 - 2015-02-03 18:02 - 00321848 _____ (Malwarebytes Corporation) C:\Users\SERN-ADM\Downloads\mbam-clean-2.1.1.1001.exe2015-02-02 19:59 - 2015-02-02 19:59 - 02347384 _____ (ESET) C:\Users\SERN-ADM\Downloads\esetsmartinstaller_enu.exe2015-02-01 15:22 - 2015-02-01 15:22 - 00000000 ____D () C:\Users\Todos os Usuários\ATI2015-02-01 15:22 - 2015-02-01 15:22 - 00000000 ____D () C:\ProgramData\ATI2015-01-22 18:45 - 2015-01-22 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit2015-01-22 18:45 - 2015-01-22 18:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit2015-01-22 18:44 - 2015-02-07 16:52 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2015-01-22 18:44 - 2015-01-22 18:44 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-01-22 18:44 - 2015-01-22 18:44 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes2015-01-22 18:44 - 2015-01-22 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-01-22 18:44 - 2015-01-22 18:44 - 00000000 ____D () C:\ProgramData\Malwarebytes2015-01-22 18:44 - 2015-01-22 18:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-01-22 18:44 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2015-01-22 18:44 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys2015-01-22 18:44 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2015-01-22 18:36 - 2015-01-22 18:36 - 00449936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys2015-01-22 18:36 - 2015-01-22 18:36 - 00028184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys2015-01-22 18:36 - 2015-01-22 18:36 - 00001986 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk2015-01-22 18:36 - 2015-01-22 18:30 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe2015-01-22 18:33 - 2015-01-22 18:33 - 00000000 ____D () C:\Users\SERN-ADM\AppData\Roaming\AVAST Software2015-01-22 18:31 - 2015-01-22 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software2015-01-22 18:31 - 2015-01-22 18:31 - 00000000 ____D () C:\AVAST Software2015-01-22 18:30 - 2015-02-08 01:26 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update2015-01-22 18:30 - 2015-01-22 18:31 - 00087912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys2015-01-22 18:30 - 2015-01-22 18:30 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys2015-01-22 18:30 - 2015-01-22 18:30 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys2015-01-22 18:30 - 2015-01-22 18:30 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys2015-01-22 18:30 - 2015-01-22 18:30 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys2015-01-22 18:30 - 2015-01-22 18:30 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys2015-01-22 18:30 - 2015-01-22 18:30 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys2015-01-22 18:30 - 2015-01-22 18:30 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr2015-01-22 18:30 - 2015-01-22 18:30 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys2015-01-22 18:26 - 2015-01-22 18:27 - 00000000 ____D () C:\Users\Todos os Usuários\AVAST Software2015-01-22 18:26 - 2015-01-22 18:27 - 00000000 ____D () C:\ProgramData\AVAST Software2015-01-22 18:23 - 2015-01-22 18:27 - 00000000 ____D () C:\Program Files\AVAST Software2015-01-20 19:09 - 2014-04-15 21:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll2015-01-20 19:09 - 2014-04-15 21:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll2015-01-20 00:06 - 2015-02-07 16:48 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes Anti-Exploit2015-01-20 00:06 - 2015-02-07 16:48 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit2015-01-19 16:25 - 2015-01-19 16:25 - 00000000 __SHD () C:\Users\SERN-ADM\AppData\Local\EmieBrowserModeList2015-01-17 03:13 - 2015-01-17 03:13 - 00002805 _____ () C:\Users\SERN\Desktop\RKreport_SCN_01172015_031215.log2015-01-14 15:48 - 2014-12-19 04:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys2015-01-14 15:48 - 2014-12-12 00:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe2015-01-14 15:48 - 2014-12-11 22:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys2015-01-14 15:48 - 2014-12-08 23:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll2015-01-14 15:48 - 2014-12-08 17:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll2015-01-14 15:48 - 2014-12-08 17:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll2015-01-14 15:48 - 2014-12-08 17:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll2015-01-14 15:48 - 2014-12-08 17:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll2015-01-14 15:48 - 2014-12-08 17:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll2015-01-14 15:48 - 2014-12-08 17:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll2015-01-14 15:48 - 2014-12-08 17:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe2015-01-14 15:48 - 2014-12-08 17:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe2015-01-14 15:48 - 2014-12-06 01:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll2015-01-14 15:48 - 2014-12-05 23:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll2015-01-14 15:48 - 2014-12-05 23:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll2015-01-14 15:48 - 2014-10-29 02:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe2015-01-14 15:48 - 2014-10-29 02:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe2015-01-14 15:48 - 2014-10-29 01:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll2015-01-14 15:48 - 2014-10-29 01:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll2015-01-14 15:48 - 2014-10-29 01:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll2015-01-14 15:48 - 2014-10-29 01:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe2015-01-14 15:48 - 2014-10-29 01:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe2015-01-14 15:48 - 2014-10-29 01:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe2015-01-14 15:48 - 2014-10-29 01:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll2015-01-14 15:48 - 2014-10-29 01:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll2015-01-14 15:48 - 2014-10-29 01:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll2015-01-14 15:48 - 2014-10-29 00:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll2015-01-14 15:48 - 2014-10-28 23:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll2015-01-14 15:48 - 2014-10-28 23:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll2015-01-14 15:48 - 2014-10-28 23:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll2015-01-14 15:48 - 2014-10-28 23:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll2015-01-10 12:19 - 2015-02-03 14:05 - 00000000 ____D () C:\Users\SERN\AppData\Local\CrashDumps2015-01-10 12:17 - 2015-01-10 12:17 - 00000000 ____D () C:\gravity ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-08 01:44 - 2014-12-18 02:29 - 00000000 ____D () C:\FRST2015-02-08 01:41 - 2013-08-22 12:46 - 00301818 _____ () C:\WINDOWS\setupact.log2015-02-08 01:41 - 2013-08-22 12:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT2015-02-08 01:40 - 2014-10-24 03:02 - 00000000 ____D () C:\Program Files (x86)\Steam2015-02-08 01:40 - 2014-10-24 02:18 - 02089439 _____ () C:\WINDOWS\WindowsUpdate.log2015-02-08 01:40 - 2013-08-22 11:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI2015-02-08 01:25 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\AppReadiness2015-02-08 01:23 - 2014-12-18 02:14 - 02132992 _____ (Farbar) C:\Users\SERN-ADM\Downloads\FRST64.exe2015-02-08 01:22 - 2014-11-04 01:02 - 00003954 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{23CBD818-4DC2-46F3-9F3F-9A3E033F9062}2015-02-08 01:21 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\sru2015-02-07 17:34 - 2014-10-24 03:16 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-465716547-1104618823-2389287588-10052015-02-05 17:29 - 2012-07-26 05:59 - 00000000 ____D () C:\WINDOWS\CbsTemp2015-02-05 17:11 - 2014-10-24 02:49 - 00004066 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA2015-02-05 17:11 - 2014-10-24 02:49 - 00003830 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore2015-02-05 17:11 - 2014-10-24 02:49 - 00001094 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2015-02-05 17:11 - 2014-10-24 02:49 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2015-02-04 18:34 - 2014-10-24 11:39 - 00000000 ____D () C:\Users\SERN-ADM\AppData\Roaming\Skype2015-02-04 16:51 - 2014-12-12 21:57 - 00000000 ____D () C:\Users\SERN-ADM\AppData\Local\CrashDumps2015-02-03 17:31 - 2014-09-24 06:09 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe2015-02-03 17:31 - 2014-09-24 06:09 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl2015-01-23 08:46 - 2014-11-03 15:41 - 00037624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys2015-01-23 07:49 - 2014-12-13 15:58 - 00000000 ____D () C:\Users\SERN-ADM\AppData\Roaming\Raptr2015-01-22 19:00 - 2014-10-24 03:10 - 00000000 ____D () C:\Users\SERN-ADM\AppData\Local\Google2015-01-22 18:56 - 2014-09-24 00:30 - 00833766 _____ () C:\WINDOWS\PFRO.log2015-01-21 09:57 - 2014-10-24 03:10 - 00000000 ____D () C:\Users\SERN-ADM2015-01-20 16:01 - 2014-11-03 15:41 - 00000000 ____D () C:\Users\Todos os Usuários\RogueKiller2015-01-20 16:01 - 2014-11-03 15:41 - 00000000 ____D () C:\ProgramData\RogueKiller2015-01-20 16:01 - 2014-10-24 03:08 - 00000000 ___RD () C:\Program Files (x86)\Skype2015-01-20 16:01 - 2014-10-24 02:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2015-01-20 16:01 - 2014-09-24 06:06 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel2015-01-20 16:01 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Macromed2015-01-20 16:01 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Macromed2015-01-20 16:01 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep2015-01-20 15:56 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\registration2015-01-19 01:51 - 2012-07-26 06:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports2015-01-14 16:53 - 2014-10-24 00:23 - 00000000 ____D () C:\WINDOWS\system32\MRT2015-01-14 16:50 - 2014-10-24 00:23 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2015-01-13 19:46 - 2014-10-24 03:08 - 00000000 ____D () C:\Users\Todos os Usuários\Skype2015-01-13 19:46 - 2014-10-24 03:08 - 00000000 ____D () C:\ProgramData\Skype ==================== Files in the root of some directories ======= 2014-12-13 15:56 - 2014-12-13 15:56 - 0000141 _____ () C:\ProgramData\LaunchURL.bat Files to move or delete:====================C:\ProgramData\LaunchURL.batC:\Users\Todos os Usuários\LaunchURL.bat Some content of TEMP:====================C:\Users\SERN\AppData\Local\Temp\dllnt_dump.dllC:\Users\SERN\AppData\Local\Temp\raptrpatch.exeC:\Users\SERN\AppData\Local\Temp\raptr_stub.exeC:\Users\SERN\AppData\Local\Temp\{080B3DF2-8815-4E3E-AFBF-FA72E88B8A0E}.exeC:\Users\SERN-ADM\AppData\Local\Temp\sonarinst.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-02 07:40 ==================== End Of Log ============================ Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-02-2015Ran by SERN at 2015-02-08 01:44:44Running from C:\Users\SERN-ADM\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)Call of Duty (HKLM-x32\...\Steam App 2620) (Version: - Infinity Ward)Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)Cherry Tree High Comedy Club (HKLM-x32\...\Steam App 214610) (Version: - 773)Cherry Tree High I! My! Girls! (HKLM-x32\...\Steam App 333220) (Version: - 773)ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) HiddenGoogle Update Helper (x32 Version: 1.3.26.9 - Google Inc.) HiddenGuncraft (HKLM-x32\...\Steam App 241720) (Version: - Exato Games Studio)If My Heart Had Wings (HKLM-x32\...\Steam App 326480) (Version: - Moenovel)Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)Long Live The Queen (HKLM-x32\...\Steam App 251990) (Version: - Hanako Games)Malwarebytes Anti-Exploit version 1.05.1.1016 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.05.1.1016 - Malwarebytes)Malwarebytes Anti-Malware versão 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)Raptr (HKLM-x32\...\Raptr) (Version: - )Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)The Cat Lady (HKLM-x32\...\Steam App 253110) (Version: - Harvester Games)The Way of Life (HKLM-x32\...\Steam App 310370) (Version: - Fabio Ferrara) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 31-01-2015 13:25:08 Windows Update05-02-2015 17:28:56 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 11:25 - 2013-08-22 11:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {2B54D8B7-D3F3-4FA3-8029-07DF4167F499} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-14] (Microsoft Corporation)Task: {76FE62CE-2517-4080-B3F6-8C84B58FF389} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)Task: {A3B75793-9A21-4609-87DA-DEA35A5D8F1C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)Task: {D761FDD7-50FB-4F61-AB43-2B6E1FEDB482} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-22] (AVAST Software)Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2014-11-20 21:23 - 2014-11-20 21:23 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll2014-12-15 01:43 - 2014-12-15 01:43 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe2015-02-07 16:48 - 2015-02-07 16:48 - 02912768 _____ () C:\Program Files\AVAST Software\Avast\defs\15020701\algo.dll2015-01-22 18:30 - 2015-01-22 18:30 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\22792473.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\22792473.sys => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Registry Areas ===================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-465716547-1104618823-2389287588-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpgHKU\S-1-5-21-465716547-1104618823-2389287588-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrador (S-1-5-21-465716547-1104618823-2389287588-500 - Administrator - Disabled)Convidado (S-1-5-21-465716547-1104618823-2389287588-501 - Limited - Disabled)SERN (S-1-5-21-465716547-1104618823-2389287588-1001 - Administrator - Enabled) => C:\Users\SERNSERN-ADM (S-1-5-21-465716547-1104618823-2389287588-1005 - Limited - Enabled) => C:\Users\SERN-ADM ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (02/07/2015 05:36:15 PM) (Source: SideBySide) (EventID: 78) (User: )Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.Os componentes conflitantes são:Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (02/07/2015 05:35:03 PM) (Source: SideBySide) (EventID: 78) (User: )Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.Os componentes conflitantes são:Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (02/06/2015 09:48:35 PM) (Source: SideBySide) (EventID: 78) (User: )Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.Os componentes conflitantes são:Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (02/06/2015 09:48:31 PM) (Source: SideBySide) (EventID: 78) (User: )Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.Os componentes conflitantes são:Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (02/05/2015 11:56:40 PM) (Source: SideBySide) (EventID: 78) (User: )Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.Os componentes conflitantes são:Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (02/05/2015 11:56:36 PM) (Source: SideBySide) (EventID: 78) (User: )Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.Os componentes conflitantes são:Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (02/05/2015 05:29:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details:AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error:Acesso negado.. Error: (02/05/2015 04:35:33 PM) (Source: SideBySide) (EventID: 78) (User: )Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.Os componentes conflitantes são:Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (02/05/2015 04:22:51 PM) (Source: SideBySide) (EventID: 78) (User: )Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.Os componentes conflitantes são:Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (02/05/2015 04:22:46 PM) (Source: SideBySide) (EventID: 78) (User: )Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.Os componentes conflitantes são:Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. System errors:=============Error: (02/08/2015 01:41:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Não foi possível iniciar o serviço AODDriver4.2.0 devido ao seguinte erro: %%3 Error: (02/08/2015 01:40:34 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível Error: (02/08/2015 01:21:30 AM) (Source: atapi) (EventID: 11) (User: )Description: O driver detectou um erro de controlador em \Device\Ide\IdePort0. Error: (02/07/2015 07:41:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Não foi possível iniciar o serviço AODDriver4.2.0 devido ao seguinte erro: %%3 Error: (02/07/2015 04:46:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Não foi possível iniciar o serviço AODDriver4.2.0 devido ao seguinte erro: %%3 Error: (02/06/2015 09:47:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Não foi possível iniciar o serviço AODDriver4.2.0 devido ao seguinte erro: %%3 Error: (02/06/2015 07:40:52 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível Error: (02/06/2015 06:48:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Não foi possível iniciar o serviço AODDriver4.2.0 devido ao seguinte erro: %%3 Error: (02/06/2015 04:50:08 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível Error: (02/06/2015 07:05:57 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível Microsoft Office Sessions:=========================Error: (02/07/2015 05:36:15 PM) (Source: SideBySide) (EventID: 78) (User: )Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (02/07/2015 05:35:03 PM) (Source: SideBySide) (EventID: 78) (User: )Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (02/06/2015 09:48:35 PM) (Source: SideBySide) (EventID: 78) (User: )Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\SERN-ADM\Downloads\esetsmartinstaller_enu.exe Error: (02/06/2015 09:48:31 PM) (Source: SideBySide) (EventID: 78) (User: )Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\SERN-ADM\Downloads\esetsmartinstaller_enu.exe Error: (02/05/2015 11:56:40 PM) (Source: SideBySide) (EventID: 78) (User: )Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\SERN-ADM\Downloads\esetsmartinstaller_enu.exe Error: (02/05/2015 11:56:36 PM) (Source: SideBySide) (EventID: 78) (User: )Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\SERN-ADM\Downloads\esetsmartinstaller_enu.exe Error: (02/05/2015 05:29:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )Description: Details:AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error:Acesso negado. Error: (02/05/2015 04:35:33 PM) (Source: SideBySide) (EventID: 78) (User: )Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (02/05/2015 04:22:51 PM) (Source: SideBySide) (EventID: 78) (User: )Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\SERN-ADM\Downloads\esetsmartinstaller_enu.exe Error: (02/05/2015 04:22:46 PM) (Source: SideBySide) (EventID: 78) (User: )Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\SERN-ADM\Downloads\esetsmartinstaller_enu.exe CodeIntegrity Errors:=================================== Date: 2015-01-22 18:33:43.515 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: AMD Phenom II X6 1090T ProcessorPercentage of memory in use: 12%Total physical RAM: 8189.55 MBAvailable physical RAM: 7133.35 MBTotal Pagefile: 9469.55 MBAvailable Pagefile: 8373.91 MBTotal Virtual: 131072 MBAvailable Virtual: 131071.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.17 GB) (Free:851.38 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7068220E)Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  13. Whenever I try to run a scan, MBAM will ask to install database updates. Whether or not I let it install database updates, it will fail with either "SDKDatabaseLoadDefaults failed with code: 1812" or "SDKDatabaseLoadDefaults failed with code: 2". This same issue happens in both Chameleon mode and in Windows Safe Mode. I'm currently running Windows 7. (Ignore the Windows 8 theme)
  14. When trying to run a MalwareBytes Anti-Malware scan on a Remote Desktop I am met with the following error: "SDKDatabaseLoadDefaults failed with code: 2" Tried restarting MalwareBytes, no luck. Any suggestions? Thanks.
  15. Hello, I am trying to remotely deploy the client to a machine (through the management console) but I receive the follow message after the deployment "completes": I am deploying the client to a W7 Pro, fully updated, fresh install, no odd configurations, etc. I re-imaged the PC a 2nd time, but I still get this error. I have tried a local manual install, using an msi package created by the management console. but I still end up with the same error. I imaged a different workstation (same base image) before attempting this deployment and that first deployment had no issues. So the client appears to be installed but it fails to register with the server and doesn't show up in the console. I'm not sure what log file would be needed to help resolve this issue, but point me in the right direction and I can get it. Here is another snippet from the mee-log.txt file that may be relevant:
  16. pls help me sir i have downloaded mbam because my computer was infected by a malware when there is a mysterious CMD promt everytime i start my computer, at first i try to not allow it but i was really annoyed by it and allowed it (im stupid) and now after i reboot my computer my antivirus and my mbam are not launching and cant be opened. so deleted it. and tried to reinstall it but now i get this prompt from the setup pls help. im not good at this kind of problem so please bare with me i do not also know how to post logs need urgent help
  17. Hi there, I'm attaching (copy-pasting) 2 logs generated by following instructions at this link: https://forums.malwarebytes.org/index.php?showtopic=9573 This link also says to post a new topic here. I need help! I have a pop-up window telling me I need to update various software components on my laptop (Adobe, Picasa, so far...). I think I got a virus when I downloaded a free media player. I have Bitdefender Total Security 2013 on Autorun and it obviously missed this. Malwarebytes seems to have found something but I don't know what to do next. The window is still popping up. Thanks for any help you can offer! kno3 attach.txt .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2Install Date: 2010-02-04 7:04:27 PMSystem Uptime: 2014-03-22 11:59:37 AM (3 hours ago).Motherboard: Dell Inc. | | 0C234MProcessor: Intel® Core2 Duo CPU P8700 @ 2.53GHz | U2E1 | 785/1066mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 451 GiB total, 174.119 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP452: 2014-03-04 6:30:15 PM - Scheduled CheckpointRP453: 2014-03-12 8:29:53 AM - Scheduled CheckpointRP454: 2014-03-12 3:33:22 PM - Windows UpdateRP455: 2014-03-18 11:27:29 AM - Windows Update.==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)Adobe AIRAdobe Flash Player 12 ActiveXAdobe Flash Player 12 PluginAdobe Reader X (10.1.9)Advanced Audio FX EngineApple Application SupportApple Mobile Device SupportApple Software UpdateATI Catalyst Control CenterAudio Creator LE 1.5Bitdefender Total SecurityBonjourCanon Auto Update ServiceCanon DIGITAL CAMERA Solution Disk Software GuideCanon MOV DecoderCanon MOV EncoderCanon MovieEdit Task for ZoomBrowser EXCanon PowerShot SX150 IS Camera User GuideCanon PowerShot SX230 HS and PowerShot SX220 HS Camera User GuideCanon Utilities CameraWindow DC 8Canon Utilities CameraWindow LauncherCanon Utilities Movie Uploader for YouTubeCanon Utilities MyCameraCanon Utilities PhotoStitchCanon Utilities ZoomBrowser EXCanon ZoomBrowser EX Memory Card UtilityCatalyst Control Center - BrandingCatalyst Control Center Core ImplementationCatalyst Control Center Graphics Full ExistingCatalyst Control Center Graphics Full NewCatalyst Control Center Graphics LightCatalyst Control Center Graphics Previews CommonCatalyst Control Center Graphics Previews VistaCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-core-staticccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCisco EAP-FAST ModuleCisco LEAP ModuleCisco PEAP ModuleCompatibility Pack for the 2007 Office systemD3DX10Dell DataSafe Local BackupDell DataSafe Local Backup - Support SoftwareDell DockDell Edoc ViewerDell Getting Started GuideDell TouchpadDell Webcam CentralDell Wireless WLAN Card UtilityDropboxEPSON Artisan 50 Series Printer UninstallEpson Print CDFile Type AssistantFree All-In-One Media PlayerGoogle ChromeGoogle DesktopGoogle DriveGoogle GearsGoogle Talk PluginGoogle Update HelperGoToAssist 8.0.0.514iCloudiTunesJava 7 Update 51Java Auto UpdaterJavaFX 2.1.1Junk Mail filter updateLastPass (uninstall only)Lexmark 2300 SeriesLive! Cam Avatar CreatorMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 4.5.1Microsoft Application Error ReportingMicrosoft Mouse and Keyboard CenterMicrosoft Office 2007 Primary Interop AssembliesMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Home and Student 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Professional Plus 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Suite Activation AssistantMicrosoft Office Word MUI (English) 2007Microsoft Search Enhancement PackMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable - KB2467175Microsoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual Studio 2005 Tools for Office RuntimeMicrosoft WorksMobileMe Control PanelMozilla Firefox 28.0 (x86 en-US)Mozilla Maintenance ServiceMSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP2 Parser and SDKPicasa 3PowerDVD DXQuickBooksQuickBooks Company File Diagnostic ToolQuickBooks EasyStart 2011QuickBooks Pro 2012Quickset64QuickTime 7Roxio BurnSafariSecurity Update for Microsoft .NET Framework 4.5.1 (KB2898869)Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition SkinsSONAR Home Studio 7Sound Blaster X-Fi MBStudio Instruments 1.0SupportSoft Assisted ServiceTurboTax 2010Update for 2007 Microsoft Office System (KB967642)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767849) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Visual Studio 2005 Tools for Office Second Edition RuntimeWildTangent GamesWindows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live SyncWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Media Player Firefox Plugin.==== Event Viewer Messages From Past Week ========.2014-03-22 12:00:34 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-21409935352014-03-22 12:00:34 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-21409935352014-03-22 12:00:34 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.2014-03-22 10:45:44 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.2014-03-22 10:45:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}2014-03-22 10:45:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}2014-03-22 10:45:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}2014-03-22 10:45:08 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}2014-03-22 10:45:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}2014-03-22 10:45:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}2014-03-22 10:45:03 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}2014-03-22 10:44:55 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}2014-03-22 10:44:42 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avc3 BdfNdisf bdfwfpf BDVEDISK CSC DfsC discache gzflt NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf2014-03-22 10:44:42 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.2014-03-22 10:44:42 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.2014-03-22 10:44:42 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.2014-03-22 10:44:42 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.2014-03-22 10:44:41 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.2014-03-22 10:44:41 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.2014-03-22 10:44:41 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.2014-03-22 10:44:41 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.2014-03-22 10:44:41 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.2014-03-22 10:44:41 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.2014-03-22 10:44:41 AM, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start.2014-03-21 6:55:53 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VSSERV service.2014-03-19 8:12:31 AM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.2014-03-19 12:28:51 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer OWNER-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{BD53D1BD-37C3-4DF7-93BC-4CA8FC64ABC6}. The master browser is stopping or an election is being forced.2014-03-16 7:41:13 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{BD53D1BD-37C3-4DF7-93BC-4CA8FC64ABC6} because another computer on the network has the same name. The server could not start..==== End Of File =========================== dds.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.51.2Run by Kris at 14:05:38 on 2014-03-22Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4061.2247 [GMT -6:00].AV: Bitdefender Antivirus *Enabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}SP: Bitdefender Antispyware *Enabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files\Bitdefender\Bitdefender\vsserv.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exeC:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exeC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Program Files\Dell\DellDock\DockLogin.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\atieclxx.exeC:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXEC:\Windows\system32\WLANExt.exeC:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exeC:\Windows\System32\spoolsv.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\taskhost.exeC:\Windows\system32\lxcgcoms.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\Dwm.exeC:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exec:\Program Files\Microsoft Mouse and Keyboard Center\itype.exec:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exeC:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exeC:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exeC:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXEC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Bitdefender\Bitdefender\updatesrv.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXEC:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exeC:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXEC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXEC:\Windows\System32\rundll32.exeC:\Program Files\Bitdefender\Bitdefender\bdagent.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\spool\drivers\x64\3\E_IATIFFA.EXEC:\Program Files\Bitdefender\Bitdefender\pmbxag.exeC:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXEC:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Users\Kris\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\File Type Assistant\TSAssist.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uSearch Bar = PreservemStart Page = about:blankmWinlogon: Userinit = userinit.exe,BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dlluRun: [EPSON Artisan 50 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIFFA.EXE /FU "C:\Windows\TEMP\E_SC616.tmp" /EF "HKCU"uRun: [bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"uRun: [bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"uRun: [bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizarduRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exeuRun: [Google Update] "C:\Users\Kris\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-windowmRun: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /rmRun: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startupmRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"dRun: [bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"dRun: [bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizarddRun: [bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"StartupFolder: C:\Users\Kris\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXEmPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}TCP: NameServer = 216.238.224.133 216.238.224.134TCP: Interfaces\{543145CB-4067-47E9-B599-2FDB62BA9A28} : DHCPNameServer = 10.0.0.1 72.13.161.10 64.56.147.170TCP: Interfaces\{BD53D1BD-37C3-4DF7-93BC-4CA8FC64ABC6} : DHCPNameServer = 216.238.224.133 216.238.224.134TCP: Interfaces\{BD53D1BD-37C3-4DF7-93BC-4CA8FC64ABC6}\2456C6C614134414 : DHCPNameServer = 192.168.0.1TCP: Interfaces\{BD53D1BD-37C3-4DF7-93BC-4CA8FC64ABC6}\830323E213132676E6D235359444 : DHCPNameServer = 192.168.1.254TCP: Interfaces\{E120A8A5-71CB-45BF-9ACF-871C3345F3C9} : DHCPNameServer = 70.28.245.255 204.101.237.136Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dllHandler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-mStart Page = about:blankx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exex64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exex64-Run: [RunDLLEntry] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\AmbRunE.dll,RunDLLEntryx64-Run: [bdagent] "C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"x64-Run: [LXCGCATS] rundll32 C:\Windows\System32\spool\DRIVERS\x64\3\LXCGtime.dll,RunDLLEntryx64-Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - <orphaned>x64-Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\3ecsykid.default\FF - prefs.js: browser.startup.homepage - chrome://lastpass/content/home.xul|hxxps://mail.google.com/mail/?shva=1#inbox|https://www.google.com/calendar/render?tab=mc&gsessionid=bogPNP1oB8gQoS5SnQuwkQFF - prefs.js: network.proxy.type - 0FF - component: C:\Program Files (x86)\Google\Google Gears\Firefox\lib\ff36\gears.dllFF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dllFF - component: C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\3ecsykid.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dllFF - component: C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\3ecsykid.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dllFF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Kris\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dllFF - plugin: C:\Users\Kris\AppData\Roaming\Mozilla\plugins\npgoogletalk.dllFF - plugin: C:\Users\Kris\AppData\Roaming\Mozilla\plugins\npo1d.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll.============= SERVICES / DRIVERS ===============.R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-7-17 893440]R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-7-18 150256]R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-1-23 55856]R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2013-7-18 93600]R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2013-7-18 103504]R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2013-7-17 76944]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-1-23 203264]R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2013-7-17 94624]R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-1-23 1692480]R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [2013-10-16 67320]R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2013-7-17 261056]R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-7-17 635392]R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2010-1-23 172704]R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-6-10 270848]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]S3 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2013-7-18 121928]S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2013-7-17 82824]S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-1-13 30192]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-12 111616]S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-8-2 22528]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-11 19456]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-6-11 57856]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-12 1255736]S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [2013-7-29 77632]S4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-1-23 79360]S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-1-23 79360]S4 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2010-1-23 79360].=============== Created Last 30 ================.2014-03-22 16:58:37 -------- d-----w- C:\Users\Kris\AppData\Roaming\Malwarebytes2014-03-22 16:58:27 -------- d-----w- C:\ProgramData\Malwarebytes2014-03-22 16:58:25 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2014-03-22 16:58:25 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-03-22 16:43:24 -------- d-----w- C:\Windows\pss2014-03-21 16:44:08 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-03-21 16:44:08 -------- d-----w- C:\Program Files\iTunes2014-03-21 16:44:08 -------- d-----w- C:\Program Files\iPod2014-03-21 16:44:08 -------- d-----w- C:\Program Files (x86)\iTunes2014-03-21 16:36:55 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll2014-03-21 16:36:55 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll2014-03-21 16:36:55 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll2014-03-21 16:36:55 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll2014-03-21 16:36:55 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll2014-03-19 18:29:48 -------- d-----w- C:\Users\Kris\AppData\Local\FileTypeAssistant2014-03-19 18:29:39 -------- d-----w- C:\Program Files (x86)\File Type Assistant2014-03-19 18:29:28 -------- d-----w- C:\Program Files (x86)\FreeAllInOneMediaPlayer2014-03-19 18:20:25 -------- d-----w- C:\Users\Kris\AppData\Local\{50485431-59A8-4EEA-A420-82473E6C9745}2014-03-12 13:46:27 228864 ----a-w- C:\Windows\System32\wwansvc.dll2014-03-12 13:45:16 624128 ----a-w- C:\Windows\System32\qedit.dll2014-03-12 13:45:16 509440 ----a-w- C:\Windows\SysWow64\qedit.dll2014-03-12 13:45:15 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll2014-03-12 13:45:15 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll2014-02-28 20:09:36 -------- d-----w- C:\Users\Kris\AppData\Local\{C423F79C-2591-485B-BD6B-6B489C64FFEA}.==================== Find3M ====================.2014-03-11 23:25:55 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2014-03-11 23:25:55 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2014-03-01 05:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe2014-03-01 04:11:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll2014-01-27 14:04:39 893440 ----a-w- C:\Windows\System32\drivers\avc3.sys2014-01-27 14:04:13 635392 ----a-w- C:\Windows\System32\drivers\avckf.sys2014-01-17 22:24:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx2014-01-17 22:24:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts2014-01-06 19:23:36 4558848 ----a-w- C:\Windows\SysWow64\GPhotos.scr2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll.============= FINISH: 14:06:25.82 ===============
  18. Hello, I've been having trouble trying to do an update from Windows Update... But it fails everytime. This has been happening for... possibly months and I've been ignoring it but I figured I should try and fix it... Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941) Installation date: ‎4/‎10/‎2013 1:15 AM Installation status: Failed Error details: Code 643 Update type: Important A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article. After you install this update, you may have to restart your system. More information: http://go.microsoft.com/fwlink/?LinkID=296794 Help and Support: http://support.microsoft.com I have Windows Vista, 32-bit, Avast Free. Let me know if I have to provide more information... Thanks!
  19. When trying to install malwarebytes as an administrator I get the message "the feature you are trying to use is on a network resource that is unavailable." The program seems to be looking for a scserver on a different user account. I tried to install using the other user account with the same results. I have ran the clean uninstall .exe and I get the same results. I have tried to install an older version of malwarebytes but then it tells me it cant install because there is a newer version installed. There is no form of malwarebyes installed.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.