Jump to content

Search the Community

Showing results for tags 'me'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 14 results

  1. I am using windows 7. Every 2 minutes or so a notification in my lower right corner appeares from mwb saying Website blocked due to trojan. the website is 76236osm1.ru and the file is C:\Windows\SysWOW64\msiexec.exe I belive this is a msiexec trojan but i cannot remove it. malwarebytes doesnt detect it. the ip of the website didnt change yet i am seeing the same one verytime. Help me pls.
  2. So i just have this weird detection were avast detects different .exe files. I cant open chrome because of this.
  3. I have a virus on my computer and it make a loop with a pop up of "how do you want to open this file?" and it always appearing me.I have a print, and i already make the scan.Can you help me please? and here is my Farbar Recovery Scan Farbar Recovery Scan Tool (x64) Version: 26-10-2017 Ran by Ermin (28-10-2017 00:14:42) Running from D:\Downloads Boot Mode: Normal ================== Search Files: "krk.tmp" ============= ====== End of Search ====== PLS HELP
  4. I need immediate help! ok, my auto renewal is coming up in 7 days ! I had a update that kept bugging me to be installed for about 3 weeks. I ignored it because the last one was trouble too! so, after making sure my auto renewal was ready.. I gave in and installed the update. All that censoreding did was turn off my malwarebytes and my windows defender ! I am sick and tired of every censoreding time i install an update or renew something I have to trouble shoot crap with no phone customer support! someone help me solve this immediately! I censoreding hate technology. Its so damn frustrating! help me ! help me! I cant access my account! I have an update/auto renewal coming up in 7 days! help me! why dont you have any damn phone customer service? its like i have to pay you while i do the work. as you see in my screenshot, its in my start menu but i cant access anything
  5. Hello. I recently downloaded a file because I was stupid and got ratted. They bought stuff using my paypal. Good thing I canceled my credit card and refunded the payments. I reformated my whole computer but it said some personal files were not deleted. I scanned and couldn't find anything, right when I thought I was clean my PC shutdown. Help?! FRST.txt Addition.txt
  6. The only way i can actually see it is if i use chrome. It runs automatically and when i try to close the proccess it reopens it self after 5-10 minutes. While running it uses nearly 100% of my cpu. I was able to delete the file using the command prompt, but it seems it reinstalled itself almost immediately. Any help at all would be greatly appreciated.
  7. I'm not a huge computer wiz so please let me know if there is any addtl. info. I should provide. I have a windows 10/microsoft surface pro 4 with i5. So I had some virus on my computer which installed literally tons of random crap lol. Malaware and adware and I don't even know. Anyways, windows defender clearly wasn't working so I eventually got Malwarebytes. I ran a scan and it then prompted me to restart my computer so I did. Now I get this error message when I try to sign in. Previously, it signed me into a temporary account with the error message. Then I restarted with safe mode and now I just get the black screen with the error message. I can't access any of my files and I don't know what to do because I have two exams to study for and need my computer and am low key freaking out haha. Please help!!! Thanks so much in advanced. UPDATE: Still not working, but I was able to login to an administrator account in safe mode. I also changed my microsoft password (but the password that got me in was actually my old one lol). Now I'm running another scan with Malwarebytes through this admin safe mode account. No clue what I should do next, though, since I still can't access any of my files.
  8. Today, I've noticed that mbamservice.exe uses a lot of CPU. I've searched for a solution and all I've seen is that Malicious Website Blocking is the cause. Here is the CPU usage comparison when enabled and when disabled: WHEN ENABLED: WHEN DISABLED: How can I fix this?
  9. I just got your program about 1 day ago and I have been in love with it, I like how its user-friendly and very simplistic. One problem though, do I have to manually allow chrome to do stuff like browse? Right now I have chrome and firefox in a exclusions which is bad apparently because it is vulnerable. (Are there any ways around this?) About a hour ago I ran Malwarebytes on my 2 slow bogged down computers, and man did I get amazing results! Desktop scan results came up with 400 Non-Malware files detected and zero Malicious files. Laptop scan results came up with 390 Non-Malware files detected and 15 Malicious files. I then proceed to quarantine and delete the files, then I do a restart. When they started up they felt as they were basically new and I was completely amazed at how fast they were. This saved me alot of headache I thought that the computers just had alot of files and needed to be cleaned out but man was I wrong. I would like to thank all of the dev's who made the software. So I just wanted to share my story and thats really all that I have to say!
  10. Please... I have tried to get rid of the malware on my computer with your program, yet it never yields effective, and just rewrites all the files and folders MBAM deleted within minutes... i dont know how to get or post any logs or anything, if you give me instruction i will GLADLY comply 100%.... Recently I fell for the SkypEmoticons download, this then caused me to recieve Trovi, yet another adware (i think thats what these things are called) and then THAT caused me to get YAC, as a friend said he used it for the Trovi thing once. YAC then allowed "Klip Pal" to install without my acknowledgement upon opening Internet Explorer.... So i rushed to get MBAM, knowing that you all are VERY good at what you do. All this being said, i booted into Safe Mode and ran hyper scan, which found a few things, so i quarantined, and deleted, then i ran a full scan, this got more things, AND EVEN GOT SKYPEMOTICONS!!! But within seconds SE.exe was back again... Long story short, i have malware, please help.
  11. So i think i am infected, i have the premium version of mwb but it doesent start, niether does the chameleon, re-installing just gives me a ton of errors and i have tried hitmanpro, tdsskiller and adwcleaner after skiming the internet for some sort of solution. Restarting pc with failsafe and starting chameleon does not help either, it just tells me that mwb failed to load and scan failed to scan. I got a mail that one of my other unused mails were being changed and i have a safty precaution that all changes needs to be cleared by my whilst using a code sent to my phone, and thus i suspected foul play and tried to start mwb but alas, it did not work. did this farbar recovery thing, dont know if i am supposed to cpy/paste the lot but i will do it anyway, also have them both on attachements. Have a genuine win 8.1 64bit, and the p2p has been uninstalled as ordered, but i did it after the scan, dont know if that is a dealbreaker or not? If it is i can redo the scan if that is the case to prove i have it uninstalled, if it somehow shos...i dont know =/ Also i am a swede so please mind my bad spelling. With kind regards / S Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-07-2014Ran by Gulsot (administrator) on GULAN on 26-07-2014 01:10:45Running from C:\Users\Gulsot\DownloadsPlatform: Windows 8.1 Pro (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe(AMD) C:\Windows\System32\atieclxx.exe(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe() C:\Windows\SysWOW64\PnkBstrA.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe() C:\Program Files (x86)\Opera\23.0.1522.60\opera_crashreporter.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Update Manager\bin\ismagent.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-05-22] (Advanced Micro Devices, Inc.)HKU\.DEFAULT\...\RunOnce: [AOD] => C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-05-22] (Advanced Micro Devices, Inc.)HKU\S-1-5-21-2526743155-474704892-3361750059-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)HKU\S-1-5-21-2526743155-474704892-3361750059-1001\...\Run: [spotify Web Helper] => C:\Users\Gulsot\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-05] (Spotify Ltd) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.se.msn.com/HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x15A78F9244A4CF01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv-SE,sv;q=0.5SearchScopes: HKLM-x32 - DefaultScope value is missing.BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cabDPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cabDPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cabHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox:========FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.0.1.5 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No FileFF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-05-22] (Advanced Micro Devices, Inc.) [File not signed]S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-05-26] (Creative Labs) [File not signed]S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-05-26] (Creative Labs) [File not signed]R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2009-08-28] (Creative Technology Ltd) [File not signed]R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-07-01] ()R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-26] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-26] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)S3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-26] (Microsoft Corporation)R3 WRfiltv; C:\Windows\system32\drivers\WRfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-26 01:10 - 2014-07-26 01:10 - 00008281 _____ () C:\Users\Gulsot\Downloads\FRST.txt2014-07-26 01:10 - 2014-07-26 01:10 - 00000000 ____D () C:\FRST2014-07-26 01:09 - 2014-07-26 01:10 - 02093568 _____ (Farbar) C:\Users\Gulsot\Downloads\FRST64.exe2014-07-26 01:09 - 2014-07-26 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-07-26 01:09 - 2014-07-26 01:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-07-26 01:09 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-07-26 01:09 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys2014-07-26 01:09 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2014-07-26 01:08 - 2014-07-26 01:08 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Gulsot\Downloads\mbam-setup-2.0.2.1012.exe2014-07-26 01:02 - 2014-07-26 01:04 - 00000612 _____ () C:\WINDOWS\PFRO.log2014-07-26 01:01 - 2014-07-26 01:04 - 00000000 ____D () C:\AdwCleaner2014-07-26 01:01 - 2014-07-26 01:01 - 01354223 _____ () C:\Users\Gulsot\Downloads\AdwCleaner.exe2014-07-26 00:49 - 2014-07-26 00:49 - 00000000 _____ () C:\WINDOWS\WindowsUpdate.log2014-07-26 00:35 - 2014-07-26 00:37 - 00000000 ____D () C:\ProgramData\HitmanPro2014-07-26 00:35 - 2014-07-26 00:35 - 00000000 ____D () C:\Program Files\HitmanPro2014-07-26 00:34 - 2014-07-26 00:35 - 11188736 _____ (SurfRight B.V.) C:\Users\Gulsot\Downloads\HitmanPro_x64.exe2014-07-26 00:32 - 2014-07-26 00:32 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Gulsot\Downloads\tdsskiller.exe2014-07-26 00:25 - 2014-07-26 00:25 - 00002774 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC2014-07-26 00:25 - 2014-07-26 00:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner2014-07-26 00:25 - 2014-07-26 00:25 - 00000000 ____D () C:\Program Files\CCleaner2014-07-25 12:40 - 2014-07-25 12:40 - 00000000 ____D () C:\Users\Gulsot\Documents\Firefall2014-07-25 12:40 - 2014-07-25 12:40 - 00000000 ____D () C:\Users\Gulsot\AppData\Local\Red 5 Studios2014-07-22 19:39 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll2014-07-22 19:39 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll2014-07-22 19:39 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe2014-07-16 20:51 - 2014-07-16 20:51 - 00000000 ____D () C:\ProgramData\Riot Games2014-07-10 21:45 - 2014-07-10 21:45 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel2014-07-10 21:45 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll2014-07-10 10:57 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe2014-07-10 10:57 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe2014-07-10 10:57 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys2014-07-10 10:57 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys2014-07-10 10:57 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys2014-07-10 10:57 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll2014-07-10 10:57 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll2014-07-10 10:57 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll2014-07-10 10:57 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll2014-07-10 10:57 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll2014-07-10 10:56 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll2014-07-10 10:56 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll2014-07-10 10:56 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll2014-07-10 10:56 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2014-07-10 10:56 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll2014-07-10 10:56 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2014-07-10 10:56 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll2014-07-10 10:56 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll2014-07-10 10:56 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll2014-07-10 10:56 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll2014-07-10 10:56 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll2014-07-10 10:56 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe2014-07-10 10:56 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll2014-07-10 10:56 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll2014-07-10 10:56 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl2014-07-10 10:56 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll2014-07-10 10:56 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll2014-07-10 10:56 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll2014-07-10 10:56 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll2014-07-10 10:56 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll2014-07-10 10:56 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll2014-07-10 10:56 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll2014-07-10 10:56 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll2014-07-10 10:56 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl2014-07-10 10:56 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll2014-07-10 10:56 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll2014-07-10 10:56 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll2014-07-10 10:56 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll2014-07-10 10:56 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll2014-07-10 10:56 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll2014-07-10 10:56 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll2014-07-10 10:56 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll2014-07-10 10:56 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe2014-07-10 10:56 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll2014-07-10 10:56 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll2014-07-10 10:56 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll2014-07-10 10:56 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll2014-07-10 10:56 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll2014-07-10 10:56 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll2014-07-10 10:56 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll2014-07-10 10:56 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll2014-07-10 10:56 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll2014-07-10 10:56 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll2014-07-10 10:56 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll2014-07-10 10:56 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll2014-07-10 10:56 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll2014-07-10 10:56 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll2014-07-10 10:55 - 2014-07-10 10:55 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe2014-07-07 20:36 - 2014-07-07 20:36 - 00000000 ____D () C:\WINDOWS\system32\appmgmt2014-06-27 20:20 - 2014-07-01 21:10 - 00000000 ____D () C:\Users\Gulsot\AppData\Local\PAYDAY 22014-06-27 20:20 - 2014-06-27 20:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation2014-06-27 20:20 - 2014-06-27 20:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies2014-06-26 18:48 - 2014-06-26 18:48 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-26 01:10 - 2014-07-26 01:10 - 00008281 _____ () C:\Users\Gulsot\Downloads\FRST.txt2014-07-26 01:10 - 2014-07-26 01:10 - 00000000 ____D () C:\FRST2014-07-26 01:10 - 2014-07-26 01:09 - 02093568 _____ (Farbar) C:\Users\Gulsot\Downloads\FRST64.exe2014-07-26 01:09 - 2014-07-26 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-07-26 01:09 - 2014-07-26 01:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-07-26 01:09 - 2014-05-25 22:12 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2526743155-474704892-3361750059-10012014-07-26 01:09 - 2014-03-18 12:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI2014-07-26 01:08 - 2014-07-26 01:08 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Gulsot\Downloads\mbam-setup-2.0.2.1012.exe2014-07-26 01:05 - 2014-05-26 02:05 - 00000000 ____D () C:\Users\Gulsot\AppData\Roaming\Skype2014-07-26 01:04 - 2014-07-26 01:02 - 00000612 _____ () C:\WINDOWS\PFRO.log2014-07-26 01:04 - 2014-07-26 01:01 - 00000000 ____D () C:\AdwCleaner2014-07-26 01:04 - 2014-05-26 01:48 - 00000000 __RDO () C:\Users\Gulsot\OneDrive2014-07-26 01:04 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT2014-07-26 01:04 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI2014-07-26 01:01 - 2014-07-26 01:01 - 01354223 _____ () C:\Users\Gulsot\Downloads\AdwCleaner.exe2014-07-26 01:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru2014-07-26 00:54 - 2014-05-26 12:17 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job2014-07-26 00:49 - 2014-07-26 00:49 - 00000000 _____ () C:\WINDOWS\WindowsUpdate.log2014-07-26 00:37 - 2014-07-26 00:35 - 00000000 ____D () C:\ProgramData\HitmanPro2014-07-26 00:35 - 2014-07-26 00:35 - 00000000 ____D () C:\Program Files\HitmanPro2014-07-26 00:35 - 2014-07-26 00:34 - 11188736 _____ (SurfRight B.V.) C:\Users\Gulsot\Downloads\HitmanPro_x64.exe2014-07-26 00:32 - 2014-07-26 00:32 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Gulsot\Downloads\tdsskiller.exe2014-07-26 00:26 - 2014-06-22 02:44 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6E00126B-CF8D-4F13-A63A-9E43C0DD91ED}2014-07-26 00:26 - 2014-05-26 11:52 - 00000000 ____D () C:\Users\Gulsot\AppData\Roaming\uTorrent2014-07-26 00:25 - 2014-07-26 00:25 - 00002774 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC2014-07-26 00:25 - 2014-07-26 00:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner2014-07-26 00:25 - 2014-07-26 00:25 - 00000000 ____D () C:\Program Files\CCleaner2014-07-25 12:40 - 2014-07-25 12:40 - 00000000 ____D () C:\Users\Gulsot\Documents\Firefall2014-07-25 12:40 - 2014-07-25 12:40 - 00000000 ____D () C:\Users\Gulsot\AppData\Local\Red 5 Studios2014-07-23 23:05 - 2014-05-26 09:51 - 00000000 ____D () C:\Users\Gulsot\AppData\Roaming\vlc2014-07-23 00:13 - 2014-05-26 09:17 - 00000000 ____D () C:\Users\Gulsot\AppData\Roaming\Spotify2014-07-22 23:14 - 2014-05-26 09:18 - 00000000 ____D () C:\Users\Gulsot\AppData\Local\Spotify2014-07-22 19:50 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp2014-07-22 19:32 - 2014-06-03 11:13 - 00003822 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 14010577192014-07-22 19:32 - 2014-05-26 00:41 - 00000000 ____D () C:\Program Files (x86)\Opera2014-07-20 12:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness2014-07-19 20:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache2014-07-19 20:16 - 2014-06-01 21:59 - 00370688 ___SH () C:\Users\Gulsot\Desktop\Thumbs.db2014-07-19 18:27 - 2014-05-26 14:24 - 00000000 ____D () C:\ProgramData\Origin2014-07-19 15:49 - 2014-05-26 14:24 - 00000000 ____D () C:\Program Files (x86)\Origin2014-07-19 01:53 - 2014-05-26 01:39 - 00000000 ____D () C:\Users\Gulsot2014-07-18 23:58 - 2014-06-08 17:27 - 00000000 ____D () C:\WINDOWS\Minidump2014-07-18 00:29 - 2014-05-26 09:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN2014-07-17 00:26 - 2013-08-22 13:22 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll2014-07-17 00:26 - 2013-08-22 13:22 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe2014-07-17 00:26 - 2013-08-22 13:17 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll2014-07-17 00:26 - 2013-08-22 13:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll2014-07-17 00:26 - 2013-08-22 13:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll2014-07-17 00:26 - 2013-08-22 06:05 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll2014-07-17 00:26 - 2013-08-22 06:03 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe2014-07-17 00:26 - 2013-08-22 05:59 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll2014-07-17 00:26 - 2013-08-22 05:56 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll2014-07-17 00:26 - 2013-08-22 05:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe2014-07-17 00:26 - 2013-08-22 05:51 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll2014-07-17 00:26 - 2013-08-22 05:51 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll2014-07-17 00:26 - 2013-08-22 05:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll2014-07-17 00:26 - 2013-08-22 05:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll2014-07-17 00:25 - 2014-05-26 02:03 - 00000000 ____D () C:\ProgramData\Package Cache2014-07-16 20:51 - 2014-07-16 20:51 - 00000000 ____D () C:\ProgramData\Riot Games2014-07-16 19:01 - 2014-05-26 11:45 - 00000000 ____D () C:\ProgramData\pms-mlx2014-07-16 11:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports2014-07-11 03:18 - 2013-08-22 16:44 - 00366352 _____ () C:\WINDOWS\system32\FNTCACHE.DAT2014-07-11 03:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData2014-07-11 03:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility2014-07-11 03:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility2014-07-11 03:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore2014-07-10 21:46 - 2014-05-25 23:12 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2014-07-10 21:46 - 2014-05-25 23:12 - 00000000 ____D () C:\WINDOWS\system32\MRT2014-07-10 21:45 - 2014-07-10 21:45 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel2014-07-10 21:45 - 2014-03-18 11:46 - 00000000 ____D () C:\Program Files\Windows Journal2014-07-10 10:55 - 2014-07-10 10:55 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe2014-07-10 06:16 - 2014-07-22 19:39 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll2014-07-10 06:03 - 2014-07-22 19:39 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll2014-07-10 05:33 - 2014-07-22 19:39 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe2014-07-08 18:54 - 2014-05-26 12:17 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater2014-07-07 20:36 - 2014-07-07 20:36 - 00000000 ____D () C:\WINDOWS\system32\appmgmt2014-07-06 16:21 - 2014-05-27 16:33 - 00297088 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr2014-07-06 16:21 - 2014-05-27 01:32 - 00297088 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe2014-07-06 16:21 - 2014-05-27 01:32 - 00280904 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex02014-07-04 21:35 - 2014-05-28 02:02 - 00000000 ____D () C:\Users\Gulsot\AppData\Local\Warframe2014-07-02 18:14 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM2014-07-01 21:10 - 2014-06-27 20:20 - 00000000 ____D () C:\Users\Gulsot\AppData\Local\PAYDAY 22014-07-01 14:10 - 2014-05-27 01:32 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe2014-07-01 00:45 - 2014-07-10 10:56 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll2014-06-28 09:48 - 2014-07-10 10:56 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll2014-06-28 09:07 - 2014-07-10 10:56 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll2014-06-27 20:20 - 2014-06-27 20:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation2014-06-27 20:20 - 2014-06-27 20:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies2014-06-26 22:55 - 2013-08-22 17:38 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe2014-06-26 22:55 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl2014-06-26 18:48 - 2014-06-26 18:48 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf Some content of TEMP:====================C:\Users\Gulsot\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-20 13:46 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-07-2014Ran by Gulsot at 2014-07-26 01:11:04Running from C:\Users\Gulsot\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)Adobe Reader XI (11.0.07) - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)AMD Accelerated Video Transcoding (Version: 13.30.100.40522 - Advanced Micro Devices, Inc.) HiddenAMD Catalyst Control Center (x32 Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) HiddenAMD Catalyst Install Manager (HKLM\...\{8D95B61A-9759-40F7-69BF-54DCE6675143}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)AMD Fuel (Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) HiddenAsmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)BankID säkerhetsprogram (HKLM-x32\...\{4B2557F9-8C03-4BE7-9984-4DE525076580}) (Version: 6.0.1.5 - Finansiell ID-Teknik BID AB)Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center Graphics Previews Common (x32 Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center InstallProxy (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center InstallProxy (x32 Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center Localization All (x32 Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Chinese Standard (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Chinese Traditional (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Czech (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Danish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Dutch (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help English (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Finnish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help French (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help German (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Greek (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Hungarian (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Italian (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Japanese (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Korean (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Norwegian (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Polish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Portuguese (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Russian (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Spanish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Swedish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Thai (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) HiddenCCC Help Turkish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hiddenccc-utility64 (Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) HiddenCCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - )CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version: - )Creative System Information (HKLM-x32\...\SysInfo) (Version: - )Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)Firefall (HKLM-x32\...\Steam App 227700) (Version: - Red 5 Studios)Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)Intel® Update Manager (x32 Version: 1.6.3.70 - Intel Corporation) HiddenIntel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.2.1.400 - Intel Corporation)League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)League of Legends (x32 Version: 3.0.1 - Riot Games) HiddenMalwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenMusicBee 2.3 (HKLM-x32\...\MusicBee) (Version: 2.3 - Steven Mayall)NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)OpenOffice 4.1.0 (HKLM-x32\...\{CAF8E597-0665-4AAF-8F3C-234F7EE6BB03}) (Version: 4.10.9764 - Apache Software Foundation)Opera Stable 23.0.1522.60 (HKLM-x32\...\Opera 23.0.1522.60) (Version: 23.0.1522.60 - Opera Software ASA)Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations)Ps3 Media Server MLX (HKLM-x32\...\Ps3 Media Server MLX) (Version: 1.90.2-mlx-1.0 - PS3 Media Server MLX)PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)Shadowgrounds (HKLM-x32\...\Steam App 2500) (Version: - Frozenbyte)Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)Sound Blaster World of Warcraft Headset (HKLM-x32\...\{0429B343-D023-4524-89BC-0478E0D9E3C3}) (Version: 1.0 - Creative Technology Limited)Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)Tom Clancy's Ghost Recon Future Soldier (HKLM-x32\...\{6D87CAD9-9B94-4421-A439-B25F8DE14575}) (Version: 1.8 - Ubisoft)Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 07-07-2014 18:36:12 Removed Windows 7 USB/DVD Download Tool10-07-2014 19:44:56 Windows Update16-07-2014 22:25:42 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.6061022-07-2014 17:50:32 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTaskTask: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsListTask: {0DFADE1A-713E-4673-9E8B-9938AF031D4D} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTaskTask: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulateTask: {3251C08F-324A-41C6-A01A-36673102CC62} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)Task: {38AAF89E-7CEA-4156-9ED9-4CDDF3D9E72D} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUploadTask: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalanceTask: {4CA133BC-4550-4CAC-83BD-D98D6F8BE1E8} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)Task: {5E4D4644-6BD5-494F-AA86-172210771C89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play CleanupTask: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance TaskTask: {71317277-126B-4C52-9F88-D96CBE8C765C} - System32\Tasks\Microsoft\Windows\DiskFootprint\DiagnosticsTask: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTaskTask: {74E64FA2-8C91-4EA6-A853-412BC394A8D6} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauservTask: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryStateTask: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance TaskTask: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTaskTask: {9B013204-027D-439B-9F2E-7806C7019EA2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance WorkTask: {A08CAA66-1D00-479E-86EE-B42E4D42C208} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-ManagementTask: {B182DB43-4F73-452A-BDF7-28004268C81A} - System32\Tasks\Opera scheduled Autoupdate 1401057719 => C:\Program Files (x86)\Opera\launcher.exe [2014-07-18] (Opera Software)Task: {C5511CAF-1880-42F4-A0FC-ADC8F1633642} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-ValidationTask: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTaskTask: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensingTask: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon SynchronizationTask: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRETask: {FF3E01E8-42BE-46E4-ADF1-A49674F145D8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-10] (Microsoft Corporation)Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2014-05-22 21:59 - 2014-05-22 21:59 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll2014-05-27 01:32 - 2014-07-01 14:10 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe2014-05-22 21:59 - 2014-05-22 21:59 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll2014-07-22 19:32 - 2014-07-22 19:32 - 01401464 _____ () C:\Program Files (x86)\Opera\23.0.1522.60\opera_crashreporter.exe2014-07-22 19:32 - 2014-07-22 19:32 - 00880248 _____ () C:\Program Files (x86)\Opera\23.0.1522.60\libglesv2.dll2014-07-22 19:32 - 2014-07-22 19:32 - 00135800 _____ () C:\Program Files (x86)\Opera\23.0.1522.60\libegl.dll2014-07-22 19:32 - 2014-07-22 19:32 - 00957048 _____ () C:\Program Files (x86)\Opera\23.0.1522.60\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Gulsot\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "Adobe ARM"HKCU\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (07/26/2014 01:09:25 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x1258Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (07/26/2014 00:50:57 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x910Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (07/26/2014 00:50:07 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x1048Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (07/26/2014 00:49:17 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x1184Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (07/26/2014 00:48:28 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x7d8Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (07/26/2014 00:45:43 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x7f0Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (07/26/2014 00:43:29 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x770Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (07/26/2014 00:42:41 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x7e4Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (07/26/2014 00:41:59 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x564Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (07/26/2014 00:23:56 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x1264Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 System errors:=============Error: (07/26/2014 01:04:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The AODDriver4.3 service failed to start due to the following error: %%2 Error: (07/26/2014 01:04:17 AM) (Source: DCOM) (EventID: 10010) (User: GULAN)Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (07/26/2014 01:03:03 AM) (Source: DCOM) (EventID: 10016) (User: GULAN)Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GulanGulsotS-1-5-21-2526743155-474704892-3361750059-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (07/26/2014 01:03:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The AODDriver4.3 service failed to start due to the following error: %%2 Error: (07/26/2014 00:48:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The AODDriver4.3 service failed to start due to the following error: %%2 Error: (07/26/2014 00:48:36 AM) (Source: DCOM) (EventID: 10010) (User: GULAN)Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (07/26/2014 00:48:36 AM) (Source: DCOM) (EventID: 10010) (User: GULAN)Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (07/26/2014 00:48:36 AM) (Source: DCOM) (EventID: 10005) (User: GULAN)Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030} Error: (07/26/2014 00:48:36 AM) (Source: DCOM) (EventID: 10005) (User: GULAN)Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (07/26/2014 00:48:25 AM) (Source: DCOM) (EventID: 10005) (User: GULAN)Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Microsoft Office Sessions:=========================Error: (07/26/2014 01:09:25 AM) (Source: Application Error) (EventID: 1000) (User: )Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd125801cfa85d79e8af0cC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dllb7d25f22-1450-11e4-beb4-bcee7b59800d Error: (07/26/2014 00:50:57 AM) (Source: Application Error) (EventID: 1000) (User: )Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd91001cfa85ae58609f9C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll23696c18-144e-11e4-beb2-bcee7b59800d Error: (07/26/2014 00:50:07 AM) (Source: Application Error) (EventID: 1000) (User: )Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd104801cfa85ac8175774C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll05f12f9d-144e-11e4-beb2-bcee7b59800d Error: (07/26/2014 00:49:17 AM) (Source: Application Error) (EventID: 1000) (User: )Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd118401cfa85aaa22687eC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dlle8207bad-144d-11e4-beb2-bcee7b59800d Error: (07/26/2014 00:48:28 AM) (Source: Application Error) (EventID: 1000) (User: )Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd7d801cfa85a8cf8d174C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dllcac92065-144d-11e4-beb1-bcee7b59800d Error: (07/26/2014 00:45:43 AM) (Source: Application Error) (EventID: 1000) (User: )Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd7f001cfa85a2aae00c1C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll687001fe-144d-11e4-beb1-bcee7b59800d Error: (07/26/2014 00:43:29 AM) (Source: Application Error) (EventID: 1000) (User: )Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd77001cfa859dab75803C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll187bbb5e-144d-11e4-beb1-bcee7b59800d Error: (07/26/2014 00:42:41 AM) (Source: Application Error) (EventID: 1000) (User: )Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd7e401cfa859be080981C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dllfbcc6ceb-144c-11e4-beb1-bcee7b59800d Error: (07/26/2014 00:41:59 AM) (Source: Application Error) (EventID: 1000) (User: )Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd56401cfa859a51005c3C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dlle301b5db-144c-11e4-beb1-bcee7b59800d Error: (07/26/2014 00:23:56 AM) (Source: Application Error) (EventID: 1000) (User: )Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd126401cfa8571fa3cbf7C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll5d696d1f-144a-11e4-beb0-bcee7b59800d ==================== Memory info =========================== Percentage of memory in use: 33%Total physical RAM: 4011.71 MBAvailable physical RAM: 2684.51 MBTotal Pagefile: 4971.71 MBAvailable Pagefile: 3090.88 MBTotal Virtual: 131072 MBAvailable Virtual: 131071.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:74.53 GB) (Free:47.17 GB) NTFS ==>[Drive with boot components (obtained from BCD)]Drive d: () (Fixed) (Total:232.88 GB) (Free:74.17 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive e: (Legion) (Fixed) (Total:232.88 GB) (Free:69.58 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 75 GB) (Disk ID: 6D7F67BC)Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS) ========================================================Disk: 1 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 6E5DB163)Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS) ========================================================Disk: 2 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: DAA0868E)Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Addition.txt FRST.txt
  12. Hello everyone My teenage son decided to download Vuze onto my laptop last night and when i logged on this morning and went on the internet all my searches were being redirected though yahoo and its really annoying. I did some searching and saw a program called spiggot in a bunch of files. So i went into C:\Program Files (x86)\Common Files and found a spiggot folder and deleted it but it's still going through yahoo. Ive had this happen to my laptop before and i just did a complete system restore on the computer. I would like to somehow remove it though this time because i have important documents saved on here that i cannot move. Anyone have any suggestions?
  13. I'm infected with malware and I have no idea how to remove it. One day I tried going to gmtower.org, but I accidentally went to gmtower.com (typosquatter). The website installed a fake version of SUPERantispyware which placed "Gay Fetish Porn.url" on my desktop every time I started my computer. Malwarebytes hardly ever opens now, because the malware keeps blocking it. And when it does, malwarebytes doesn't detect anything because I believe the malware has made it void. My other antivirus doesn't start and is taking up 79% of my computer's CPU. I then installed and ran a fresh copy of Spybot S&D, which detected the malware, but refused to remove it. I really have no idea what the file is called, but I do know that it has a .vbs extension and that it is located in a .rar archive. If anyone has any removal tips, please don't hesitate to post them. As soon as I can find the malware in its folder, I will provide a sample.
  14. Look install malwarebytes and I started to block ips and I lock my games i some Internet sites. uninstall it and I still can play online games and locked pages. What do I do? Sorry for the bad English I'm from chile thanks for your help if you help me i love you forever
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.