opacupa Posted May 15, 2013 ID:679806 Share Posted May 15, 2013 Hey all!Like I've said, every single browser randomly crashes on my desktop PC! I've tryed Chrome, Firefox (Nightly 64bit), Maxthon Cloud, IE 9... All browsers were the latest version, updated regulary! I've just completed Malwarebaytes full scan, but nothing was found, and my antivirus is MSE, also updated to latest version.Does anyone have any idea what could be the cause of these crashes, and how to deal with them?If any more scans are necessary, please tell me and I'll post back all the logs! I've attached latest mbam full scan log, hope it helpes!Cheers guys!mbam-log-2013-05-15 (14-54-25).txt Link to post Share on other sites More sharing options...
Maniac Posted May 15, 2013 ID:679807 Share Posted May 15, 2013 Hello opacupa! My name is Maniac and I will be glad to help you solve your malware problem.Please note:If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.Make sure you read all of the instructions and fixes thoroughly before continuing with them.Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.Please follow the instructions here and post your log files:http://forums.malwarebytes.org/index.php?showtopic=9573 Link to post Share on other sites More sharing options...
opacupa Posted May 15, 2013 Author ID:679812 Share Posted May 15, 2013 Thanx mate!Here are the logs:DDSDDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer:Run by Gosa at 15:47:54 on 2013-05-15Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8174.6339 [GMT 2:00].AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\atieclxx.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestrictedC:\Program Files (x86)\TuneUp Utilities\TuneUpUtilitiesService64.exeC:\Windows\system32\vssvc.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\Dwm.exec:\Program Files\Microsoft Security Client\NisSrv.exeC:\Program Files (x86)\TuneUp Utilities\TuneUpUtilitiesApp64.exeC:\Windows\Explorer.EXEC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files (x86)\SVP\SVPMgr.exeC:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files\Nightly\firefox.exec:\Program Files\Microsoft Security Client\MpCmdRun.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dlluRun: [sVPMgr] "C:\Program Files (x86)\SVP\SVPMgr.exe"mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /smPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0mPolicies-Windows\System: UseOEMBackground = dword:1IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}TCP: NameServer = 89.216.1.40 89.216.1.50TCP: Interfaces\{0DB4CB06-0D3B-4E40-B9B6-15A5F8D6A372} : DHCPNameServer = 89.216.1.40 89.216.1.50Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllIFEO: excel.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: groove.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: infopath.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: msaccess.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: msoxmled.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-SSODL: WebCheck - <orphaned>x64-IFEO: excel.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: groove.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: infopath.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: msaccess.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: msoxmled.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe".Note: multiple IFEO entries found. Please refer to Attach.txt.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Gosa\AppData\Roaming\Mozilla\Firefox\Profiles\dc5ftd9h.default\FF - prefs.js: network.proxy.type - 4FF - plugin: C:\Windows\System32\Macromed\Flash\NPSWF64_11_7_700_202.dllFF - ExtSQL: 2013-05-14 20:27; support@lastpass.com; C:\Users\Gosa\AppData\Roaming\Mozilla\Firefox\Profiles\dc5ftd9h.default\extensions\support@lastpass.comFF - ExtSQL: 2013-05-14 20:29; {fe272bd1-5f76-4ea4-8501-a05d35d823fc}; C:\Users\Gosa\AppData\Roaming\Mozilla\Firefox\Profiles\dc5ftd9h.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpiFF - ExtSQL: 2013-05-14 20:37; mytube@ashishmishra.in; C:\Users\Gosa\AppData\Roaming\Mozilla\Firefox\Profiles\dc5ftd9h.default\extensions\mytube@ashishmishra.in.xpiFF - ExtSQL: 2013-05-15 15:02; firegestures@xuldev.org; C:\Users\Gosa\AppData\Roaming\Mozilla\Firefox\Profiles\dc5ftd9h.default\extensions\firegestures@xuldev.org.xpi.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008]R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities\TuneUpUtilitiesService64.exe [2012-9-17 2365792]R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-2-16 769168]R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities\TuneUpUtilitiesDriver64.sys [2012-8-29 11880]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-9 123856]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-16 19456]S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-2-16 29696]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-16 57856]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-2-16 30208]S3 tsusbhub;Remote Deskotop USB Hub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]S3 UsbFltr;WayTech USB Filter Driver;C:\Windows\System32\drivers\UsbFltr.sys [2007-4-9 12288]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-16 1255736].=============== Created Last 30 ================.2013-05-15 13:23:46 -------- d-----w- C:\Program Files\Nightly2013-05-14 19:28:13 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{56C9C6C3-405D-4EBF-AF0A-215E58348365}\offreg.dll2013-05-14 19:27:40 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{56C9C6C3-405D-4EBF-AF0A-215E58348365}\mpengine.dll2013-05-14 18:26:23 -------- d-----w- C:\Users\Gosa\AppData\Local\Mozilla2013-05-14 13:56:21 9317456 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2013-05-13 17:04:20 -------- d-----w- C:\Users\Gosa\AppData\Roaming\SVP 3.12013-05-13 17:04:16 406016 ----a-w- C:\Windows\SysWow64\avisynth.dll2013-05-13 17:04:14 -------- d-----w- C:\Program Files (x86)\SVP2013-05-11 14:56:51 -------- d-----w- C:\Users\Gosa\AppData\Local\Facebook2013-05-11 08:27:24 -------- d-----w- C:\ProgramData\Voksi2013-05-05 22:26:58 -------- d-----w- C:\Users\Gosa\AppData\Local\AdFender2013-04-27 17:15:06 -------- d-----w- C:\Users\Gosa\AppData\Local\Apple Computer2013-04-27 17:14:30 -------- d-----w- C:\Users\Gosa\AppData\Local\Apple2013-04-26 18:41:16 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-04-26 18:41:16 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-04-26 18:39:45 -------- d-----w- C:\Users\Gosa\AppData\Local\Opera2013-04-25 15:49:26 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities2013-04-23 19:34:24 -------- d-----w- C:\Windows\SysWow64\searchplugins2013-04-23 19:34:24 -------- d-----w- C:\Windows\SysWow64\Extensions2013-04-23 19:33:47 -------- d-----w- C:\Users\Gosa\AppData\Roaming\Babylon2013-04-23 19:33:47 -------- d-----w- C:\ProgramData\Babylon2013-04-23 19:33:32 -------- d-----w- C:\ProgramData\Tarma Installer2013-04-23 19:33:28 -------- d-----w- C:\Program Files (x86)\FirstRowSportApp.com2013-04-23 18:46:15 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll2013-04-23 18:46:15 905296 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{02CC83E1-5AC3-4B83-B077-4BF8B1281223}\gapaengine.dll2013-04-23 18:46:12 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys2013-04-17 18:29:27 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-04-17 18:29:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-04-17 18:23:22 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client2013-04-17 18:23:13 -------- d-----w- C:\Program Files\Microsoft Security Client2013-04-17 18:09:26 -------- d-----w- C:\Users\Gosa\AppData\Local\Secunia PSI2013-04-17 18:09:18 -------- d-----w- C:\Program Files (x86)\Secunia2013-04-16 14:11:12 34656 ----a-w- C:\Windows\System32\TURegOpt.exe2013-04-16 14:11:12 25952 ----a-w- C:\Windows\System32\authuitu.dll2013-04-16 14:11:11 21344 ----a-w- C:\Windows\SysWow64\authuitu.dll2013-04-16 14:10:40 -------- d-----w- C:\Users\Gosa\AppData\Roaming\TuneUp Software2013-04-16 14:10:25 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 20132013-04-16 14:09:20 -------- d-----w- C:\ProgramData\TuneUp Software2013-04-16 14:09:02 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}2013-04-16 14:09:02 -------- d--h--w- C:\ProgramData\Common Files2013-04-16 13:35:08 -------- d-----w- C:\Windows\System32\drivers\NISx64\1403010.016.==================== Find3M ====================.2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-03-20 17:39:39 4608 ----a-w- C:\Windows\SysWow64\w95inf32.dll2013-03-20 17:39:39 2272 ----a-w- C:\Windows\SysWow64\w95inf16.dll2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe2013-03-03 13:19:19 0 ----a-w- C:\Windows\ativpsrm.bin2013-03-01 03:36:04 3153408 ----a-w- C:\Windows\System32\win32k.sys2013-02-22 06:27:49 2312704 ----a-w- C:\Windows\System32\jscript9.dll2013-02-22 06:20:51 1392128 ----a-w- C:\Windows\System32\wininet.dll2013-02-22 06:19:37 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2013-02-22 06:15:48 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2013-02-22 06:15:23 599040 ----a-w- C:\Windows\System32\vbscript.dll2013-02-22 06:12:41 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2013-02-22 03:46:00 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-02-22 03:38:00 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2013-02-22 03:37:50 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-02-22 03:34:17 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2013-02-22 03:34:03 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll2013-02-22 03:31:46 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb.============= FINISH: 15:48:11.45 ===============.ATTACHUNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 UltimateBoot Device: \Device\HarddiskVolume1Install Date: 3/3/2013 1:57:27 PMSystem Uptime: 5/15/2013 2:53:02 PM (1 hours ago).Motherboard: MSI | | H61M-P22 (MS-7680)Processor: Intel® Core i3-2100 CPU @ 3.10GHz | SOCKET 0 | 3100/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 466 GiB total, 193.601 GiB free.D: is CDROM ()F: is FIXED (NTFS) - 0 GiB total, 0.062 GiB free.G: is CDROM ().==== Disabled Device Manager Items =============.Class GUID:Description: SM Bus ControllerDevice ID: PCI\VEN_8086&DEV_1C22&SUBSYS_76801462&REV_05\3&11583659&0&FBManufacturer:Name: SM Bus ControllerPNP Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_76801462&REV_05\3&11583659&0&FBService:.==== System Restore Points ===================.RP73: 5/12/2013 4:00:51 PM - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022RP74: 5/14/2013 3:56:01 PM - Windows UpdateRP76: 5/14/2013 8:42:45 PM - Removed Facebook Messenger 2.1.4814.0RP77: 5/15/2013 11:42:26 AM - Windows Update.==== Image File Execution Options =============.IFEO: excel.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: groove.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: infopath.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: msaccess.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: msoxmled.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: mspub.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: mstore.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: offdiag.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: ois.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: onenote.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: outlook.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: powerpnt.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: vscontentinstaller.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: vslauncher.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"IFEO: winword.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: excel.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: groove.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: infopath.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: msaccess.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: msoxmled.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: mspub.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: mstore.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: offdiag.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: ois.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: onenote.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: outlook.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: powerpnt.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: vscontentinstaller.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: vslauncher.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe"x64-IFEO: winword.exe - "C:\Program Files (x86)\TuneUp Utilities\TUAutoReactivator64.exe".==== Installed Programs ======================.µTorrent7-Zip 9.20 (x64 edition)Adobe Flash Player 11 PluginAMD Accelerated Video TranscodingAMD APP SDK RuntimeAMD Catalyst Install ManagerAMD Drag and Drop TranscodingAMD Media Foundation DecodersAviSynth 2.5Bejeweled 3Black Mirror 3Catalyst Control CenterCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishDaum PotPlayer 1.5.35491ffdshow v1.3.4500 [2013-01-06]Fieldrunners 2Foxit PhantomHaali Media SplitterMalwarebytes Anti-Malware version 1.75.0.1300Mars War Logs version 1.00Microsoft .NET Framework 4.5Microsoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft Security ClientMicrosoft Security EssentialsMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Nightly 24.0a1 (x64 en-US)Resident. Evil 6Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596672) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596744) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596754) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687311) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687439) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687499) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760416) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit EditionSecurity Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2760421) 32-Bit EditionSkype™ 6.3SmoothVideo Project version 3.1.4Syberia 1 1.00TuneUp Utilities 2013TuneUp Utilities Language Pack (en-US)Update for 2007 Microsoft Office System (KB967642)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596660) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596802) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596848) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)UplayVirtualCloneDrive.==== Event Viewer Messages From Past Week ========.5/9/2013 5:17:01 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x00000000001b524c, 0x0000000000000002, 0x000000000022388b). A dump was saved in: C:\Windows\Minidump\050913-23571-01.dmp. Report Id: 050913-23571-01.5/15/2013 2:58:41 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.5/15/2013 11:43:58 AM, Error: Service Control Manager [7031] - The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.5/13/2013 9:46:44 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a0121fb4e0, 0x0000000000000000, 0xfffff80002aea500, 0x0000000000000002). A dump was saved in: C:\Windows\Minidump\051313-20623-01.dmp. Report Id: 051313-20623-01.5/13/2013 9:44:31 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/13/2013 9:23:58 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/13/2013 6:45:23 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000019 (0x0000000000000020, 0xfffff8a00b7a6000, 0xfffff8a00b7a6250, 0x0000000005250000). A dump was saved in: C:\Windows\Minidump\051313-27534-01.dmp. Report Id: 051313-27534-01.5/13/2013 4:57:45 PM, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.5/13/2013 4:57:39 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver has successfully restarted.5/13/2013 4:57:37 PM, Error: Microsoft Antimalware [5008] - Microsoft Antimalware engine has been terminated due to an unexpected error. Failure Type: Crash Exception code: 0xc0000005 Resource: process:pid:47045/13/2013 4:57:37 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.5/13/2013 4:57:37 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.5/13/2013 4:57:37 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.5/13/2013 4:49:21 PM, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.5/13/2013 4:49:09 PM, Error: Microsoft Antimalware [5008] - Microsoft Antimalware engine has been terminated due to an unexpected error. Failure Type: Crash Exception code: 0xc0000005 Resource: file:C:\Program Files (x86)\PotPlayer\Uninstall.exe5/11/2013 11:11:51 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.5/10/2013 6:54:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Microsoft Antimalware Service service, but this action failed with the following error: An instance of the service is already running.5/10/2013 6:54:21 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver has successfully restarted.5/10/2013 6:54:19 PM, Error: Microsoft Antimalware [5008] - Microsoft Antimalware engine has been terminated due to an unexpected error. Failure Type: Crash Exception code: 0xc0000005 Resource: process:pid:29805/10/2013 6:54:19 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.5/10/2013 6:54:19 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.5/10/2013 6:54:19 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly..==== End Of File =========================== Link to post Share on other sites More sharing options...
opacupa Posted May 15, 2013 Author ID:679815 Share Posted May 15, 2013 Oh and I have uTorrent installed, but I will not be using it during your help! Link to post Share on other sites More sharing options...
Maniac Posted May 15, 2013 ID:679819 Share Posted May 15, 2013 Step 1Please uninstall the following applications:µTorrentTuneUp Utilities 2013TuneUp Utilities Language Pack (en-US)Step 2Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message.Step 3Please download AdwCleaner from here and save it on your Desktop. Right-click on adwcleaner.exe and select Run As Administrator to launch the application.Now click on the Search tab.Please post the contents of the log-file created in your next post.Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.In your next reply, post the following log files:Junkware Removal Tool logAdwCleaner loga new fresh DDS log Link to post Share on other sites More sharing options...
opacupa Posted May 15, 2013 Author ID:679824 Share Posted May 15, 2013 Ok, I've uninstalled uTorrent and TuneUp utilities, and ran the tests. Here are all the logs:JRT~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 4.9.4 (05.06.2013:1)OS: Windows 7 Ultimate x64Ran by Gosa on Wed 05/15/2013 at 16:14:17.00~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry Values~~~ Registry KeysSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownloadSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylonSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbarFailed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngrFailed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngrFailed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbarSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.capSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasapi32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasmancsFailed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngrSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}~~~ FilesSuccessfully deleted: [File] C:\eula.1028.txtSuccessfully deleted: [File] C:\eula.1031.txtSuccessfully deleted: [File] C:\eula.1033.txtSuccessfully deleted: [File] C:\eula.1036.txtSuccessfully deleted: [File] C:\eula.1040.txtSuccessfully deleted: [File] C:\eula.1041.txtSuccessfully deleted: [File] C:\eula.1042.txtSuccessfully deleted: [File] C:\eula.2052.txtSuccessfully deleted: [File] C:\install.res.1028.dllSuccessfully deleted: [File] C:\install.res.1031.dllSuccessfully deleted: [File] C:\install.res.1033.dllSuccessfully deleted: [File] C:\install.res.1036.dllSuccessfully deleted: [File] C:\install.res.1040.dllSuccessfully deleted: [File] C:\install.res.1041.dllSuccessfully deleted: [File] C:\install.res.1042.dllSuccessfully deleted: [File] C:\install.res.2052.dllSuccessfully deleted: [File] C:\install.res.3082.dll~~~ FoldersSuccessfully deleted: [Folder] "C:\ProgramData\babylon"Successfully deleted: [Folder] "C:\ProgramData\tarma installer"Successfully deleted: [Folder] "C:\ProgramData\trymedia"Successfully deleted: [Folder] "C:\Users\Gosa\AppData\Roaming\babylon"~~~ Event Viewer Logs were cleared~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Wed 05/15/2013 at 16:16:09.39End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ADWCLEANER# AdwCleaner v2.300 - Logfile created 05/15/2013 at 16:17:23# Updated 28/04/2013 by Xplode# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)# User : Gosa - GOSA-PC# Boot Mode : Normal# Running from : C:\Users\Gosa\Downloads\adwcleaner.exe# Option [search]***** [services] ********** [Files / Folders] ********** [Registry] *****Key Found : HKCU\Software\DataMngrKey Found : HKCU\Software\DataMngr_ToolbarKey Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}Key Found : HKLM\Software\DataMngrKey Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}Key Found : HKLM\SOFTWARE\Tarma Installer***** [internet Browsers] *****-\\ Internet Explorer v9.0.8112.16421[OK] Registry is clean.-\\ Mozilla Firefox v [unable to get version]File : C:\Users\Gosa\AppData\Roaming\Mozilla\Firefox\Profiles\dc5ftd9h.default\prefs.js[OK] File is clean.-\\ Google Chrome v [unable to get version]File : C:\Users\Gosa\AppData\Local\Google\Chrome\User Data\Default\Preferences[OK] File is clean.*************************AdwCleaner[R1].txt - [1350 octets] - [15/05/2013 16:17:23]########## EOF - C:\AdwCleaner[R1].txt - [1410 octets] ##########DDS - NEWDDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer:Run by Gosa at 16:18:17 on 2013-05-15Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8174.6199 [GMT 2:00].AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\atieclxx.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\taskhost.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\Dwm.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files (x86)\SVP\SVPMgr.exeC:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\SysWOW64\DllHost.exeC:\Windows\system32\msiexec.exeC:\Windows\System32\svchost.exe -k swprvC:\Windows\explorer.exeC:\Windows\SysWOW64\notepad.exeC:\Program Files\Nightly\firefox.exeC:\Windows\system32\NOTEPAD.EXEC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dlluRun: [sVPMgr] "C:\Program Files (x86)\SVP\SVPMgr.exe"mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /smPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0mPolicies-Windows\System: UseOEMBackground = dword:1IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}TCP: NameServer = 89.216.1.40 89.216.1.50TCP: Interfaces\{0DB4CB06-0D3B-4E40-B9B6-15A5F8D6A372} : DHCPNameServer = 89.216.1.40 89.216.1.50Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllx64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Gosa\AppData\Roaming\Mozilla\Firefox\Profiles\dc5ftd9h.default\FF - prefs.js: network.proxy.type - 4FF - plugin: C:\Windows\System32\Macromed\Flash\NPSWF64_11_7_700_202.dllFF - ExtSQL: 2013-05-14 20:27; support@lastpass.com; C:\Users\Gosa\AppData\Roaming\Mozilla\Firefox\Profiles\dc5ftd9h.default\extensions\support@lastpass.comFF - ExtSQL: 2013-05-14 20:29; {fe272bd1-5f76-4ea4-8501-a05d35d823fc}; C:\Users\Gosa\AppData\Roaming\Mozilla\Firefox\Profiles\dc5ftd9h.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpiFF - ExtSQL: 2013-05-14 20:37; mytube@ashishmishra.in; C:\Users\Gosa\AppData\Roaming\Mozilla\Firefox\Profiles\dc5ftd9h.default\extensions\mytube@ashishmishra.in.xpiFF - ExtSQL: 2013-05-15 15:02; firegestures@xuldev.org; C:\Users\Gosa\AppData\Roaming\Mozilla\Firefox\Profiles\dc5ftd9h.default\extensions\firegestures@xuldev.org.xpi.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-2-16 769168]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-9 123856]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008]S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-16 19456]S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-2-16 29696]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-16 57856]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-2-16 30208]S3 tsusbhub;Remote Deskotop USB Hub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]S3 UsbFltr;WayTech USB Filter Driver;C:\Windows\System32\drivers\UsbFltr.sys [2007-4-9 12288]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-16 1255736].=============== Created Last 30 ================.2013-05-15 14:14:15 -------- d-----w- C:\Windows\ERUNT2013-05-15 14:14:08 -------- d-----w- C:\JRT2013-05-15 13:23:46 -------- d-----w- C:\Program Files\Nightly2013-05-14 19:28:13 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{56C9C6C3-405D-4EBF-AF0A-215E58348365}\offreg.dll2013-05-14 19:27:40 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{56C9C6C3-405D-4EBF-AF0A-215E58348365}\mpengine.dll2013-05-14 18:26:23 -------- d-----w- C:\Users\Gosa\AppData\Local\Mozilla2013-05-14 13:56:21 9317456 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2013-05-13 17:04:20 -------- d-----w- C:\Users\Gosa\AppData\Roaming\SVP 3.12013-05-13 17:04:16 406016 ----a-w- C:\Windows\SysWow64\avisynth.dll2013-05-13 17:04:14 -------- d-----w- C:\Program Files (x86)\SVP2013-05-11 14:56:51 -------- d-----w- C:\Users\Gosa\AppData\Local\Facebook2013-05-11 08:27:24 -------- d-----w- C:\ProgramData\Voksi2013-05-05 22:26:58 -------- d-----w- C:\Users\Gosa\AppData\Local\AdFender2013-04-27 17:15:06 -------- d-----w- C:\Users\Gosa\AppData\Local\Apple Computer2013-04-27 17:14:30 -------- d-----w- C:\Users\Gosa\AppData\Local\Apple2013-04-26 18:41:16 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-04-26 18:41:16 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-04-26 18:39:45 -------- d-----w- C:\Users\Gosa\AppData\Local\Opera2013-04-25 15:49:26 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities2013-04-23 19:34:24 -------- d-----w- C:\Windows\SysWow64\searchplugins2013-04-23 19:34:24 -------- d-----w- C:\Windows\SysWow64\Extensions2013-04-23 19:33:28 -------- d-----w- C:\Program Files (x86)\FirstRowSportApp.com2013-04-23 18:46:15 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll2013-04-23 18:46:15 905296 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{02CC83E1-5AC3-4B83-B077-4BF8B1281223}\gapaengine.dll2013-04-23 18:46:12 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys2013-04-17 18:29:27 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-04-17 18:29:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-04-17 18:23:22 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client2013-04-17 18:23:13 -------- d-----w- C:\Program Files\Microsoft Security Client2013-04-17 18:09:26 -------- d-----w- C:\Users\Gosa\AppData\Local\Secunia PSI2013-04-17 18:09:18 -------- d-----w- C:\Program Files (x86)\Secunia2013-04-16 14:10:40 -------- d-----w- C:\Users\Gosa\AppData\Roaming\TuneUp Software2013-04-16 14:10:25 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 20132013-04-16 14:09:20 -------- d-----w- C:\ProgramData\TuneUp Software2013-04-16 14:09:02 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}2013-04-16 14:09:02 -------- d--h--w- C:\ProgramData\Common Files2013-04-16 13:35:08 -------- d-----w- C:\Windows\System32\drivers\NISx64\1403010.016.==================== Find3M ====================.2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-03-20 17:39:39 4608 ----a-w- C:\Windows\SysWow64\w95inf32.dll2013-03-20 17:39:39 2272 ----a-w- C:\Windows\SysWow64\w95inf16.dll2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe2013-03-03 13:19:19 0 ----a-w- C:\Windows\ativpsrm.bin2013-03-01 03:36:04 3153408 ----a-w- C:\Windows\System32\win32k.sys2013-02-22 06:27:49 2312704 ----a-w- C:\Windows\System32\jscript9.dll2013-02-22 06:20:51 1392128 ----a-w- C:\Windows\System32\wininet.dll2013-02-22 06:19:37 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2013-02-22 06:15:48 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2013-02-22 06:15:23 599040 ----a-w- C:\Windows\System32\vbscript.dll2013-02-22 06:12:41 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2013-02-22 03:46:00 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-02-22 03:38:00 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2013-02-22 03:37:50 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-02-22 03:34:17 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2013-02-22 03:34:03 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll2013-02-22 03:31:46 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb.============= FINISH: 16:18:23.97 ===============ATTACH - NEW.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 UltimateBoot Device: \Device\HarddiskVolume1Install Date: 3/3/2013 1:57:27 PMSystem Uptime: 5/15/2013 2:53:02 PM (2 hours ago).Motherboard: MSI | | H61M-P22 (MS-7680)Processor: Intel® Core i3-2100 CPU @ 3.10GHz | SOCKET 0 | 3100/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 466 GiB total, 194.727 GiB free.D: is CDROM ()F: is FIXED (NTFS) - 0 GiB total, 0.062 GiB free.G: is CDROM ().==== Disabled Device Manager Items =============.Class GUID:Description: SM Bus ControllerDevice ID: PCI\VEN_8086&DEV_1C22&SUBSYS_76801462&REV_05\3&11583659&0&FBManufacturer:Name: SM Bus ControllerPNP Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_76801462&REV_05\3&11583659&0&FBService:.==== System Restore Points ===================.RP74: 5/14/2013 3:56:01 PM - Windows UpdateRP76: 5/14/2013 8:42:45 PM - Removed Facebook Messenger 2.1.4814.0RP77: 5/15/2013 11:42:26 AM - Windows UpdateRP78: 5/15/2013 4:11:22 PM - Removed TuneUp Utilities 2013RP79: 5/15/2013 4:12:26 PM - Removed TuneUp Utilities Language Pack (en-US).==== Installed Programs ======================.7-Zip 9.20 (x64 edition)Adobe Flash Player 11 PluginAMD Accelerated Video TranscodingAMD APP SDK RuntimeAMD Catalyst Install ManagerAMD Drag and Drop TranscodingAMD Media Foundation DecodersAviSynth 2.5Bejeweled 3Black Mirror 3Catalyst Control CenterCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishDaum PotPlayer 1.5.35491ffdshow v1.3.4500 [2013-01-06]Fieldrunners 2Foxit PhantomHaali Media SplitterMalwarebytes Anti-Malware version 1.75.0.1300Mars War Logs version 1.00Microsoft .NET Framework 4.5Microsoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft Security ClientMicrosoft Security EssentialsMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Nightly 24.0a1 (x64 en-US)Resident. Evil 6Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596672) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596744) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596754) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687311) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687439) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687499) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760416) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit EditionSecurity Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2760421) 32-Bit EditionSkype™ 6.3SmoothVideo Project version 3.1.4Syberia 1 1.00Update for 2007 Microsoft Office System (KB967642)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596660) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596802) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596848) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)UplayVirtualCloneDrive.==== End Of File ===========================Cheers for the help so far! Link to post Share on other sites More sharing options...
Maniac Posted May 15, 2013 ID:679825 Share Posted May 15, 2013 Please re-run AdwCleanerClick on Delete button.Confirm each time with OK.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.Finally, reboot your computer and check your browsers. Link to post Share on other sites More sharing options...
opacupa Posted May 15, 2013 Author ID:679827 Share Posted May 15, 2013 Here is the log:ADWCLEANER - AFTER 'DELETE'# AdwCleaner v2.300 - Logfile created 05/15/2013 at 16:25:10# Updated 28/04/2013 by Xplode# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)# User : Gosa - GOSA-PC# Boot Mode : Normal# Running from : C:\Users\Gosa\Downloads\adwcleaner.exe# Option [Delete]***** [services] ********** [Files / Folders] ********** [Registry] *****Key Deleted : HKCU\Software\DataMngrKey Deleted : HKCU\Software\DataMngr_ToolbarKey Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}Key Deleted : HKLM\Software\DataMngrKey Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}Key Deleted : HKLM\SOFTWARE\Tarma Installer***** [internet Browsers] *****-\\ Internet Explorer v9.0.8112.16421[OK] Registry is clean.-\\ Mozilla Firefox v [unable to get version]File : C:\Users\Gosa\AppData\Roaming\Mozilla\Firefox\Profiles\dc5ftd9h.default\prefs.js[OK] File is clean.-\\ Google Chrome v [unable to get version]File : C:\Users\Gosa\AppData\Local\Google\Chrome\User Data\Default\Preferences[OK] File is clean.*************************AdwCleaner[R1].txt - [1477 octets] - [15/05/2013 16:17:23]AdwCleaner[s1].txt - [1426 octets] - [15/05/2013 16:25:10]########## EOF - C:\AdwCleaner[s1].txt - [1486 octets] ##########Does this now mean that my troubles are gone? Like I've said, crashes happen very randomly so I don't know how to test it right now...Are there any more scans/clean ups necessary or now I just wait and see if everything is ok? Link to post Share on other sites More sharing options...
Maniac Posted May 15, 2013 ID:679830 Share Posted May 15, 2013 Download on the desktop RogueKiller Quit all programs Start RogueKiller.exe Wait until Prescan has finished ... Click on Scan. Click on Report and copy/paste the content of the notepad in your next reply. Link to post Share on other sites More sharing options...
opacupa Posted May 15, 2013 Author ID:679833 Share Posted May 15, 2013 ROGUE KILLER X64RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/Website : http://tigzy.geekstogo.com/roguekiller.phpBlog : http://tigzyrk.blogspot.com/Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Gosa [Admin rights]Mode : Scan -- Date : 05/15/2013 16:38:57| ARK || FAK || MBR |¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 11 ¤¤¤[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [NOT LOADED] ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> C:\Windows\system32\drivers\etc\hosts¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: ST9500325AS ATA Device +++++--- User ---[MBR] f988364125a1bc68754870aa8ff2d237[bSP] 90b9e0751ebb62e5347f68e124609f35 : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476837 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[1]_S_05152013_02d1638.txt >>RKreport[1]_S_05152013_02d1638.txt Link to post Share on other sites More sharing options...
Maniac Posted May 15, 2013 ID:679834 Share Posted May 15, 2013 Okay. Please monitor your browser and come back after a day, two or three to let me know. Link to post Share on other sites More sharing options...
opacupa Posted May 15, 2013 Author ID:679838 Share Posted May 15, 2013 Cheers for the lightening fast help mate!!!I'll let you know if another crash apperas (hope it wont), but I'll let you know also if everything is working ok Link to post Share on other sites More sharing options...
Maniac Posted May 15, 2013 ID:679839 Share Posted May 15, 2013 Okay, we'll be in touch. Link to post Share on other sites More sharing options...
opacupa Posted May 15, 2013 Author ID:679927 Share Posted May 15, 2013 Sorry to bother you mate, but another crash just happened... Same thing like before, randomly browsing, no particular site and all of the sudden firefox nightly crashed and asked me if I want to send an error report and restart the browser..Any suggestions for the next step in solving this problem? Link to post Share on other sites More sharing options...
Maniac Posted May 15, 2013 ID:679982 Share Posted May 15, 2013 Is that happening only with Mozilla Nightly? Link to post Share on other sites More sharing options...
opacupa Posted May 16, 2013 Author ID:680249 Share Posted May 16, 2013 That is the only browser I currently have installed. I've tried using several other browsers, but every time a browser crashed several times in a short period, I've downloaded a new one and deleted the old one... Don't like having unnecessary applications installed if I'm not using them. Mozilla is my last option, I think I've tried every single browser there is, so after running out of options I came here for help Link to post Share on other sites More sharing options...
opacupa Posted May 17, 2013 Author ID:680714 Share Posted May 17, 2013 Little update. Browser is still crashing, but I've ran Memtest86+ 4.2 for 10 cycles and there were no errors, so it can't be my RAM that is causing crashes Link to post Share on other sites More sharing options...
Maniac Posted May 17, 2013 ID:680750 Share Posted May 17, 2013 We cleaning some of toolbars remnants which could caused browser problems, so this supposed problem was fixed. About your current browser I think that is a wrong choice, because is experimental browser edition from Mozilla and could have bugs and incomplete functionality that could cause a several problems. The best choice to is the latest version of Mozilla FireFox or Chrome, Opera and so on to be sure that the browser is okay for daily use. Link to post Share on other sites More sharing options...
opacupa Posted May 17, 2013 Author ID:680814 Share Posted May 17, 2013 Ok, I will try regular firefox, I chose this one because it was 64bit, and fire fox is 32bit, but if it works better who cares I'll let you know if there are any more problems with normal firefox, or if the problem is finally solved..Cheers Link to post Share on other sites More sharing options...
Maniac Posted May 17, 2013 ID:680817 Share Posted May 17, 2013 Okay, keep me informed. Link to post Share on other sites More sharing options...
opacupa Posted May 17, 2013 Author ID:680910 Share Posted May 17, 2013 In one minute, standard Firefox brower crashed two times! Second time, it was idle for 15sec after restart and crashed...Any more suggestions? Link to post Share on other sites More sharing options...
Maniac Posted May 18, 2013 ID:681031 Share Posted May 18, 2013 Please scan your machine with ESET OnlineScanHold down Control and click on the following link to open ESET OnlineScan in a new window. ESET OnlineScanClick the button.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.Save it to your Desktop.Double click on the to download the ESET Smart Installer. icon on your Desktop.[*]Check "YES, I accept the Terms of Use."[*]Click the Start button.[*]Accept any security warnings from your browser.[*]Under Scan Settings, check "Scan Archives" and "Remove found threats" [*]Click Advanced settings and select the following:Scan potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth technology[*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.[*]When the scan completes, click List Threats[*]Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.[*]Click the Back button.[*]Click the Finish button. Link to post Share on other sites More sharing options...
opacupa Posted May 18, 2013 Author ID:681169 Share Posted May 18, 2013 Hmmm strange result:C:\IGRE\Resident. Evil 6\steam_api.dll a variant of Win32/Packed.VMProtect.ABD trojan cleaned by deleting - quarantinedC:\Users\Gosa\Desktop\ll\µTorrent 3.3 Build 29420 Stable\uTorrent.exe a variant of Win32/Bunndle application cleaned by deleting - quarantinedIt said it found uTorrent but I've uninstalled it couple of days ago on your recommendation. And looks like RE6 was infected, I'll uninstall the game now!Looks like MSE isn't doing a good job, would you recommend AVAST or ESET as antivirus program? Link to post Share on other sites More sharing options...
opacupa Posted May 18, 2013 Author ID:681172 Share Posted May 18, 2013 Whoops, just realised ESET is not free, so I'll uninstall MSE and go with Avast Link to post Share on other sites More sharing options...
opacupa Posted May 18, 2013 Author ID:681199 Share Posted May 18, 2013 Hey mate, my PC has just started BSOD-ing like crazy, browser is still crashing, so I guess it is time for a clean install of Windows! I'm even considering updating to Win8, what is your experience with it, and would you recommend that? Link to post Share on other sites More sharing options...
Recommended Posts