Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My USB files all became shortcuts


  • This topic is locked This topic is locked
7 replies to this topic

#1 Javaman21

Javaman21

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 25 November 2013 - 06:00 AM

Hi I just opened my usb and saw that everything are shortcuts. I badly need to get my files. What should I do? I used my parents computer before this so I'm guessing their PC is infected too.

 

Thanks.



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:13 PM

Posted 25 November 2013 - 06:17 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 Javaman21

Javaman21
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 27 November 2013 - 03:50 AM

Thank you for your reply. I'm just having trouble with my internet connection and still not able to download the installers you mentioned. I will post as soon as I am able to the instructions. Thank you!



#4 Javaman21

Javaman21
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 28 November 2013 - 08:59 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-11-2013
Ran by emhz (administrator) on EHMZ on 29-11-2013 10:00:13
Running from C:\Users\emhz\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) ===================
 
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
() C:\Program Files\Pando Networks\Media Booster\PMB.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Photobook US) C:\Program Files\Photobook Designer\Photobook Designer.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Update\Install\{65D54F45-56A8-4866-9273-D2AC4782CC05}\GoogleToolbarInstaller_updater_signed.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [947152 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1537320 2009-06-25] (Synaptics Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [USBToolTip] - C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [Facebook Update] - C:\Users\emhz\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-22] (Facebook Inc.)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-07-01] (Google Inc.)
HKCU\...\Run: [ztorsftdgh] - C:\Users\emhz\AppData\Local\Temp\ztorsftdgh.vbs [19744 2013-08-10] () <===== ATTENTION
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-11-26] ()
MountPoints2: {2d05d0ff-e5ea-11e2-a39e-002269efbdcd} - F:\AutoRun.exe
Startup: C:\Users\emhz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ztorsftdgh.vbs ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5DBE0592CC76CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ph.msn.com/?rd=1&ucc=PH&dcc=PH&opt=0&ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.62\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\emhz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Extension: (YouTube) - C:\Users\emhz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (AdBlock) - C:\Users\emhz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0
CHR Extension: (Google Wallet) - C:\Users\emhz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\emhz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
 
========================== Services (Whitelisted) =================
 
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295232 2013-01-27] (Microsoft Corporation)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
 
==================== Drivers (Whitelisted) ====================
 
R3 Cam5607; C:\Windows\System32\Drivers\BisonC07.sys [1168880 2009-07-13] (Bison Electronics. Inc. )
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2013-02-21] (Anchorfree Inc.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-11-29 10:00 - 2013-11-29 10:01 - 00009209 _____ C:\Users\emhz\Downloads\FRST.txt
2013-11-29 10:00 - 2013-11-29 10:00 - 00000000 ____D C:\FRST
2013-11-29 09:58 - 2013-11-29 09:59 - 01092049 _____ (Farbar) C:\Users\emhz\Downloads\FRST.exe
2013-11-29 09:57 - 2013-11-29 09:58 - 01959024 _____ (Farbar) C:\Users\emhz\Downloads\FRST64.exe
2013-11-26 22:18 - 2013-11-26 22:18 - 00002204 _____ C:\Users\Public\Desktop\Pinnacle Studio 16.lnk
2013-11-26 22:17 - 2013-11-26 22:17 - 00000000 ____D C:\Program Files\Common Files\Pegasus Imaging
2013-11-26 20:26 - 2013-11-26 20:26 - 00149936 _____ C:\Windows\Minidump\112613-27487-01.dmp
2013-11-26 20:07 - 2013-11-26 20:07 - 00149960 _____ C:\Windows\Minidump\112613-67782-01.dmp
2013-11-26 20:04 - 2013-11-26 20:04 - 00000210 _____ C:\Users\emhz\AppData\Roaming\EHMZ.MTBF.txt
2013-11-26 20:04 - 2013-11-26 20:04 - 00000000 ____D C:\Users\emhz\AppData\Local\Avid
2013-11-26 20:03 - 2013-11-26 20:03 - 00000000 ____D C:\Program Files\Common Files\Pinnacle
2013-11-26 19:51 - 2013-11-26 19:52 - 00000000 ____D C:\ProgramData\Avid
2013-11-26 19:51 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-11-26 19:51 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-11-26 19:51 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-11-26 19:51 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-11-26 19:51 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-11-26 19:51 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-11-26 19:51 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-11-26 19:51 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-11-26 19:51 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-11-26 19:51 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-11-26 19:51 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-11-26 19:51 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-11-26 19:51 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-11-26 19:51 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-11-26 19:51 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-11-26 19:51 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-11-26 19:51 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-11-26 19:51 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-11-26 19:51 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-11-26 19:51 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-11-26 19:51 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2013-11-26 19:51 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2013-11-26 19:51 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2013-11-26 19:51 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2013-11-26 19:51 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2013-11-26 19:51 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2013-11-26 19:51 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-11-26 19:51 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-11-26 19:51 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-11-26 19:51 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-11-26 19:51 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2013-11-26 19:51 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2013-11-26 19:51 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2013-11-26 19:51 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-11-26 19:51 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-11-26 19:51 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-11-26 19:51 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2013-11-26 19:51 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2013-11-26 19:51 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2013-11-26 19:51 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2013-11-26 19:51 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2013-11-26 19:51 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2013-11-26 19:51 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2013-11-26 19:51 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2013-11-26 19:51 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2013-11-26 19:51 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2013-11-26 19:51 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2013-11-26 19:51 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2013-11-26 19:51 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2013-11-26 19:51 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2013-11-26 19:51 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2013-11-26 19:51 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2013-11-26 19:51 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2013-11-26 19:51 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2013-11-26 19:51 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2013-11-26 19:51 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2013-11-26 19:51 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2013-11-26 19:51 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2013-11-26 19:51 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2013-11-26 19:51 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2013-11-26 19:51 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2013-11-26 19:51 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2013-11-26 19:51 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2013-11-26 19:51 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2013-11-26 19:51 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2013-11-26 19:51 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2013-11-26 19:51 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2013-11-26 19:51 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2013-11-26 19:51 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2013-11-26 19:51 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2013-11-26 19:51 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2013-11-26 19:51 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2013-11-26 19:51 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2013-11-26 19:51 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-11-26 19:51 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2013-11-26 19:51 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-11-26 19:51 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2013-11-26 19:51 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2013-11-26 19:51 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2013-11-26 19:51 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2013-11-26 19:51 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2013-11-26 19:51 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2013-11-26 19:51 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2013-11-26 19:51 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2013-11-26 19:51 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2013-11-26 19:51 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2013-11-26 19:51 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2013-11-26 19:51 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-11-26 19:51 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2013-11-26 19:51 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2013-11-26 19:51 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2013-11-26 19:43 - 2013-11-26 19:43 - 00000000 ____D C:\ProgramData\PCTV Systems
2013-11-26 19:41 - 2013-11-26 19:41 - 00154200 _____ C:\Windows\Minidump\112613-72821-01.dmp
2013-11-26 19:35 - 2013-11-26 19:35 - 00038706 _____ C:\Users\emhz\Downloads\ufonts.com_helveticaneue_thin_1_.ttf
2013-11-26 19:33 - 2013-11-29 10:01 - 00000000 ____D C:\Users\emhz\AppData\Local\PMB Files
2013-11-26 19:33 - 2013-11-26 21:58 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-26 19:33 - 2013-11-26 19:33 - 00000000 ____D C:\Program Files\Pando Networks
2013-11-26 19:27 - 2013-11-26 22:10 - 00000000 ____D C:\Users\emhz\AppData\Local\Pinnacle
2013-11-26 19:11 - 2013-11-26 19:11 - 00001995 _____ C:\Users\Public\Desktop\Photobook Designer.lnk
2013-11-26 19:11 - 2013-11-26 19:11 - 00000000 ____D C:\Program Files\Photobook Designer
2013-11-26 19:09 - 2013-11-26 19:25 - 00000000 ____D C:\Users\emhz\Desktop\Pinnacle Studio 16 Ultimate 16.0.0.75 Final Ml_Rus
2013-11-24 20:23 - 2013-11-24 20:23 - 00154176 _____ C:\Windows\Minidump\112413-15990-01.dmp
2013-11-24 20:07 - 2013-11-24 20:07 - 00001028 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-24 19:56 - 2013-11-24 21:43 - 00000000 ____D C:\Users\emhz\Desktop\Render
2013-11-24 17:37 - 2013-11-24 17:38 - 00150000 _____ C:\Windows\Minidump\112413-37689-01.dmp
2013-11-24 17:32 - 2013-11-24 17:32 - 00154184 _____ C:\Windows\Minidump\112413-27081-01.dmp
2013-11-24 16:45 - 2013-11-24 21:42 - 00000132 _____ C:\Users\emhz\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-11-24 16:33 - 2013-11-24 16:56 - 00004608 _____ C:\Users\emhz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-24 16:17 - 2013-11-24 16:17 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-11-24 16:12 - 2013-11-24 16:12 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-11-24 16:12 - 2013-11-24 16:12 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-11-24 16:12 - 2013-11-24 16:12 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-11-24 16:05 - 2013-11-24 16:05 - 00154208 _____ C:\Windows\Minidump\112413-24960-01.dmp
2013-11-24 16:01 - 2013-11-24 16:28 - 00000000 ____D C:\Users\emhz\Desktop\Adobe Photoshop CS5.1 Extended Edition
2013-11-24 14:29 - 2013-11-24 14:29 - 00000000 ____D C:\Users\emhz\Documents\Pinnacle VideoSpin
2013-11-24 14:24 - 2013-11-26 22:16 - 00000000 ____D C:\Program Files\Pinnacle
2013-11-24 14:24 - 2013-11-24 14:29 - 00000000 ____D C:\Users\Public\Documents\Pinnacle
2013-11-24 14:24 - 2013-11-24 14:29 - 00000000 ____D C:\ProgramData\Pinnacle VideoSpin
2013-11-24 14:24 - 2013-11-24 14:24 - 00001077 _____ C:\Users\Public\Desktop\Pinnacle VideoSpin.lnk
2013-11-24 14:24 - 2013-11-24 14:24 - 00000000 ____D C:\Program Files\Common Files\Yahoo!
2013-11-24 14:22 - 2013-11-26 22:23 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2013-11-24 14:22 - 2013-11-26 22:16 - 00000000 ____D C:\ProgramData\Pinnacle
2013-11-24 14:16 - 2013-11-26 20:03 - 00000000 ____D C:\Users\emhz\AppData\Local\Downloaded Installations
2013-11-24 14:14 - 2013-11-24 14:14 - 00000000 ____D C:\Users\emhz\Desktop\Pinnacle Videospin 2.0.0.669 Full
2013-11-24 14:13 - 2013-11-24 21:42 - 00000000 ____D C:\Users\emhz\Desktop\Pepsi
 
==================== One Month Modified Files and Folders =======
 
2013-11-29 10:01 - 2013-11-29 10:00 - 00009209 _____ C:\Users\emhz\Downloads\FRST.txt
2013-11-29 10:01 - 2013-11-26 19:33 - 00000000 ____D C:\Users\emhz\AppData\Local\PMB Files
2013-11-29 10:00 - 2013-11-29 10:00 - 00000000 ____D C:\FRST
2013-11-29 09:59 - 2013-11-29 09:58 - 01092049 _____ (Farbar) C:\Users\emhz\Downloads\FRST.exe
2013-11-29 09:58 - 2013-11-29 09:57 - 01959024 _____ (Farbar) C:\Users\emhz\Downloads\FRST64.exe
2013-11-29 09:58 - 2013-07-01 20:57 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-29 09:57 - 2013-05-25 10:42 - 00778150 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-29 09:55 - 2013-05-25 10:33 - 01225247 _____ C:\Windows\WindowsUpdate.log
2013-11-29 09:50 - 2013-07-01 20:56 - 00000878 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-29 09:50 - 2009-07-13 20:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-29 09:50 - 2009-07-13 20:39 - 00031441 _____ C:\Windows\setupact.log
2013-11-27 19:45 - 2013-07-01 20:56 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-27 19:45 - 2013-06-22 20:04 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3317097852-2253380661-1924795539-1000UA.job
2013-11-27 19:45 - 2013-06-22 18:54 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-27 18:02 - 2013-09-04 14:36 - 00003072 _____ C:\Users\emhz\AppData\Roaming\Photobook Designer Prefsv3
2013-11-27 17:55 - 2009-07-13 20:34 - 00016384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-27 17:55 - 2009-07-13 20:34 - 00016384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-27 16:42 - 2013-06-22 19:47 - 00000000 ____D C:\Users\emhz\AppData\Roaming\Skype
2013-11-26 22:23 - 2013-11-24 14:22 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2013-11-26 22:18 - 2013-11-26 22:18 - 00002204 _____ C:\Users\Public\Desktop\Pinnacle Studio 16.lnk
2013-11-26 22:17 - 2013-11-26 22:17 - 00000000 ____D C:\Program Files\Common Files\Pegasus Imaging
2013-11-26 22:16 - 2013-11-24 14:24 - 00000000 ____D C:\Program Files\Pinnacle
2013-11-26 22:16 - 2013-11-24 14:22 - 00000000 ____D C:\ProgramData\Pinnacle
2013-11-26 22:10 - 2013-11-26 19:27 - 00000000 ____D C:\Users\emhz\AppData\Local\Pinnacle
2013-11-26 21:58 - 2013-11-26 19:33 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-26 21:22 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-11-26 21:09 - 2013-06-22 20:04 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3317097852-2253380661-1924795539-1000Core.job
2013-11-26 20:48 - 2013-09-04 12:35 - 00000000 ____D C:\Users\emhz\Documents\Photobook Designer Projects
2013-11-26 20:26 - 2013-11-26 20:26 - 00149936 _____ C:\Windows\Minidump\112613-27487-01.dmp
2013-11-26 20:26 - 2013-09-01 01:26 - 00000000 ____D C:\Windows\Minidump
2013-11-26 20:26 - 2013-09-01 01:25 - 226692736 _____ C:\Windows\MEMORY.DMP
2013-11-26 20:08 - 2013-06-17 17:01 - 00138184 _____ C:\Users\emhz\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-26 20:07 - 2013-11-26 20:07 - 00149960 _____ C:\Windows\Minidump\112613-67782-01.dmp
2013-11-26 20:07 - 2009-07-13 20:33 - 03830256 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-26 20:04 - 2013-11-26 20:04 - 00000210 _____ C:\Users\emhz\AppData\Roaming\EHMZ.MTBF.txt
2013-11-26 20:04 - 2013-11-26 20:04 - 00000000 ____D C:\Users\emhz\AppData\Local\Avid
2013-11-26 20:03 - 2013-11-26 20:03 - 00000000 ____D C:\Program Files\Common Files\Pinnacle
2013-11-26 20:03 - 2013-11-24 14:16 - 00000000 ____D C:\Users\emhz\AppData\Local\Downloaded Installations
2013-11-26 19:54 - 2013-05-25 10:48 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-11-26 19:52 - 2013-11-26 19:51 - 00000000 ____D C:\ProgramData\Avid
2013-11-26 19:46 - 2013-06-22 19:47 - 00000000 ___RD C:\Program Files\Skype
2013-11-26 19:43 - 2013-11-26 19:43 - 00000000 ____D C:\ProgramData\PCTV Systems
2013-11-26 19:41 - 2013-11-26 19:41 - 00154200 _____ C:\Windows\Minidump\112613-72821-01.dmp
2013-11-26 19:35 - 2013-11-26 19:35 - 00038706 _____ C:\Users\emhz\Downloads\ufonts.com_helveticaneue_thin_1_.ttf
2013-11-26 19:33 - 2013-11-26 19:33 - 00000000 ____D C:\Program Files\Pando Networks
2013-11-26 19:25 - 2013-11-26 19:09 - 00000000 ____D C:\Users\emhz\Desktop\Pinnacle Studio 16 Ultimate 16.0.0.75 Final Ml_Rus
2013-11-26 19:11 - 2013-11-26 19:11 - 00001995 _____ C:\Users\Public\Desktop\Photobook Designer.lnk
2013-11-26 19:11 - 2013-11-26 19:11 - 00000000 ____D C:\Program Files\Photobook Designer
2013-11-26 19:11 - 2013-09-04 14:33 - 00000000 ____D C:\Users\emhz\AppData\Roaming\Photobook Designer
2013-11-26 16:51 - 2013-07-01 20:54 - 00000000 ____D C:\ProgramData\Adobe
2013-11-24 21:43 - 2013-11-24 19:56 - 00000000 ____D C:\Users\emhz\Desktop\Render
2013-11-24 21:43 - 2013-07-01 20:36 - 00000000 ____D C:\Users\emhz\AppData\Local\Adobe
2013-11-24 21:42 - 2013-11-24 16:45 - 00000132 _____ C:\Users\emhz\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-11-24 21:42 - 2013-11-24 14:13 - 00000000 ____D C:\Users\emhz\Desktop\Pepsi
2013-11-24 20:23 - 2013-11-24 20:23 - 00154176 _____ C:\Windows\Minidump\112413-15990-01.dmp
2013-11-24 20:13 - 2013-07-04 20:16 - 00000000 ____D C:\Users\emhz\AppData\Roaming\vlc
2013-11-24 20:07 - 2013-11-24 20:07 - 00001028 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-24 17:40 - 2013-06-22 18:54 - 00000000 ____D C:\Users\emhz\AppData\Roaming\Adobe
2013-11-24 17:38 - 2013-11-24 17:37 - 00150000 _____ C:\Windows\Minidump\112413-37689-01.dmp
2013-11-24 17:32 - 2013-11-24 17:32 - 00154184 _____ C:\Windows\Minidump\112413-27081-01.dmp
2013-11-24 16:56 - 2013-11-24 16:33 - 00004608 _____ C:\Users\emhz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-24 16:28 - 2013-11-24 16:01 - 00000000 ____D C:\Users\emhz\Desktop\Adobe Photoshop CS5.1 Extended Edition
2013-11-24 16:17 - 2013-11-24 16:17 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-11-24 16:16 - 2013-07-01 20:55 - 00000000 ____D C:\Program Files\Adobe
2013-11-24 16:15 - 2013-07-01 20:55 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-11-24 16:12 - 2013-11-24 16:12 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-11-24 16:12 - 2013-11-24 16:12 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-11-24 16:12 - 2013-11-24 16:12 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-11-24 16:05 - 2013-11-24 16:05 - 00154208 _____ C:\Windows\Minidump\112413-24960-01.dmp
2013-11-24 14:29 - 2013-11-24 14:29 - 00000000 ____D C:\Users\emhz\Documents\Pinnacle VideoSpin
2013-11-24 14:29 - 2013-11-24 14:24 - 00000000 ____D C:\Users\Public\Documents\Pinnacle
2013-11-24 14:29 - 2013-11-24 14:24 - 00000000 ____D C:\ProgramData\Pinnacle VideoSpin
2013-11-24 14:24 - 2013-11-24 14:24 - 00001077 _____ C:\Users\Public\Desktop\Pinnacle VideoSpin.lnk
2013-11-24 14:24 - 2013-11-24 14:24 - 00000000 ____D C:\Program Files\Common Files\Yahoo!
2013-11-24 14:14 - 2013-11-24 14:14 - 00000000 ____D C:\Users\emhz\Desktop\Pinnacle Videospin 2.0.0.669 Full
2013-10-30 21:21 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\rescache
2013-10-30 20:30 - 2013-07-13 21:42 - 00000000 ____D C:\Users\emhz\Desktop\backup
2013-10-30 19:08 - 2013-06-22 18:54 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-30 19:08 - 2013-06-22 18:54 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
 
Files to move or delete:
====================
C:\Users\emhz\AppData\Local\Temp\ztorsftdgh.vbs
 
 
Some content of TEMP:
====================
C:\Users\emhz\AppData\Local\Temp\HSS-2.88-install-plain-456-silent.exe
C:\Users\emhz\AppData\Local\Temp\hssinst.dll
C:\Users\emhz\AppData\Local\Temp\SkypeSetup.exe
C:\Users\emhz\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\emhz\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\emhz\AppData\Local\Temp\{0165E313-39C1-45F8-A3D4-402B8754994E}-31.0.1650.57_chrome_installer.exe
C:\Users\emhz\AppData\Local\Temp\{184C738C-61B4-4623-BB52-5F451A5443B6}-31.0.1650.57_chrome_installer.exe
C:\Users\emhz\AppData\Local\Temp\{D2D08341-E4EA-47CB-A8C1-196AD9F894B4}-31.0.1650.57_chrome_installer.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-10-30 23:12
 
==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-11-2013
Ran by emhz at 2013-11-29 10:01:49
Running from C:\Users\emhz\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Microsoft Security Essentials (Disabled - Up to date) {3F839487-C7A2-C958-E30C-E2825BA31FB5}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {84E27563-E198-C6D6-D9BC-D9F020245508}
 
==================== Installed Programs ======================
 
µTorrent (HKCU Version: 3.3.1.29812)
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Photoshop CS5.1 (Version: 12.1)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Google Chrome (Version: 31.0.1650.57)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4601.54)
Google Update Helper (Version: 1.3.21.165)
Hollywood FX Volumes 1-3 (Version: 2.0.0)
iTunes (Version: 11.1.0.126)
Lenovo EasyCamera (Version: 6.32.3419.03)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Pando Media Booster (Version: 2.6.0.8)
PDF Settings CS5 (Version: 10.0)
Photobook Designer (HKCU Version: Photobook Designer 3.3.0)
Pinnacle Studio 16 - Install Manager (Version: 16.0.75)
Pinnacle Studio 16 (Version: 16.0.0.75)
Pinnacle Video Driver (Version: 12.1.0.030)
Pinnacle VideoSpin (Version: 2.0.0.669)
Skype Click to Call (Version: 6.13.13771)
Skype™ 6.5 (Version: 6.5.158)
Synaptics Pointing Device Driver (Version: 13.2.3.0)
Title Extreme (Version: 2.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition
VLC media player 2.1.1 (Version: 2.1.1)
WinRAR archiver
 
==================== Restore Points  =========================
 
21-09-2013 10:00:21 Windows Update
31-10-2013 05:20:34 Scheduled Checkpoint
24-11-2013 22:23:25 Installed Pinnacle VideoSpin.
25-11-2013 05:55:41 Windows Update
27-11-2013 03:51:17 Installed DirectX
27-11-2013 03:58:44 Installed Pinnacle Studio 16.
27-11-2013 04:03:27 Installed Pinnacle Video Driver.
27-11-2013 06:11:36 Removed Pinnacle Studio 16.
27-11-2013 06:15:52 Installed Pinnacle Studio 16.
27-11-2013 07:16:39 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 18:04 - 2009-06-10 13:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {204EE01E-0076-4A2A-AD63-601C939F25A1} - System32\Tasks\AdobeAAMUpdater-1.0-EHMZ-emhz => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {2481BBE1-B9CC-4E58-89DD-3A49722AE343} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3317097852-2253380661-1924795539-1000UA => C:\Users\emhz\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-22] (Facebook Inc.)
Task: {25810F02-CB42-4B6F-B3EC-B0E4278423A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-01] (Google Inc.)
Task: {6788D0D9-87DC-4440-859E-93B1712DC358} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3317097852-2253380661-1924795539-1000Core => C:\Users\emhz\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-22] (Facebook Inc.)
Task: {85AAD247-972D-426F-AF4D-A8DB06B0841C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E0031EB9-E3AF-4A63-8AD0-A5D5C1F454FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-30] (Adobe Systems Incorporated)
Task: {F1AB470C-D945-40A2-9927-80AC38EFEED9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-01] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3317097852-2253380661-1924795539-1000Core.job => C:\Users\emhz\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3317097852-2253380661-1924795539-1000UA.job => C:\Users\emhz\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-03 15:02 - 2013-08-24 09:49 - 00709584 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.62\libglesv2.dll
2013-09-03 15:02 - 2013-08-24 09:49 - 00099792 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.62\libegl.dll
2013-09-03 15:02 - 2013-08-24 09:49 - 04053456 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.62\pdf.dll
2013-09-03 15:02 - 2013-08-24 09:49 - 00410576 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
2013-09-03 15:02 - 2013-08-24 09:48 - 01604560 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.62\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Faulty Device Manager Devices =============
 
Name: Base System Device
Description: Base System Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Base System Device
Description: Base System Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Base System Device
Description: Base System Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/27/2013 04:41:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 47986
 
Error: (11/27/2013 04:41:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 47986
 
Error: (11/27/2013 04:41:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/26/2013 10:24:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: NGStudio.exe, version: 2.0.0.0, time stamp: 0x4ff0aad7
Faulting module name: MSVCR100.dll, version: 10.0.40219.1, time stamp: 0x4d5f0c22
Exception code: 0xc0000417
Fault offset: 0x0008af3e
Faulting process id: 0x13f4
Faulting application start time: 0xNGStudio.exe0
Faulting application path: NGStudio.exe1
Faulting module path: NGStudio.exe2
Report Id: NGStudio.exe3
 
Error: (11/26/2013 10:24:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: BGRnd.EXE, version: 16.0.0.75, time stamp: 0x4ff0a800
Faulting module name: MSVCR100.dll, version: 10.0.40219.1, time stamp: 0x4d5f0c22
Exception code: 0xc0000417
Fault offset: 0x0008af3e
Faulting process id: 0xba4
Faulting application start time: 0xBGRnd.EXE0
Faulting application path: BGRnd.EXE1
Faulting module path: BGRnd.EXE2
Report Id: BGRnd.EXE3
 
Error: (11/26/2013 10:20:51 PM) (Source: Application Error) (User: )
Description: Faulting application name: NGStudio.exe, version: 2.0.0.0, time stamp: 0x4ff0aad7
Faulting module name: MSVCR100.dll, version: 10.0.40219.1, time stamp: 0x4d5f0c22
Exception code: 0xc0000417
Fault offset: 0x0008af3e
Faulting process id: 0xfb8
Faulting application start time: 0xNGStudio.exe0
Faulting application path: NGStudio.exe1
Faulting module path: NGStudio.exe2
Report Id: NGStudio.exe3
 
Error: (11/26/2013 10:20:50 PM) (Source: Application Error) (User: )
Description: Faulting application name: BGRnd.EXE, version: 16.0.0.75, time stamp: 0x4ff0a800
Faulting module name: MSVCR100.dll, version: 10.0.40219.1, time stamp: 0x4d5f0c22
Exception code: 0xc0000417
Fault offset: 0x0008af3e
Faulting process id: 0x1370
Faulting application start time: 0xBGRnd.EXE0
Faulting application path: BGRnd.EXE1
Faulting module path: BGRnd.EXE2
Report Id: BGRnd.EXE3
 
Error: (11/26/2013 10:03:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: NGStudio.exe, version: 2.0.0.0, time stamp: 0x4ff0aad7
Faulting module name: MSVCR100.dll, version: 10.0.40219.1, time stamp: 0x4d5f0c22
Exception code: 0xc0000417
Fault offset: 0x0008af3e
Faulting process id: 0x14b0
Faulting application start time: 0xNGStudio.exe0
Faulting application path: NGStudio.exe1
Faulting module path: NGStudio.exe2
Report Id: NGStudio.exe3
 
Error: (11/26/2013 10:03:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: BGRnd.EXE, version: 16.0.0.75, time stamp: 0x4ff0a800
Faulting module name: MSVCR100.dll, version: 10.0.40219.1, time stamp: 0x4d5f0c22
Exception code: 0xc0000417
Fault offset: 0x0008af3e
Faulting process id: 0x113c
Faulting application start time: 0xBGRnd.EXE0
Faulting application path: BGRnd.EXE1
Faulting module path: BGRnd.EXE2
Report Id: BGRnd.EXE3
 
Error: (11/26/2013 08:11:54 PM) (Source: Application Error) (User: )
Description: Faulting application name: NGStudio.exe, version: 2.0.0.0, time stamp: 0x4ff0aad7
Faulting module name: MSVCR100.dll, version: 10.0.40219.1, time stamp: 0x4d5f0c22
Exception code: 0xc0000417
Fault offset: 0x0008af3e
Faulting process id: 0x584
Faulting application start time: 0xNGStudio.exe0
Faulting application path: NGStudio.exe1
Faulting module path: NGStudio.exe2
Report Id: NGStudio.exe3
 
 
System errors:
=============
Error: (11/29/2013 09:51:15 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service terminated with the following error: 
%%-2147017840
 
Error: (11/29/2013 09:51:14 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.
 
Feature: %%886
 
Error Code: 0x80004004
 
Error description: Operation aborted 
 
Reason: %%892
 
Error: (11/29/2013 09:50:45 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 grace period has expired. Protection against viruses, spyware, and other potentially unwanted software is disabled.
 
Expiration Reason: %%873
 
Expiration Date (UTC): ‎8/‎15/‎2013 3:16:24 AM
 
Error Code: 0x80071b90
 
Error Description: The system license has expired. Your logon request is denied.
 
Error: (11/29/2013 09:50:38 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:45:29 PM on ‎11/‎27/‎2013 was unexpected.
 
Error: (11/27/2013 03:55:54 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service terminated with the following error: 
%%-2147017840
 
Error: (11/27/2013 03:55:49 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.
 
Feature: %%886
 
Error Code: 0x80004004
 
Error description: Operation aborted 
 
Reason: %%892
 
Error: (11/27/2013 03:55:31 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 grace period has expired. Protection against viruses, spyware, and other potentially unwanted software is disabled.
 
Expiration Reason: %%873
 
Expiration Date (UTC): ‎8/‎15/‎2013 3:16:24 AM
 
Error Code: 0x80071b90
 
Error Description: The system license has expired. Your logon request is denied.
 
Error: (11/27/2013 03:55:29 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:16:24 PM on ‎11/‎26/‎2013 was unexpected.
 
Error: (11/26/2013 11:15:58 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (11/26/2013 08:27:10 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service terminated with the following error: 
%%-2147017840
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Percentage of memory in use: 58%
Total physical RAM: 1978.96 MB
Available physical RAM: 823.01 MB
Total Pagefile: 3957.93 MB
Available Pagefile: 2377.3 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.7 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:101.6 GB) (Free:42.34 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:151.38 GB) (Free:146.59 GB) NTFS
Drive f: (ANDREA) (Fixed) (Total:465.3 GB) (Free:47.06 GB) FAT32
Drive g: (TOSHIBA EXT) (Fixed) (Total:372.6 GB) (Free:329.71 GB) exFAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: C3FFC3FF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=102 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
 
========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 21F72C92)
 
Partition: GPT Partition TypePartition 2: (Not Active) - (Size=465 GB) - (Type=0B)
 
========================================================
Disk: 2 (Size: 373 GB) (Disk ID: 89FAB3C5)
Partition 1: (Not Active) - (Size=373 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:13 PM

Posted 29 November 2013 - 02:43 AM

What about TDSS-Killer?


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 Javaman21

Javaman21
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 02 December 2013 - 09:22 AM

TDSS-Killer did not find anything



#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:13 PM

Posted 02 December 2013 - 09:54 AM

Fix with FRST (normal mode)

  • Open notepad (Start =>All Programs => Accessories => Notepad).
  • Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
  • Save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt.

    HKCU\...\Run: [ztorsftdgh] - C:\Users\emhz\AppData\Local\Temp\ztorsftdgh.vbs [19744 2013-08-10] () <===== ATTENTION
    MountPoints2: {2d05d0ff-e5ea-11e2-a39e-002269efbdcd} - F:\AutoRun.exe
    Startup: C:\Users\emhz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ztorsftdgh.vbs ()
    
    C:\Users\emhz\AppData\Local\Temp\ztorsftdgh.vbs
    C:\Users\emhz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ztorsftdgh.vbs
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:13 PM

Posted 06 December 2013 - 06:58 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users