Jump to content

Search the Community

Showing results for tags 'firewall'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. Hello guys, Basically I am having an issue with the EXIM feature (export/import) and I am wondering if anyone could please test the export/import function with their WFC rules (Options » Rules » Export Windows Firewall Rules) and then try and import them. Upon import, it shows a progress bar and then after a few seconds it states the operation / restore process was successful. I open up settings and navigate to rules on the left-hand menu. > Import Rules Reboot. However all the rules are exactly as they were prior to import. Nothing has changed. No rules have been imported. Reset Rules > Yes. > Import Rules Nothing changes! Just default WFC rules (or default Windows rules). I don't think the feature works... Or, perhaps there is a corruption in my rules? Nope. Cannot even restore default blank rule backup!!! Could someone please give this a try and see whether the rules are correctly restored? (e.g. delete one unimportant rule). Thank you! p.s. Posting in ''Malwarebytes for Windows'' as is it is Malwarebytes WFC for Windows! 😵
  2. Hello all, first time poster. I have started coming across weird networking/firewall issues after prolonged use of my computer (I leave my computer on for the most part.) I'd say after about 2-3 days of being on, these issues will suddenly start occurring. Such issues include - OBS Studio will not authenticate with Twitch to provide API elements (The chat and stream info windows will not appear, resuilting with the error: failed to authenticate with twitch) Loading webpages taking a longer time than before... about 10 seconds to load up a google search page. Microsoft Remote Desktop Protocol (RDP) will not work period - either via the internet or locally to my home server. My computer can ping my home server, but the server cannot ping my computer from command prompt.... despite my computers DHCP-assigned static IP showing up when using arp -a. Windows Defenders Firewall WILL NOT load (Although I hear that MBAM may set the Windows Defender processes to be Manual rather than automatic so that may explain this) When creating sessions in games like Monster Hunter World, the session takes F O R E V E R to load. Likewise, using Splashtop (my work's remote access software) to remotely access client computers also can take a prolonged time than normal. Restarting the computer resolves all these issues and everything works as normal. Me being in IT, I thought a networking issue might have been causing this (Specifically thinking that port 443 was being blocked or something) but after running several port checks, updating my routers firmware, updating my LAN driver on my pc ect I determined that the issue is isolated to my system. Then I found this post on Bleeping Computer (Hopefully link sharing is not against the rules here..): https://www.bleepingcomputer.com/forums/t/716117/cannot-open-windows-firewall/ And noticed all the similarities between me and this poster's issues - specifically that we both have MBAM Premium. After finding this revelation, I have come here to seek help on the matter. I am running Windows 10 1909 with MBAM Premium I apologize if this issue has been posted before but it is kind of difficult searching up this topic..
  3. Whatever this thing is it's running circles around malwarebytes that it has found nothing on top of acting wonky even after a fullscan. Sadly this occurred at the same exact time as those "malwarebytes not opening proper" and "tray icon not showing up" issues started coming in enmasse around 8-8-2020 on the forum making me believe it was a false positive. -Origin is most likely from malicious gelbooru ads around the time of 8-7-2020 (Sadly I did not get the memo that the current administrator is a scumbag who collaborates with malicious "ad" services when I went back there for the first time since about a decade to look for an old joke picture for someone) Completely bypassed both noscript and uBlock Origin. -All browser-type connections sluggish and do not load initially, game internets work fine (as fine as they normally do at least) quite noticeably sluggish internet on browsers that lasts roughly about 2 minutes or more, and only on the initial starting portion of the browser. Afterwards it seems to work just fine as long as I don't close and reopen it in which the issue repeats itself. -Browsers effected Includes: Firefox, Steam, and IE -Other symptom: Attempting to access the windows firewall via clicking on it via search from the control panel makes the window explorer "not responding" until I click the x off. -Having just activated steps taken: -Malwarebytes fullscan has found nothing and is likely compromised by the fact I recently activated a burner e-mail so I could turn its premium functions on (I dare not log in to my actual e-mail with this thing ongoing). -Activating premium functions has caused it not to open now, apparently the cause does not fear the regular/scheduled scanner, but will shutdown active defense. I have not restarted since this has been done. -adwcleaner 8.0_7 only cleared out old things I never bothered with like that yahoo toolbar and other preinstalled garbage such as Cyberlink,HP, Lenovo, and WildTangent to name those. -I have not done the basic repair functions that accomodate adwcleaner. -After it did this, I noticed that my windows virus definitions had updated automatically without my input when I went to do so manually. Is this a result of adwcleaner or the malicious thing? -Next step will likely be FSRT64.
  4. MB has been generating MANY notifications about a specific IP that is scanning my site. I have created an inbound rule in Windows Firewall to block a specific IP address. I was under the impression that the firewall would apply its rules before MB was able to detect the incoming IP. I am still getting the notifications from MB that it is blocking the IP. Any suggestions or comments are appreciated.
  5. Hi Malwarebytes, I'm keep getting Malwarebytes popup's about RTP detection on Trojans. I'v tried about everything, including putting all ip addresses noted by Malwarebytes in firewall block rules, both incoming and outgoing. I've run adwcleaner_8.0.0.exe which found 2 PUP entries: PUP.Optional.Legacy izito.nl and PUP.Optional.SofTonicAssistant Softonic NL. Both where removed by adwcleaner, but the somehow come back. I've also run HitmanPro but it shows tracking cookies only. And still Malwarebytes reports incoming Trojans. All reported Trojan inbound connections target port 445 (SMB), see attached log. On the system we're using Malwarebytes Premium 4.0.4 How is it even possible that these connection get through the firewall?? Any thoughts anyone? Cheers, Paul MBAMSERVICE.LOG
  6. Recently in the past week I have been having problems connecting to the desktop site of Discord and .io domain (Aggie.io), and called out to support in ways to see how I could fix it. I had tried to download Malwarebytes to scan my computer, but it said an error occured, so I tried to save a MBAR from another Malwarebytes forum, but it said an error had also occurred with my proxy server (for LAN). Is there any way to fix the proxy or scan for Malware, And to get rid of PUP's?
  7. Will Windows Firewall Control be part of MBAM 4?
  8. I can't get updates to work. Docs say permit three URLs in firewall. Firewall only lets me select "malwarebyes" app but not the three required URLs (see screenshot)
  9. We have an MWB Management Console on a server. I was given a link at one time regarding ports that need opening on the client machines. I need the documentation again. In fact, I am hoping you have a roll-out plan that includes opening up all needed port.
  10. I just purchased MWB for home. Do I continue to run Windows Defender and Windows Firewall?
  11. Hello! I need some help! I popped into my "Allowed apps" setting in Windows 10. I had TONS of weird ports, both TCP and UDP. I deleted all of them, but some keep coming back. No strange processes or services running, and a clean scan on Malwarebytes.
  12. I just put one of my small business clients onto MWB Premium for Teams. They have version 3.3.1. Another vendor installed a Fortinet firewall which broke the update process. It seems the AV filter is blocking access to the update site and won't allow signature updates to download. The vendor says there is a problem with the site and put version 2.2 in for testing. Since the problem disappears as soon as they disable the Fortinet AV filter, they've concluded that the firewall must be blocking MWB because of a MWB problem (??). They further claimed that once a problem materializes with version 3.x, it breaks ALL versions of MWB. I don't have access to the Fortinet box directly and it seems they are only logging category level hits on the filters and further details from the firewall are unavailable. Are you aware of any known problems with Malwarebytes and Fortinet firewalls? Is this a test configuration?
  13. Hello I am a new one and unfortunately would like to start submitting question. I am going to change my antivirus tool installed on my PC (XP SP3, home edition, Ralink Wireless, Linksys router ). There are some reasons encouraging me to use Malwarebytes Anti-Malware. The point is I cannot recognise “MBAM” has or not built firewall functionality in (I am not familiar with IT technology). The second question, if not - what would be interaction between MBAM and extraneous firewalls, for instance ZonAlarm or Sygate? Explanation would be appreciated.
  14. i recently removed the MPC Cleaner virus from my pc and now my Firewall will not start and i cannot sign in to mhy Wireless network. Iactually have a 2G and a 5G network but only the 2g ssid shows up in the scans. My other devices are able to access both ssid's and i am able to access the internet using a cable attached to my LAN port. Inanticipation of needing to contact support i downloaded FRST64 and ran a scan with pretty much every box checked. My computer is a Sony VAIO AllI In One vcpl137fx running windows 7 sp1. the only things i tried to do werer to get the Firewall and Wireless network working but nothing Microsoft suggested worked. Thank you, Danny R FRST.txt Addition.txt
  15. Hello! I would like a guide to release the anti-ransomware malwarebytes in squid proxy and firewall. What urls release? Which door? Someone can tell me? Thank you.
  16. I am not sure of the correct location to post this as it does not originate from the Malwarebytes application itself. My firewall showing possible port scans from 2 consistent IP addresses that resolve to being affiliated with Malwarebytes update sources.The firewall is a Sonicwall TZ210 that has been in place for quite a while. There has not been any updates to the configuration, except updates to the firmware and automatic definition updates This seems to be more prevalent recently in my firewall logs and just want to make sure that is not a threat, or if I have my firewall set too tight, as my Malwarebytes products (registered versions) seem to be updating without any issue. It does not seem to correlate when I run manual updates in Malwarebytes, but it seems to happen on a quite regular basis, as I see instances that happen on 10 minute intervals at 2 different time frames. (I have 2 licensed versions running) I can supply a log if needed, but would prefer to keep my public IP private The two IP addresses in question are and
  17. Hi all, I run a web server with a number of sites hosted on it. I have recently installed MalwareBytes and it keeps logging a number of ip addresses of malicious websites attempting to connect to my server. Although I believe that MalwareBytes is stopping such connections from doing any harm, I have, nevertheless, added the IP address's range to a blocking inbound rule on the web server's native firewall (Windows Server 2012). Despite this, MB keeps bringing up alerts of access attempts from the same IP addresses. Isn't the firewall supposed to block the connection before it even gets to the point where it is detected by MB? The firewall's rules appear to be working because when I added a friend's IP address to a rule, she could not access any of the sites on the server until I removed her IP again. Thank you
  18. Hi all, I run a web server with a number of sites hosted on it. I have recently installed MalwareBytes and it keeps logging a number of ip addresses of malicious websites attempting to connect to my server. Although I believe that MalwareBytes is stopping such connections from doing any harm, I have, nevertheless, added the IP address's range to a blocking inbound rule on the web server's native firewall (Windows Server 2012). Despite this, MB keeps bringing up alerts of access attempts from the same IP addresses. Isn't the firewall supposed to block the connection before it even gets to the point where it is detected by MB? The firewall's rules appear to be working because when I added a friend's IP address to a rule, she could not access any of the sites on the server until I removed her IP again. Thank you
  19. I've done a malwarebytes scan in safe mode with nothing found, tried doing some troubleshooting in the services and so on and so forth. Basically when I try to turn on the firewall it says that it needs to be done manually and then when you try to turn it on manually it comes up with error code 0x8007042c. I've tried turning on the service but I get "Error 1608: The dependency service or group failed to start." As far as the Malicious Webiste Protection, it will disable itself right after I enable it under the settings. Farbar Service Scanner Version: 17-01-2015 Ran by Jonathan Romero (administrator) on 22-05-2015 at 21:13:56 Running from "C:\Users\Jonathan Romero\Downloads\Software" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= MpsSvc Service is not running. Checking service configuration: The start type of MpsSvc service is OK. The ImagePath of MpsSvc service is OK. The ServiceDll of MpsSvc service is OK. bfe Service is not running. Checking service configuration: The start type of bfe service is OK. The ImagePath of bfe service is OK. The ServiceDll of bfe service is OK. Firewall Disabled Policy: ================== System Restore: ============ VSS Service is not running. Checking service configuration: The start type of VSS service is OK. The ImagePath of VSS service is OK. System Restore Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Demand. The default start type is Auto. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend service is OK. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 RpcSs Service is not running. Checking service configuration: The start type of RpcSs service is OK. The ImagePath of RpcSs service is OK. Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => File is digitally signed C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed C:\Windows\System32\dhcpcore.dll => File is digitally signed C:\Windows\System32\drivers\afd.sys => File is digitally signed C:\Windows\System32\drivers\tdx.sys => File is digitally signed C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed C:\Windows\System32\dnsrslvr.dll => File is digitally signed C:\Windows\System32\mpssvc.dll => File is digitally signed C:\Windows\System32\bfe.dll => File is digitally signed C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed C:\Windows\System32\SDRSVC.dll => File is digitally signed C:\Windows\System32\vssvc.exe => File is digitally signed C:\Windows\System32\wscsvc.dll => File is digitally signed C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed C:\Windows\System32\wuaueng.dll => File is digitally signed C:\Windows\System32\qmgr.dll => File is digitally signed C:\Windows\System32\es.dll => File is digitally signed C:\Windows\System32\cryptsvc.dll => File is digitally signed C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed C:\Windows\System32\ipnathlp.dll => File is digitally signed C:\Windows\System32\iphlpsvc.dll => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed **** End of log ****
  20. I've done a malwarebytes scan in safe mode with nothing found, tried doing some troubleshooting in the services and so on and so forth. Basically when I try to turn on the firewall it says that it needs to be done manually and then when you try to turn it on manually it comes up with error code 0x8007042c. I've tried turning on the service but I get "Error 1608: The dependency service or group failed to start." As far as the Malicious Webiste Protection, it will disable itself right after I enable it under the settings.
  21. I have this environment: - router with firewall enabled. SPI is not enabled. I enabled it after the fact. - host machine running Windows 7 SP1 x64. Firewall set to reject all inbound connections on all profiles (public, private and domain) as I don't transfer data between PCs. - guest OS Windows XP SP3 running in Virtualbox connected via NAT interface. No ports open in virtual NAT; - vm firewall also set to ignore exceptions. Virtual machine is in place to run somewhat risky applications in an attempt to keep my system clean: - Cool TV Online app is a Sopcast based TV online app. So it is P2P based. It also displays ads from adcash in pop-up everytime you click on something; - Hola Better Internet VPN extension for Firefox. Another P2P based app. Because both programs are P2P based I am expecting to see outbound connections blocked at host level on Virtualbox.exe which by way it happens sometimes, but inbound connections. This is odd, I'd like someone to explain me how this is possible. The alerts are not frequent, there are days when they don't happen. It mostly depends on how long either of them are running. I have some wild guesses about how this can happen, but I'd like a professional explanation: - Server to which I was connected informed of an IP change; that new IP is flagged as malicious in MBAM db; - Server #1 requested that Server #2 to take over (This is a P2P connection, so take overs seams to happen a lot), Server #2 IP is flagged as malicious so it wasn't allowed to check if I am still online. protection-log.txt
  22. Hello, Today I found out my internet was not working this morning. It was working yesterday night and now it is not.I tryed Google Chorme and IE but it still did not work. I think it is a virus. Here is some info: Error code : DNS_PROBE_FINISHED_NO_INTERNET OS: Windows 8.1 Anti-virus: Vodafone and AVG (Avg stopped working when I tryed it) (Vodafone can not load) Internet: Working fine for all computers except mine. Can someone please help me, Dennis Galway
  23. Hello. I think my computer infected malware. That malware turning off my firewall and cannot start windows firewall service error windows could not start windows firewall. Then i searching information about how to fix/turning on my firewall and security service (i tried to find it from local services but there is no list of this. All these methods didn't work to me. So luckily i did system restore. It's back to normal. BUT windows defender turned off. I tried to turn on WDefender but it's taking me this folder C:\Windows\system32 and notification about "Successfully blocked access malicious website" frequently appeared. How to delete that virus or malware. I want to back to normal my computer.. HELP!attach.rar Windows 8 64 Bit Intel core I7 This is dds.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16384 BrowserJavaVersion: 10.45.2Run by Mr. Merovingean at 21:59:05 on 2013-12-07Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.8061.4939 [GMT 8:00]..============== Running Processes ===============.C:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\dwm.exeC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXEC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exeC:\Program Files (x86)\Connectify\ConnectifyService.exeC:\Program Files\Conexant\SA3\CxUtilSvc.exeC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Program Files (x86)\Connectify\ConnectifyD.exeC:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exeC:\Program Files (x86)\Hotspot Shield\bin\hsswd.exec:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exeC:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exeC:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exeC:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exeC:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exeC:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exeC:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exeC:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exeC:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\dashost.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exeC:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exeC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Dell Backup and Recovery\SftService.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\taskhostex.exeC:\Program Files (x86)\Garena Plus\ggdllhost.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exeC:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXEC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exeC:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exeC:\Windows\System32\RuntimeBroker.exeC:\Program Files\Elantech\ETDCtrl.exeC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\Elantech\ETDCtrlHelper.exeC:\Program Files\Elantech\ETDGesture.exeC:\Program Files\Conexant\SA3\SmartAudio3.exeC:\Windows\System32\rundll32.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exeC:\Program Files (x86)\Razer\Synapse\RzSynapse.exeC:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\Internet Download Manager\IDMan.exeC:\Program Files (x86)\Internet Download Manager\IEMonitor.exeC:\Windows\System32\WUDFHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exeBHO: SuperAdBlockerBHO Class: {00000000-6C30-11D8-9363-000AE6309654} - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABBHO.dllBHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllBHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dllBHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLLBHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dllBHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dllTB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dllTB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dllTB: Super Ad Blocker Toolbar: {B4B3001E-0F56-4E51-8250-BDE11547EC55} - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabtb.dlluRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorunuRun: [uTorrent] "C:\Users\Mr. Merovingean\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZEDuRun: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunchuRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quietuRun: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exeuRun: [Google Update] "C:\Users\Mr. Merovingean\AppData\Local\Google\Update\GoogleUpdate.exe" /cmRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /RmRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"mRun: [Mart] C:\Program Files (x86)\QMT\Mart\Mart.exe -amRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-startmRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\runner_avp.exe"mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentStartupFolder: C:\Users\MREF4A~1.MER\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Sidebar.lnk - C:\Program Files\Windows Sidebar\sidebar.exeIE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.htmlIE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htmIE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htmIE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htmIE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dllIE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllIE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dllTCP: NameServer = Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696} : DHCPNameServer = Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\1303261696278347F6F647 : DHCPNameServer = Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\9464F43545 : DHCPNameServer = Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\9464F43545F523D2633343 : DHCPNameServer = Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\9464F43545F554D2630323 : DHCPNameServer = Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\9464F43545F554D2630343 : DHCPNameServer = Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\D4962716A6D264D223 : DHCPNameServer = text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLLHandler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLLHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllNotify: !SABWinLogon - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLLSSODL: WebCheck - <orphaned>SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000D7} - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABSEHB.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromeIFEO: deliverytray.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"IFEO: effectextractor.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"IFEO: hamachi-2-ui.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"IFEO: hd-apkhandler.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"IFEO: hd-startlauncher.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dllx64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dllx64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dllx64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllx64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLLx64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dllx64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - LocalServer32 - <no file>x64-Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exex64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exex64-Run: [smartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0+ /dne /sx64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayAppx64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exex64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dllx64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dllx64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dllx64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLLx64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLLx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>x64-IFEO: deliverytray.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"x64-IFEO: effectextractor.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"x64-IFEO: hamachi-2-ui.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"x64-IFEO: hd-apkhandler.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"x64-IFEO: hd-startlauncher.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe".Note: multiple IFEO entries found. Please refer to Attach.txt.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\Firefox\Profiles\73ke2yed.default\FF - plugin: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dllFF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dllFF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dllFF - plugin: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dllFF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Mr. Merovingean\AppData\Local\Google\Update\\npGoogleUpdate3.dllFF - plugin: C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\plugins\npgoogletalk.dllFF - plugin: C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dllFF - plugin: C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\plugins\npo1d.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dllFF - ExtSQL: 2013-11-01 08:50; mozilla_cc@internetdownloadmanager.com; C:\Users\Mr. Merovingean\AppData\Roaming\IDM\idmmzcc5FF - ExtSQL: 2013-11-06 11:59; {3e9a3920-1b27-11da-8cd6-0800200c9a66}; C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\Firefox\Profiles\73ke2yed.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}FF - ExtSQL: 2013-11-16 17:42; content_blocker@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.comFF - ExtSQL: 2013-11-16 17:42; url_advisor@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.comFF - ExtSQL: 2013-11-16 17:42; virtual_keyboard@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.comFF - ExtSQL: 2013-11-26 00:04; {58d2a791-6199-482f-a9aa-9b725ec61362}; C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\Firefox\Profiles\73ke2yed.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}FF - ExtSQL: 2013-12-04 15:13; afproxy@anchorfree.com; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com.---- FIREFOX POLICIES ----FF - user.js: browser.startup.page - 1FF - user.js: browser.newtab.url - .============= SERVICES / DRIVERS ===============.R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-10-27 651832]R0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [2013-9-8 56208]R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-11-20 92536]R1 cnnctfy2;Connectify LightWeight Filter;C:\Windows\System32\Drivers\cnnctfy2.sys [2013-11-24 31344]R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\Drivers\dtsoftbus01.sys [2013-9-7 283200]R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\Drivers\hssdrv6.sys [2013-11-16 44744]R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\Drivers\klim6.sys [2012-8-2 28504]R1 klwfp;klwfp;C:\Windows\System32\Drivers\klwfp.sys [2013-1-14 50448]R1 kneps;kneps;C:\Windows\System32\Drivers\kneps.sys [2012-8-13 178448]R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-7-17 731688]R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [2013-1-14 356128]R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-11-20 1091520]R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-11-20 1112000]R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2012-8-17 74616]R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-5-3 135952]R2 CodeMeter.exe;CodeMeter Runtime Server;C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2013-9-7 2568120]R2 Connectify;Connectify;C:\Program Files (x86)\Connectify\ConnectifyService.exe [2013-11-24 65536]R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-11-20 109184]R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2013-11-2 906024]R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-11-2 555304]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-20 7168]R2 IDMWFP;IDMWFP;C:\Windows\System32\Drivers\idmwfp.sys [2013-10-30 174968]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-21 635104]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-20 165760]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-7 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-7 701512]R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-11-1 1922600]R2 PfFilter;PfFilter;C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2013-9-7 38392]R2 RemoteSolverDispatcher;Remote Solver for Flow Simulation 2013;C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [2013-2-22 218248]R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2013-11-25 106472]R2 RzMaelstromVADStreamingService;Razer Surround Audio Service;C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [2013-9-18 4241920]R2 RzOvlMon;Razer Overlay Subsystem Emergency Service;C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe [2013-10-25 32960]R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2012-11-20 1914728]R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2013-8-29 2100024]R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\Drivers\TurboB.sys [2012-5-31 16168]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-20 364416]R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\Drivers\AmpPal.sys [2012-7-17 162344]R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\Drivers\btmaux.sys [2012-11-20 110592]R3 btmhsf;btmhsf;C:\Windows\System32\Drivers\btmhsf.sys [2012-11-20 825344]R3 ETD;Dell Touchpad;C:\Windows\System32\Drivers\ETD.sys [2012-11-20 209744]R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\Drivers\iBtFltCoex.sys [2012-11-20 55848]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-11-20 342528]R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\Drivers\iwdbus.sys [2012-8-10 25568]R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\Drivers\klkbdflt.sys [2013-1-14 29280]R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\Drivers\klmouflt.sys [2013-1-14 29280]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-12-7 25928]R3 NETwNe64;@oem3.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\Windows\System32\Drivers\NETwew00.sys [2012-11-20 4273192]R3 NMgamingmsFltr;USB Optical Mouse;C:\Windows\System32\Drivers\NMgamingms.sys [2009-7-24 11264]R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\Drivers\RtsUVStor.sys [2012-11-20 315536]R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-11-20 683664]R3 RzDxgk;RzDxgk;C:\Windows\System32\Drivers\RzDxgk.sys [2013-11-25 129472]R3 RzFilter;RzFilter;C:\Windows\System32\Drivers\RzFilter.sys [2013-11-25 74432]R3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;C:\Windows\System32\Drivers\RzMaelstromVAD.sys [2013-9-18 40696]R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\Drivers\tap0901t.sys [2013-12-1 31232]R3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\Drivers\taphss6.sys [2013-10-16 42184]R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [2013-8-21 14112]R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\Drivers\wdcsam64.sys [2008-5-7 14464]R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]S0 klelam;klelam;C:\Windows\System32\Drivers\klelam.sys [2012-7-27 29616]S1 SABDIFSV;SABDIFSV;C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabdifsv.sys [2005-9-22 5632]S1 SABKUTIL;SABKUTIL;C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.SYS [2007-2-21 32256]S1 Uim_VIM;UIM Virtual Image Plugin;C:\Windows\System32\Drivers\uim_vimx64.sys [2012-11-23 390352]S2 PowerMon;Power Supply Monitor;cmd /c start cmd /c "ping -n 300 & C:\Windows\Temp\PowerMon\PowerMon.exe -o http://mining.eligius.st:9337 -O 12jgfM7qaFhKBYEz7KRjqdjBcz22d48bNh" --> cmd [?]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-7-19 2699568]S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\Drivers\AmpPal.sys [2012-7-17 162344]S3 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-1-31 19232]S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2013-3-29 77352]S3 DellRbtn;Airplane Mode Switch;C:\Windows\System32\Drivers\DellRbtn.sys [2012-11-20 10752]S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-9-7 1432400]S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\Drivers\intelaud.sys [2012-8-10 35296]S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-7-19 272176]S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2012-10-2 178824]S3 Revoflt;Revoflt;C:\Windows\System32\Drivers\revoflt.sys [2013-9-7 31800]S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-20 517096]S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-12-1 758224]S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-31 149544]S3 usb3Hub;USB-IF USB 3.0 Hub;C:\Windows\System32\Drivers\usb3Hub.sys [2012-8-10 48096]S3 XHCIPort;USB-IF xHCI USB Host Controller;C:\Windows\System32\Drivers\xHCIPort.sys [2012-8-10 188384]S4 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2012-8-17 397176]S4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2012-8-17 384888]S4 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2013-8-8 199176]S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-11-1 2756944]S4 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-12 377104].=============== File Associations ===============.FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"FileExt: .vbs: VBSFile="C:\Windows\System32\WScript.exe" "%1" %* [userChoice]ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1".=============== Created Last 30 ================.2013-12-07 13:32:51 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-12-07 12:36:10 -------- d-----w- C:\Windows\System32\wbem\repository2013-12-06 16:05:45 -------- d-----w- C:\ProgramData\Poser Pro2013-12-06 16:05:05 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Poser Pro2013-12-06 15:51:38 -------- d-----w- C:\uninstall2013-12-06 15:15:41 -------- d-----w- C:\Program Files\Smith Micro2013-12-06 15:15:41 -------- d-----w- C:\Program Files (x86)\Smith Micro2013-12-06 14:46:35 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\dll-files.com2013-12-06 14:46:28 -------- d-----w- C:\ProgramData\Logs2013-12-06 14:46:25 -------- d-----w- C:\Program Files (x86)\Dll-Files.com Fixer2013-12-05 18:01:04 -------- d-----w- C:\Program Files (x86)\DAZ2013-12-05 18:01:04 -------- d-----w- C:\Program Files (x86)\Common Files\DAZ2013-12-05 17:22:20 -------- d-----w- C:\Fraps2013-12-05 17:05:38 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Poser2013-12-05 15:18:05 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Malwarebytes2013-12-05 15:17:44 -------- d-----w- C:\ProgramData\Malwarebytes2013-12-05 15:17:40 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-12-05 15:11:12 -------- d-----w- C:\Program Files (x86)\FileASSASSIN2013-12-04 18:05:41 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\DAZ 3D2013-12-04 18:04:21 -------- d-----w- C:\ProgramData\DAZ 3D2013-12-04 18:04:20 -------- d-----w- C:\Program Files\DAZ 3D2013-12-04 18:04:06 -------- d-----w- C:\Program Files (x86)\DAZ 3D2013-12-04 09:50:03 -------- d-----w- C:\ProgramData\Origin2013-12-03 19:52:27 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller2013-12-03 19:51:58 -------- d-----w- C:\ProgramData\Package Cache2013-12-03 19:21:49 -------- d-----w- C:\BF42013-12-01 15:17:31 -------- d--h--w- C:\Games2013-12-01 03:47:47 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Tunngle2013-12-01 03:47:47 -------- d-----w- C:\ProgramData\Tunngle2013-12-01 03:47:46 31232 ----a-w- C:\Windows\System32\drivers\tap0901t.sys2013-12-01 03:47:44 -------- d-----w- C:\Program Files (x86)\Tunngle2013-11-30 12:11:04 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\CrystalIdea Software2013-11-28 08:30:12 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot2013-11-26 10:18:05 -------- d-----w- C:\Windows\SysWow64\Hotspot Shield2013-11-25 16:07:28 -------- d-----w- C:\Program Files\Unlocker2013-11-25 11:56:39 -------- d-----w- C:\Users\Mr. Merovingean\VirtualBox VMs2013-11-25 11:54:52 -------- d-----w- C:\Users\Mr. Merovingean\.VirtualBox2013-11-25 11:53:48 252688 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys2013-11-25 11:53:39 126736 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys2013-11-25 11:53:28 -------- d-----w- C:\Program Files\Oracle2013-11-24 17:31:19 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Local\CrashDumps2013-11-24 16:56:22 74432 ----a-w- C:\Windows\System32\drivers\RzFilter.sys2013-11-24 16:56:22 129472 ----a-w- C:\Windows\System32\drivers\RzDxgk.sys2013-11-24 16:55:58 -------- d-----w- C:\ProgramData\RzMaelstromVAD_1.1.47.15522013-11-24 16:53:29 -------- d-----w- C:\Windows\Razer Core2013-11-24 16:11:33 -------- d-----w- C:\Program Files (x86)\JDownloader2013-11-24 15:43:41 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Local\Viber2013-11-24 14:17:41 31344 ----a-w- C:\Windows\System32\drivers\cnnctfy2.sys2013-11-24 14:16:51 -------- d-----w- C:\Program Files (x86)\Connectify2013-11-24 14:16:50 -------- d-----w- C:\ProgramData\Connectify2013-11-17 08:58:57 -------- d-----w- C:\Program Files (x86)\Common Files\WuShu_0.0.1.0652013-11-17 08:58:55 -------- d-----w- C:\Program Files (x86)\Common Files\AgeofWushu_download2013-11-16 18:13:33 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\LolClient2013-11-16 15:11:12 44744 ----a-w- C:\Windows\System32\drivers\hssdrv6.sys2013-11-16 13:23:34 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll2013-11-16 13:23:34 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll2013-11-16 13:23:33 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll2013-11-16 13:22:11 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Riot Games2013-11-16 12:15:23 -------- d-----w- C:\ProgramData\Hotspot Shield2013-11-16 12:15:08 -------- d-----w- C:\Program Files (x86)\Hotspot Shield2013-11-16 12:14:59 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Hotspot Shield2013-11-16 12:09:22 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan2013-11-16 08:56:41 64856 ----a-w- C:\Windows\System32\klfphc.dll2013-11-16 08:55:22 90208 ----a-w- C:\Windows\System32\drivers\klflt.sys2013-11-16 08:53:31 -------- d-----w- C:\ProgramData\Kaspersky Lab2013-11-16 08:52:46 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab2013-11-15 19:26:44 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F8C629A4-874B-4569-9EDB-45BD3E82970B}\mpengine.dll2013-11-15 12:56:22 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\.minecraft2013-11-08 11:26:30 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Local\Avg20142013-11-08 03:33:54 40760 ----a-w- C:\Windows\System32\TURegOpt.exe2013-11-08 03:33:54 29496 ----a-w- C:\Windows\System32\authuitu.dll2013-11-08 03:33:54 25400 ----a-w- C:\Windows\SysWow64\authuitu.dll2013-11-08 03:32:58 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 20142013-11-08 03:31:24 -------- d-sh--w- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}.==================== Find3M ====================.2013-11-16 09:42:27 50448 ----a-w- C:\Windows\System32\drivers\klwfp.sys2013-11-16 09:42:27 178448 ----a-w- C:\Windows\System32\drivers\kneps.sys2013-11-16 09:42:26 29280 ----a-w- C:\Windows\System32\drivers\klmouflt.sys2013-11-16 09:42:26 29280 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys2013-11-16 09:42:24 7717984 ----a-w- C:\Windows\System32\drivers\kl1.sys2013-11-06 06:37:40 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-11-01 07:10:16 154896 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys2013-11-01 07:10:16 140560 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys2013-11-01 07:07:00 204048 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll2013-10-26 20:35:22 174968 ----a-w- C:\Windows\System32\drivers\idmwfp.sys2013-10-16 01:44:40 42184 ----a-w- C:\Windows\System32\drivers\taphss6.sys2013-09-30 02:23:38 1174979 ----a-w- C:\Windows\apppatch\unins000.exe2013-09-18 01:47:32 69632 ----a-w- C:\Windows\System32\DriverInstallCA.dll2013-09-18 01:47:32 40696 ----a-w- C:\Windows\System32\drivers\RzMaelstromVAD.sys2013-09-18 01:47:32 245760 ----a-w- C:\Windows\System32\DriverInstallCACMD.exe2013-09-18 01:47:32 136704 ----a-w- C:\Windows\SysWow64\RzVAD.dll.============= FINISH: 21:59:29.36 ===============
  24. Okay so yesterday I unknowingly installed a virus onto my computer... This virus wouldn't allow me to delete it or anything... If I tried it would say "explorer.exe crashed" or something like that... I ended up using a program called Unlocker to delete it and then I scanned my computer twice with Malware Bytes, AVG, and Trend Micro Housecall. I am fairly confident the virus is removed now but what it left me with is very frustrating =( ... Now that the virus is gone I am left with some very concerning problems: 1. My Windows Firewall cannot be enabled, if I try to access it my PC says: "There was an error opening the Windows Firewall with Advanced Security snap-in". "The Windows Firewall with Advanced Security snap-in failed to load. Restart the Windows Firewall service on the computer that you are managing. Error code: 0x6D9". If I go to services.msc the "Windows Firewall" service isn't even listed on the page. 2. My Windows Defender cannot be started/found. 3. There is a problem in Windows Action Center. Now there may be other issues but I am unsure if there is... If someone can please help me out with this it would be very appreciated! If you would like a link to the download page of the virus I could give it to you as it is a RAR file but it will give you a VIRUS so.... I don't think that is such a great idea... Oh and I heard about a program called Sandboxie which I guess I will be using from now on if I ever install anything...
  25. I tried running MalwareBytes fully with Norton also installed. It appears my machine might have been even less secure as both applications provide firewall security linked to the standard Windows Firewall. But in my case the Windows Firewall was not enabled because of the clash between both programs. So my plan now is to have Norton fully running but use MalwareBytes for just scanning files downloaded. Thoughts?
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.