linny40 Posted September 1, 2014 ID:873853 Share Posted September 1, 2014 hi guys read your post Im infected and run the FRST64 please see logs Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 02Addition.txtFRST.txt Link to post Share on other sites More sharing options...
Naathim Posted September 1, 2014 ID:873864 Share Posted September 1, 2014 My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat Before we start please note the following:Analysis and research take some time, also sometimes real life gets in the way, please be patient.Limit your internet access to posting here, some infections just wait to steal typed-in passwords.Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.Paste the logs in your posts, attachments make my work harder and more complicated.Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.Note that we may live in totally different time zones, what may cause some delays between answers.I can't foresee everything, so if anything unexpected happens, please stop and inform me!There are no silly questions. Never be afraid to ask if in doubt!Let's start and enjoy the fight! Rules and policiesWe won't support any piracy. That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!Failure to follow these guidelines will result with closing your topic and withdrawning any assistance. Scan with Malwarebytes' Anti-MalwarePlease download and install Malwarebytes Anti-Malware, or re-run it if you already have it installed.First of all select update.Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.Click the Scan tab, choose Threat Scan is checked and click Scan Now.If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.Upon completion of the scan (or after the reboot), click the History tab.Click Application Logs and double-click the Scan Log.At the bottom click Export and choose Text file.Save the file to your desktop and include its content in your next reply. Link to post Share on other sites More sharing options...
linny40 Posted September 2, 2014 Author ID:874106 Share Posted September 2, 2014 Tried to reinstall again this moring but to no avail. MBAM will not install : C:\Programe Files (x86)Malwarebytes Anti-Malware\chameleon\windows\mbam-chameleon.comAn error ocured while trying to read the soucre file: access deniedClick Retry to try again, Ignore to skip this file (not recommended), or Abort to cancell installation Link to post Share on other sites More sharing options...
Naathim Posted September 3, 2014 ID:874321 Share Posted September 3, 2014 Hi and sorry for the delay.Can you please describe the symptoms you are experiencing? Scan with GmerThis type of scan often produces false positives. At any point do not take any action for any suspicious entries you may see there. Instead post the log to be analyzed.Please download GMER by Gmer and save the file to your desktop.It will come as a randomly named file (like a6ge38b4.exe) - that's absolutely normal.Temporary disable your AntiVirus and AntiSpyware protection - instructions here.If you are a user of CD emulation software (like Daemon Tools or Alcohol) also disable it for the cleaning process - instructions here.Right-click on randomly named icon and select Run as Administrator to start the tool.It is very important that you do not use your computer while Gmer is running!Gmer will open to the Rootkit/Malware tab and perform an automatic quick scan.If you receive a warning about rootkit activity and are asked to fully scan your system click NO!When the pre-scan is completed, please do the following:Please check in the Quick scan box.Please uncheck the IAT/EAT and Show All.Click Scan.If you see a rootkit warning window click OK.When the scan is finished, Save the results to your desktop as gmer.log.Please include the content of this file in your next reply.Don't forget to re-enable previously switched-off protection software! If you encounter any problems, try running GMER in Safe Mode. If GMER crashes or keeps resulting in a Blue Screen of Death, uncheck Devices on the right side before scanning. Link to post Share on other sites More sharing options...
linny40 Posted September 3, 2014 Author ID:874401 Share Posted September 3, 2014 Tried the above but GMER would not start, so tried in safe mode and same problem.sorry had to attach screenshot as it would not let me copy & pasteBasically a problem stopped it working. Link to post Share on other sites More sharing options...
Naathim Posted September 3, 2014 ID:874403 Share Posted September 3, 2014 Not a problem, but it's very small and I can't see anything there. Attach it once more, enlarge the resolution.Also be more descriptive about the symptoms you have. Scan with Malwarebytes' Anti-RootkitPlease download Malwarebytes' Anti-Rootkit and save the file to your desktop.Note that the tool is still in its BETA stage, therefore not all functionalities may be added.Right-click on icon and select Run as Administrator to start the tool.It will ask you for an extraction place - make sure you will unpack it to your desktop.After the extraction, the tool should start itself (no action required).On the Introduction screen click Next.On the Update screen click Update.When prompted about the succesful update, click Next.On the Scan System screen, make sure that all three optionsDriversSectorsSystemare checked for scanning and press Scan.Wait patiently and don't do anything on your machine while MBAR goes through your system!If no infection is found, just close the tool.If an infection is found, make sure that Create Restore Point is checked, then select Cleanup button to remove threats. The process will start and your machine will prompt you to reboot upon completion.When finished (either with or without cleanup), please navigate to the MBAR directory.Search there for these two files:> mbar-log-date(time).txt> system-log.txtPlease include the content of both files in your reply. Link to post Share on other sites More sharing options...
linny40 Posted September 3, 2014 Author ID:874457 Share Posted September 3, 2014 Malwarebytes Anti-Rootkit BETA 1.07.0.1012www.malwarebytes.orgDatabase version: v2014.09.03.03Windows 7 Service Pack 1 x64 NTFSInternet Explorer 9.0.8112.16421Gaming :: LINDASILVER-PC [administrator]03/09/2014 13:02:36mbar-log-2014-09-03 (13-02-36).txtScan type: Quick scanScan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/ShurikenScan options disabled:Objects scanned: 441798Time elapsed: 1 hour(s), 6 minute(s), 45 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)Physical Sectors Detected: 0(No malicious items detected)(end)---------------------------------------Malwarebytes Anti-Rootkit BETA 1.07.0.1012© Malwarebytes Corporation 2011-2012OS version: 6.1.7601 Windows 7 Service Pack 1 x64Account is AdministrativeInternet Explorer version: 9.0.8112.16421File system is: NTFSDisk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXEDCPU speed: 3.000000 GHzMemory total: 4294164480, free: 1247993856Downloaded database version: v2014.09.03.03Downloaded database version: v2014.08.21.01=======================================Initializing...------------ Kernel report ------------ 09/03/2014 13:02:20------------ Loaded modules -----------\SystemRoot\system32\ntoskrnl.exe\SystemRoot\system32\hal.dll\SystemRoot\system32\kdcom.dll\SystemRoot\system32\mcupdate_AuthenticAMD.dll\SystemRoot\system32\PSHED.dll\SystemRoot\system32\CLFS.SYS\SystemRoot\system32\CI.dll\SystemRoot\system32\drivers\Wdf01000.sys\SystemRoot\system32\drivers\WDFLDR.SYS\SystemRoot\system32\drivers\ACPI.sys\SystemRoot\system32\drivers\WMILIB.SYS\SystemRoot\system32\drivers\msisadrv.sys\SystemRoot\system32\drivers\pci.sys\SystemRoot\system32\drivers\vdrvroot.sys\SystemRoot\System32\drivers\partmgr.sys\SystemRoot\system32\drivers\volmgr.sys\SystemRoot\System32\drivers\volmgrx.sys\SystemRoot\system32\drivers\pciide.sys\SystemRoot\system32\drivers\PCIIDEX.SYS\SystemRoot\System32\drivers\mountmgr.sys\SystemRoot\system32\drivers\atapi.sys\SystemRoot\system32\drivers\ataport.SYS\SystemRoot\system32\DRIVERS\nvstor64.sys\SystemRoot\system32\DRIVERS\storport.sys\SystemRoot\system32\drivers\amdxata.sys\SystemRoot\system32\drivers\fltmgr.sys\SystemRoot\system32\drivers\fileinfo.sys\SystemRoot\system32\DRIVERS\MpFilter.sys\SystemRoot\System32\Drivers\Ntfs.sys\SystemRoot\System32\Drivers\msrpc.sys\SystemRoot\System32\Drivers\ksecdd.sys\SystemRoot\System32\Drivers\cng.sys\SystemRoot\System32\drivers\pcw.sys\SystemRoot\System32\Drivers\Fs_Rec.sys\SystemRoot\system32\drivers\ndis.sys\SystemRoot\system32\drivers\NETIO.SYS\SystemRoot\System32\Drivers\ksecpkg.sys\SystemRoot\System32\drivers\tcpip.sys\SystemRoot\System32\drivers\fwpkclnt.sys\SystemRoot\system32\drivers\volsnap.sys\SystemRoot\System32\Drivers\spldr.sys\SystemRoot\System32\drivers\rdyboost.sys\SystemRoot\System32\Drivers\mup.sys\SystemRoot\System32\drivers\hwpolicy.sys\SystemRoot\System32\DRIVERS\fvevol.sys\SystemRoot\system32\drivers\EUBKMON.sys\SystemRoot\system32\drivers\eubakup.sys\SystemRoot\system32\DRIVERS\disk.sys\SystemRoot\system32\DRIVERS\CLASSPNP.SYS\SystemRoot\system32\DRIVERS\avgrkx64.sys\SystemRoot\system32\DRIVERS\avgidsha.sys\SystemRoot\system32\DRIVERS\cdrom.sys\SystemRoot\system32\DRIVERS\avgmfx64.sys\SystemRoot\system32\DRIVERS\mwlPSDFilter.sys\SystemRoot\System32\Drivers\Null.SYS\SystemRoot\System32\Drivers\Beep.SYS\SystemRoot\System32\drivers\vga.sys\SystemRoot\System32\drivers\VIDEOPRT.SYS\SystemRoot\System32\drivers\watchdog.sys\SystemRoot\System32\DRIVERS\RDPCDD.sys\SystemRoot\system32\drivers\rdpencdd.sys\SystemRoot\system32\drivers\rdprefmp.sys\SystemRoot\System32\Drivers\Msfs.SYS\SystemRoot\System32\Drivers\Npfs.SYS\SystemRoot\system32\DRIVERS\tdx.sys\SystemRoot\system32\DRIVERS\TDI.SYS\SystemRoot\system32\DRIVERS\avgtdia.sys\SystemRoot\System32\DRIVERS\netbt.sys\SystemRoot\system32\drivers\afd.sys\SystemRoot\system32\DRIVERS\wfplwf.sys\SystemRoot\system32\DRIVERS\pacer.sys\SystemRoot\system32\DRIVERS\netbios.sys\SystemRoot\system32\DRIVERS\wanarp.sys\SystemRoot\system32\drivers\termdd.sys\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS\SystemRoot\system32\DRIVERS\rdbss.sys\SystemRoot\system32\drivers\nsiproxy.sys\SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys\SystemRoot\system32\DRIVERS\mwlPSDNServ.sys\SystemRoot\system32\drivers\mssmbios.sys\??\C:\Windows\system32\drivers\EuFdDisk.sys\??\C:\Windows\system32\drivers\eudskacs.sys\SystemRoot\System32\drivers\discache.sys\SystemRoot\System32\Drivers\dfsc.sys\SystemRoot\system32\DRIVERS\blbdrive.sys\SystemRoot\system32\DRIVERS\avgldx64.sys\SystemRoot\system32\DRIVERS\amdppm.sys\SystemRoot\system32\DRIVERS\mouclass.sys\SystemRoot\system32\DRIVERS\nvsmu.sys\SystemRoot\system32\DRIVERS\usbohci.sys\SystemRoot\system32\DRIVERS\USBPORT.SYS\SystemRoot\system32\DRIVERS\usbehci.sys\SystemRoot\system32\drivers\HDAudBus.sys\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys\SystemRoot\system32\DRIVERS\nvmf6264.sys\SystemRoot\system32\DRIVERS\nvlddmkm.sys\SystemRoot\System32\Drivers\nvBridge.kmd\SystemRoot\System32\drivers\dxgkrnl.sys\SystemRoot\System32\drivers\dxgmms1.sys\SystemRoot\system32\drivers\wmiacpi.sys\SystemRoot\system32\drivers\CompositeBus.sys\SystemRoot\system32\DRIVERS\AgileVpn.sys\SystemRoot\system32\DRIVERS\rasl2tp.sys\SystemRoot\system32\DRIVERS\ndistapi.sys\SystemRoot\system32\DRIVERS\ndiswan.sys\SystemRoot\system32\DRIVERS\raspppoe.sys\SystemRoot\system32\DRIVERS\raspptp.sys\SystemRoot\system32\DRIVERS\rassstp.sys\SystemRoot\system32\DRIVERS\kbdclass.sys\SystemRoot\system32\drivers\serscan.sys\SystemRoot\system32\drivers\ksthunk.sys\SystemRoot\system32\drivers\ks.sys\SystemRoot\system32\drivers\swenum.sys\SystemRoot\system32\DRIVERS\umbus.sys\SystemRoot\system32\DRIVERS\usbhub.sys\SystemRoot\System32\Drivers\NDProxy.SYS\SystemRoot\system32\drivers\RTKVHD64.sys\SystemRoot\system32\drivers\portcls.sys\SystemRoot\system32\drivers\drmk.sys\SystemRoot\system32\drivers\nvhda64v.sys\SystemRoot\system32\DRIVERS\hidusb.sys\SystemRoot\system32\DRIVERS\HIDCLASS.SYS\SystemRoot\system32\DRIVERS\HIDPARSE.SYS\SystemRoot\system32\DRIVERS\USBD.SYS\SystemRoot\system32\DRIVERS\mouhid.sys\SystemRoot\system32\DRIVERS\usbccgp.sys\SystemRoot\system32\DRIVERS\kbdhid.sys\SystemRoot\system32\DRIVERS\usbprint.sys\SystemRoot\System32\Drivers\crashdmp.sys\SystemRoot\System32\Drivers\dump_diskdump.sys\SystemRoot\System32\Drivers\dump_nvstor64.sys\SystemRoot\System32\Drivers\dump_dumpfve.sys\SystemRoot\System32\win32k.sys\SystemRoot\System32\drivers\Dxapi.sys\SystemRoot\system32\DRIVERS\USBSTOR.SYS\SystemRoot\system32\DRIVERS\monitor.sys\SystemRoot\System32\TSDDD.dll\SystemRoot\System32\cdd.dll\SystemRoot\System32\ATMFD.DLL\SystemRoot\system32\drivers\luafv.sys\SystemRoot\system32\DRIVERS\lltdio.sys\SystemRoot\system32\DRIVERS\rspndr.sys\SystemRoot\system32\drivers\HTTP.sys\SystemRoot\system32\DRIVERS\bowser.sys\SystemRoot\System32\drivers\mpsdrv.sys\SystemRoot\system32\DRIVERS\mrxsmb.sys\SystemRoot\system32\DRIVERS\mrxsmb10.sys\SystemRoot\system32\DRIVERS\mrxsmb20.sys\SystemRoot\system32\DRIVERS\avgidsfiltera.sys\SystemRoot\system32\drivers\npf.sys\SystemRoot\system32\drivers\peauth.sys\SystemRoot\System32\Drivers\secdrv.SYS\SystemRoot\System32\DRIVERS\srvnet.sys\SystemRoot\System32\drivers\tcpipreg.sys\SystemRoot\system32\DRIVERS\avgidsdrivera.sys\SystemRoot\System32\DRIVERS\srv2.sys\SystemRoot\System32\DRIVERS\srv.sys\SystemRoot\system32\drivers\WudfPf.sys\SystemRoot\system32\DRIVERS\WUDFRd.sys\??\C:\Windows\system32\drivers\mbamchameleon.sys\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys\Windows\System32\ntdll.dll\Windows\System32\smss.exe\Windows\System32\apisetschema.dll----------- End -----------Done!<<<1>>>Upper Device Name: \Device\Harddisk3\DR3Upper Device Object: 0xfffffa8006dc9790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\00000090\Lower Device Object: 0xfffffa8006e1ab60Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk2\DR2Upper Device Object: 0xfffffa8006d8a790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\0000008f\Lower Device Object: 0xfffffa8006d85620Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk1\DR1Upper Device Object: 0xfffffa8006d59790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\0000008d\Lower Device Object: 0xfffffa8005550720Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk0\DR0Upper Device Object: 0xfffffa80047ca060Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\00000067\Lower Device Object: 0xfffffa8004558060Lower Device Driver Name: \Driver\nvstor64\<<<2>>>Physical Sector Size: 512Drive: 0, DevicePointer: 0xfffffa80047ca060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa80046519d0, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa80047ca060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa800455ee40, DeviceName: Unknown, DriverName: \Driver\ACPI\DevicePointer: 0xfffffa8004558060, DeviceName: \Device\00000067\, DriverName: \Driver\nvstor64\------------ End ----------Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesScanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\adp94xx.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\adp94xx.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\adpahci.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\adpahci.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\adpu320.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\adpu320.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\aliide.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\aliide.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\amdide.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\amdide.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\amdsata.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\amdsata.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\amdsbs.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\amdsbs.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\amdxata.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\amdxata.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\arc.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\arc.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\avgidsdrivera.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\avgidsdrivera.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\avgidsfiltera.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\avgidsfiltera.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\avgidsha.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\avgidsha.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\cmdide.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\cmdide.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\compbatt.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\compbatt.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\crcdisk.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\crcdisk.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\elxstor.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\elxstor.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\eubakup.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\eubakup.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\EUBKMON.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\EUBKMON.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\eudskacs.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\eudskacs.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\EuFdDisk.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\EuFdDisk.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\GEARAspiWDM.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\GEARAspiWDM.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\hcw85cir.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\hcw85cir.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\hidir.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\hidir.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\HpSAMD.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\HpSAMD.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\iaStorV.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\iaStorV.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\iirsp.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\iirsp.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\intelide.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\intelide.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\IPMIDrv.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\IPMIDrv.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\lsi_fc.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\lsi_fc.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\lsi_sas.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\lsi_sas.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\lsi_sas2.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\lsi_sas2.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\lsi_scsi.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\lsi_scsi.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\mbamchameleon.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\mbamchameleon.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\MBAMSwissArmy.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\MBAMSwissArmy.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\arcsas.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\arcsas.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\avgldx64.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\avgldx64.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\evbda.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\evbda.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\GAGP30KX.SYS" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\GAGP30KX.SYS" is compressed (flags = 1)File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\megasas.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\megasas.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\UAGP35.SYS" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\UAGP35.SYS" is compressed (flags = 1)File "C:\Windows\System32\drivers\MegaSR.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\MegaSR.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\MpFilter.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\MpFilter.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\msahci.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\msahci.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\mwlPSDFilter.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\mwlPSDFilter.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\mwlPSDNserv.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\mwlPSDNserv.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\mwlPSDVDisk.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\mwlPSDVDisk.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\netaapl64.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\netaapl64.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\nfrd960.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\nfrd960.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\NisDrvWFP.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\NisDrvWFP.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\npf.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\npf.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\nvBridge.kmd" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\nvBridge.kmd" is compressed (flags = 1)File "C:\Windows\System32\drivers\nvhda64v.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\nvhda64v.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\nvlddmkm.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\nvlddmkm.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\nvm62x64.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\nvm62x64.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\nvmf6264.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\nvmf6264.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\nvraid.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\nvraid.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\nvsmu.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\nvsmu.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\nvstor.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\nvstor.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\nvstor64.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\nvstor64.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\NV_AGP.SYS" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\NV_AGP.SYS" is compressed (flags = 1)File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\ql2300.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\ql2300.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\ql40xx.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\ql40xx.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\revoflt.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\revoflt.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\RTKVHD64.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\RTKVHD64.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\secdrv.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\secdrv.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\serscan.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\serscan.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\sisraid2.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\sisraid2.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\sisraid4.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\sisraid4.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\stexstor.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\stexstor.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\SWDUMon.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\SWDUMon.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\ULIAGPKX.SYS" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\ULIAGPKX.SYS" is compressed (flags = 1)File "C:\Windows\System32\drivers\usbaapl64.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\usbaapl64.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\viaide.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\viaide.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\vsmraid.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\vsmraid.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\wd.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\wd.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\WSDPrint.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\WSDPrint.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\WSDScan.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\WSDScan.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\avgmfx64.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\avgmfx64.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\avgrkx64.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\avgrkx64.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\avgtdia.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\avgtdia.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\b57nd60a.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\b57nd60a.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\blbdrive.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\blbdrive.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\BrFiltLo.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\BrFiltLo.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\BrFiltUp.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\BrFiltUp.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\BrSerId.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\BrSerId.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\BrSerWdm.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\BrSerWdm.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\BrUsbMdm.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\BrUsbMdm.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\BrUsbSer.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\BrUsbSer.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\bxvbda.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\bxvbda.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)File "C:\Windows\System32\drivers\fssfltr.sys" is compressed (flags = 1)File "C:\WINDOWS\SYSTEM32\drivers\fssfltr.sys" is compressed (flags = 1)Done!Drive 0This is a System driveScanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: 12399243Partition information: Partition 0 type is Other (0x27) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 28672000 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 28674048 Numsec = 204800 Partition file system is NTFS Partition is bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 28878848 Numsec = 1517088232 Partition 3 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 1545967080 Numsec = 407556040Disk Size: 1000204886016 bytesSector size: 512 bytesScanning physical sectors of unpartitioned space on drive 0 (1-2047-1953505168-1953525168)...Done!Physical Sector Size: 512Drive: 1, DevicePointer: 0xfffffa8006d59790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8006d54300, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8006d59790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8005550720, DeviceName: \Device\0000008d\, DriverName: \Driver\USBSTOR\------------ End ----------Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0Drive 1Scanning MBR on drive 1...Inspecting partition table:MBR Signature: 55AADisk Signature: 51B5BC6Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 1953520065 Partition file system is NTFS Partition is not bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0Disk Size: 1000204886016 bytesSector size: 512 bytesDone!Physical Sector Size: 0Drive: 2, DevicePointer: 0xfffffa8006d8a790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8006d80b90, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8006d8a790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8006d85620, DeviceName: \Device\0000008f\, DriverName: \Driver\USBSTOR\------------ End ----------Physical Sector Size: 0Drive: 3, DevicePointer: 0xfffffa8006dc9790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8006d99b90, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8006dc9790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8006e1ab60, DeviceName: \Device\00000090\, DriverName: \Driver\USBSTOR\------------ End ----------File "C:\ProgramData\AVG2012\Chjw\32844e7b844e4199.dat" is compressed (flags = 1)File "C:\ProgramData\AVG2012\Chjw\742cd3eb2cd3a680.dat" is compressed (flags = 1)File "C:\ProgramData\AVG2012\Chjw\742cd3eb2cd3a680.dat" is compressed (flags = 1)File "C:\ProgramData\AVG2012\Chjw\848a21348a1ff94.dat" is compressed (flags = 1)File "C:\ProgramData\AVG2012\Chjw\967cf34f7cf3291f.dat" is compressed (flags = 1)File "c:\programdata\avg2012\chjw\32844e7b844e4199.dat:0ff04c49-212e-4d33-81b4-3241263a1420" is compressed (flags = 32769)File "c:\programdata\avg2012\chjw\32844e7b844e4199.dat:0ff04c49-212e-4d33-81b4-3241263a1420" is sparse (flags = 32769)File "C:\ProgramData\AVG2012\log\avgchjw.log" is compressed (flags = 1)File "C:\ProgramData\AVG2012\log\avgrs.log" is compressed (flags = 1)File "C:\ProgramData\AVG2012\log\avgldr.log" is compressed (flags = 1)File "C:\ProgramData\MFAData\logs\mfa-20140903-113710.log" is compressed (flags = 1)File "C:\ProgramData\MFAData\logs\msi-20140903-113710.log" is compressed (flags = 1)File "C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\sc_res_2.db3" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Apple Computer\Logs\asl.121421_03Sep14.log" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\ViberPC\config.db" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\ViberPC\info.db" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\ViberPC\447973461023\data.db" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\ViberPC\447973461023\data.db-shm" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\ViberPC\447973461023\viber.db" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\ViberPC\447973461023\viber.db-shm" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\ViberPC\447973461023\viber.db-wal" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Temp\etilqs_AFFXW2s9TIfetOT" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Temp\etilqs_gkVkgcuOhg4qo5C" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Temp\ImInstaller\ImApp.log" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Temp\acro_rd_dir\fla4961.tmp" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Temp\acro_rd_dir\fla71F7.tmp" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Temp\acro_rd_dir\fla71F7.tmp" is compressed (flags = 1)File "C:\Windows\Temp\TMP000000F7B401F979A973AD8E" is compressed (flags = 1)File "C:\Windows\Temp\Low\SkypeClickToCall\Logs\AutoUpdateSvc.log" is compressed (flags = 1)File "C:\Users\Gaming\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe" is compressed (flags = 1)File "C:\Users\Gaming\Downloads\install_flashplayer14x32_mssd_aaa_aih(1).exe" is compressed (flags = 1)File "C:\Users\Gaming\Downloads\install_flashplayer14x32_mssd_aaa_aih(2).exe" is compressed (flags = 1)File "C:\Users\Gaming\Downloads\install_flashplayer14x32_mssd_aaa_aih(3).exe" is compressed (flags = 1)File "C:\Users\Gaming\Downloads\install_flashplayer14x32_mssd_aaa_aih(4).exe" is compressed (flags = 1)File "C:\Users\Gaming\Downloads\install_flashplayer14x32_mssd_aaa_aih(5).exe" is compressed (flags = 1)File "C:\Users\Gaming\Downloads\install_flashplayer14x32_mssd_aaa_aih.exe" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Apple Computer\Cache.db" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Box Sync\item_status.db" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Box Sync\monitor_state.db" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Box Sync\sync.db" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Box Sync\Logs\Box Sync-4.0.5237.log" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Box Sync\Logs\OverlayService-2014-09-03.log" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Viber\launcher.db" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" is compressed (flags = 1)File "C:\Windows\WindowsUpdate.log" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\permissions.sqlite" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\places.sqlite" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\places.sqlite" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\places.sqlite-shm" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\places.sqlite-wal" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\webappsstore.sqlite" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\webappsstore.sqlite-shm" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\webappsstore.sqlite-wal" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\formhistory.sqlite" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\healthreport.sqlite" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\healthreport.sqlite-shm" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\key3.db" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\cert8.db" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\content-prefs.sqlite" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\cookies.sqlite" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\cookies.sqlite-shm" is compressed (flags = 1)File "C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\pokzqlxq.default-1401991791145\cookies.sqlite-wal" is compressed (flags = 1)Scan finished=======================================Removal queue found; removal startedRemoving C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-28674048-i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-63-i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...Removal finished Link to post Share on other sites More sharing options...
linny40 Posted September 3, 2014 Author ID:874458 Share Posted September 3, 2014 Sorry forgot to add re the GMER problem this is what the text box saidit went to start then came up with a box that said:b6xbtu8.exe has stopped working. a problem caused the programm to stop working correctly windowws will close the program & notify you if it has a solution - then said to close progrmae Link to post Share on other sites More sharing options...
Naathim Posted September 3, 2014 ID:874568 Share Posted September 3, 2014 OK, there's still the lack of description of your symptoms & issues.Ineed to know what exactly should I look for. So...? Link to post Share on other sites More sharing options...
linny40 Posted September 3, 2014 Author ID:874586 Share Posted September 3, 2014 Sorry had the runtime 383 error so couldnt run or update. Trued to use mb clean & reinstall then coyldnot open or run malearebytes. Sonyold to run the frst & post in here. Hope that helps you understand. Link to post Share on other sites More sharing options...
Naathim Posted September 3, 2014 ID:874590 Share Posted September 3, 2014 Scan with ComboFixThis is a very powerful tool that should be used only if advised by Malware Analyst.Do not run ComboFix on your own!Referring to this instruction, please download ComboFix by sUBs and save it to your desktop.Temporary disable your AntiVirus and AntiSpyware protection - instructions here.If you are a user of CD emulation software (like Daemon Tools or Alcohol) also disable it for the cleaning process - instructions here.Right-click on icon and select Run as Administrator to start the tool.Accept the disclaimer and agree if prompted to install Recovery Console.Do not take any actions while ComboFix goes through your System - it may cause it to stall!This scan may take some time!When finished - it will display a logfile (located also on your main drive, usually C:\ComboFix.txt).Include that log in your next reply. If you'll encounter any issues with internet connection after running ComboFix, please visit this link. If an error about operation on the key marked for deletion will appear after running the tool, please reboot your machine. Don't forget to re-enable your previously switched-off protection software! Link to post Share on other sites More sharing options...
linny40 Posted September 4, 2014 Author ID:874957 Share Posted September 4, 2014 to scared to do that. But managed to totally delete all MBAM files from pc and gone back to coping n older version of MBAM from my sons pc which installed without a problem and now running a scan. logo is the old Black & red one, but its working & i feel my pc is safer now than it was athe last few days.Thanks for your help & support Link to post Share on other sites More sharing options...
linny40 Posted September 4, 2014 Author ID:875031 Share Posted September 4, 2014 delete that!!installed older version and it worked perfect i have just updated it and got similar problem again this is what box read: an error has occured please report to our support team PROGRAMM_ERROR_UPDATING (0,0,SHRegGetPath) Link to post Share on other sites More sharing options...
Naathim Posted September 5, 2014 ID:875214 Share Posted September 5, 2014 I find it quite difficult to communicate with you. Are you going to follow my directions, or you want to check your machine on your own? If I ask for something, there is a high probability that I've got a reason for it. If you think that you know better, stop wasting my time - I will dedicate it to another people who are in a need for help. Link to post Share on other sites More sharing options...
linny40 Posted September 5, 2014 Author ID:875248 Share Posted September 5, 2014 I find it quite difficult to communicate with you. ???????? i do not understand why you find it difficult. I ask for help i give you all information you ask for.Are you going to follow my directions, or you want to check your machine on your own? If I ask for something, there is a high probability that I've got a reason for it.If you think that you know better, stop wasting my time - I will dedicate it to another people who are in a need for help. - i do not think i no better and not wasting your time.I suffer learning difficulties but ask for help and give info you want i tell you i get the run time 383 error and get told to run the FRST64 and post results, i give you answer but you still say i give you lack of problems but i tell you the GMER does not work give you the discription - which i do, but you say its not enough. i then follow what you say until last post where it sounds scary.I will try and do that today, but i did try to uninstall mBAW as the cleaner for MBAW did not delte it, so deleted every file and triedto start again. So not sure if its machine or MBAW problem as the old version works until i update.Sorry if you think i waste your time, but im asknig for help but dont know what im doing. but you do not seem happy to help Link to post Share on other sites More sharing options...
Naathim Posted September 5, 2014 ID:875259 Share Posted September 5, 2014 OK, let's try to talk for a while Maybe we can resolve our communicating issues that way. I am really willing to help you, and I'm dedicated to do it. I know that sometimes it may be hard to communicate using the media we have. Sorry - it's still the best way we know. First of all - I need to know what issues is your machine experiencing at this point.You said in your first post only this:hi guys read your post Im infected and run the FRST64 please see logsIt's not enough for me. What are the symptoms? What is happening?The logs are read in the context of what you are facing. I need you to be descriptive about your issues. I am aware of issues with installing Malwarebytes'. But I am not a Malwarebytes' support - my goal is to remove malicious software from your machine. So please let's stick to that. Do not try to install MBAM or any other software right now - just follow my instructions. Don't fix anything on your own. Our instructions may interfere and render your machine unstable. So please, stay with me. After I will give you a clean bill of health, you will be referred to the MBAM tech section, where you will receive help with MBAM. Link to post Share on other sites More sharing options...
linny40 Posted September 5, 2014 Author ID:875303 Share Posted September 5, 2014 ok so seems my 1st post had been moved or deleted, which is why the above makes no sense. So my problem is now as i already install MBAW again is that now it wont update i get the error message i quoted above PROGRAMM_ERROR_UPDATING (0,0,SHRegGetPath) - it says please report to support team. but the programm still works without updating. any other problem i must have sorted as after doing the scan and doing my MSE & SUPERAntispyware scans nothing shows up except PUPS -( not sure what they are but they not dangerous but they do get deleted) so does this now mean i am in the wrong section for help?? thank you Link to post Share on other sites More sharing options...
Naathim Posted September 5, 2014 ID:875514 Share Posted September 5, 2014 Hi You are inthe section for Malware Removal. I don't provide support for MBAM - I am malware removal analyst. Let's make a deal - I will finish cleaningof your machine, and later you will go and seek for help with your MBAM problems. Does it work for you? Link to post Share on other sites More sharing options...
linny40 Posted September 5, 2014 Author ID:875553 Share Posted September 5, 2014 Yes thanks. I didnt put post here as said it was moved split from where i put it if you look at my 1st post so a mod or sum1 must have moved it here. So do i need to start a new post in the support forum. Sorry if i confused you but i didnt no my 1st post had been deleted or moved so i didnt see why u said i was not ecplaining my problems Sonif thats my only problem then maybe i dont actually have a virus/problem. So please let ne no what i need to do next. My pc is slow but think its coz its full & can no longer back up as even the 1tb external hard drive is full Link to post Share on other sites More sharing options...
Naathim Posted September 6, 2014 ID:875675 Share Posted September 6, 2014 I'm sorry, but I am afraid that I have really some problems with understanding you. English is not my primary one, please don't use any slang or idioms. I can only try to figure out what you have posted, nothing more. And when it comes to malware, I'd better no try to make guesses, as it may render your machine unstable.. I have asked you to run ComboFix. Please do that and post its report. Link to post Share on other sites More sharing options...
linny40 Posted September 6, 2014 Author ID:875691 Share Posted September 6, 2014 Confused?? I have not used any slang words - not sure what you mean by idioms. Sorry if my spelling is incorect. Cant help my dyslexia. You seem to be picking on me saying u cant understand what im saying or im not explaining my problems. I have done that to the best of my knowlege i aint perfect & dont have to justify my disabilites to you Link to post Share on other sites More sharing options...
Naathim Posted September 6, 2014 ID:875730 Share Posted September 6, 2014 I have asked you to run ComboFix. Please do that and post its report. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted September 8, 2014 Root Admin ID:876349 Share Posted September 8, 2014 I will go ahead and take over the topic from here and try to assist you linny40 First. Please shut the computer off and leave it off for a couple of minutes. Then turn it back on.Then follow the directions below as best you can. If you have questions or need further assistance please let me know. Once ready to run combofix you'll need to temporarily disable your antivirus as it says. Please visit this webpage and read the ComboFix User's Guide:Once you've read the article and are ready to use the program you can download it directly from the link below. Important! - Please make sure you save combofix to your desktop and do not run it from your browser Direct download link for: ComboFix.exe Please make sure you disable your security applications before running ComboFix. Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load. Please attach that log file to your next reply. If needed the file can be located here: C:\combofix.txt NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer. Link to post Share on other sites More sharing options...
linny40 Posted September 9, 2014 Author ID:876975 Share Posted September 9, 2014 Hi i an running combofix. It rebooted my system and now has a blue box saying peroaring log & not to run any prormas until finish. It has been like that for 2 hrs. How long should it take? Link to post Share on other sites More sharing options...
linny40 Posted September 9, 2014 Author ID:877007 Share Posted September 9, 2014 ComboFix.txt Finally finished! seemed to take 3-4 hours:( Link to post Share on other sites More sharing options...
Recommended Posts