Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Disc D Corrupt and black screen on shut down or switching windowed mode


  • Please log in to reply
17 replies to this topic

#1 CERBERUSCLH

CERBERUSCLH

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:05:33 AM

Posted 11 July 2015 - 06:32 AM

Hello, I have two problems actually, one came today and one was long time ago, but still didn't solve it. The first one today which appeared was a message DIsc D is Corrupt, I shut down my computer right away and ran CHKDSK on startup, and it now seems to be fixed, but I'm not even sure what this means. Yesterday I scanned my computer with Malwarebytes ( Entire computer ), and found around 10 viruses. Then I had to restart computer because malwarebytes said so, and I clicked restart, and I believe this appeared on startup because of the problem I got some time ago. When I turn off computer, or switch windowed to full screen ( full screen to windowed ) I get black screen, but only if computer was been running for some time, if it's like 10-15 minutes, it goes fine. To explain more, computer keeps running, aswell as my monitor, but screen is black like when monitor is off, I also tryed shutting off and on the monitor. So because it turned black when restarting, I was going to sleep anyways so I shut down computer instead of restarting using the button on computer ( There is no other way than do that ). And I'm not sure did this appear because of shutdown like that after virus scan or because of an virus. So help with these both problems would be helpful. I'm still not sure do I have an virus, but I remember right now when running second scan with Malwarebytes, I forgot to turn off antivirus, and antivirus has seen vcredist as an virus, I said antivirus ignore it and turned it off ( Because malwarebytes is supposed to run without antivirus ON ). Sorry if I explained bad, it's kinda hard to remember what I all wrote.


Edited by hamluis, 11 July 2015 - 10:42 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Firehouse

Firehouse

  • Members
  • 637 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:33 AM

Posted 11 July 2015 - 06:56 AM

Do a error scan with HDTune (remove checkmark from Quick Scan). Scan will take some time so please be patient!

If one block turns red,then your hard drive is bad and you need to replace it.



#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:33 PM

Posted 11 July 2015 - 09:36 AM

@Firehouse

 

Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons:
 
Why you should not use Registry Cleaners and Optimization Tools
 
There are numerous programs which purport to improve system performance, make repairs and tune up a computer. Many of them include such features as a registry cleaner, registry optimizer, disk optimizer, etc. Some of these programs even incorporate optimization and registry cleaning features alongside anti-malware capabilities. These registry cleaners and optimizers claim to speed up your computer by finding and removing orphaned and corrupt registry entries that are responsible for slowing down system performance. There is no statistical evidence to back such claims. Advertisements to do so are borderline scams intended to goad users into using an unnecessary and potential dangerous product.
 
Credit for this goes to Quietman7

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:33 PM

Posted 11 July 2015 - 09:40 AM

Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  Copy and paste the log in your topic.
 
================
 
Please run TDSSKiller.
 
Please download TDSSKiller from here and save it to your Desktop.
 
The log for the TDSSKiller can be very long.  If you go to the bottom of the log to where you find Scan finished you will see the results of the scan.  If it shows Detected object count: 0 and Actual detected object count: 0, this means that nothing malicious was found and you will not need to post the log.
 
1.  Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
 
tdss1_zps90132559.png
 
2.  Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system.
 
If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.
 
tdsskillermultiple_zps472c18eb.png
 
3.  Click Start Scan and allow the scan process to run.
 
tdss4_zps6792a13c.png
 
4.  If threats are detected select Cure (if available) for all of them unless otherwise instructed.
 
***Do NOT select Delete!
 
Click on Continue.
 
tdss5_zps98fc5887.png
 
5.  Click on Reboot computer.
 
Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply.
 
Note:  The log may be very long.  You may need to break it into parts to post the whole log.
 
=================

Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to allow this to run till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need to download the Eset Smartinstaller.***

ESET Online Scanner

  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

Edited by dc3, 11 July 2015 - 09:41 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#5 CERBERUSCLH

CERBERUSCLH
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:05:33 AM

Posted 11 July 2015 - 09:43 AM

 

Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  Copy and paste the log in your topic.
 
================
 
Please run TDSSKiller.
 
Please download TDSSKiller from here and save it to your Desktop.
 
The log for the TDSSKiller can be very long.  If you go to the bottom of the log to where you find Scan finished you will see the results of the scan.  If it shows Detected object count: 0 and Actual detected object count: 0, this means that nothing malicious was found and you will not need to post the log.
 
1.  Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
 
tdss1_zps90132559.png
 
2.  Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system.
 
If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.
 
tdsskillermultiple_zps472c18eb.png
 
3.  Click Start Scan and allow the scan process to run.
 
tdss4_zps6792a13c.png
 
4.  If threats are detected select Cure (if available) for all of them unless otherwise instructed.
 
***Do NOT select Delete!
 
Click on Continue.
 
tdss5_zps98fc5887.png
 
5.  Click on Reboot computer.
 
Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply.
 
Note:  The log may be very long.  You may need to break it into parts to post the whole log.
 
=================

Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to allow this to run till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need to download the Eset Smartinstaller.***

ESET Online Scanner

  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

 

I will do that soon, right now I have malwarebytes scanning still.  But I noticed a weird program on my computer installed yesterday. Adobe Flash Player 17 ActiveX and Adobe Flash Player 18 NPAPI. Is that suspicious or just an update to adobe flash player??



#6 CERBERUSCLH

CERBERUSCLH
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:05:33 AM

Posted 11 July 2015 - 09:47 AM

And also, I see I'll need to reboot computer. And something might go wrong because of my second problem. The screen becomes black and nothing happens yet computer is still on.



#7 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:33 PM

Posted 11 July 2015 - 10:05 AM

Please download and install Speccy to provide us with information about your computer.  Clicking on this link will automatically initiate the download. 
 
When Speccy opens you will see a screen similar to the one below.
 
speccy9_zps2d9cdedc.png
 
Click on File which is outlined in red in the screen above, and then click on Publish Snapshot.
 
The following screen will appear, click on Yes.
 
speccy7_zpsfa02105f.png
 
The following screen will appear, click on Copy to Clipboard.
 
speccy3_zps1791b093.png
 
In your next post right click inside the Reply to Topic box, then click on Paste.  This will load a link to the Speccy log.

 

================

 

You do not need to quote my posts, it just uses unneeded bandwidth and takes up space.

 

Please download MiniToolBox to your desktop.
 
Right-click on MiniToolBox.exe and select Run as Administrator.
 
You will see an image like the one below.
 
minitoolbox_zps7byuwkla.png
 
Click on the following checkboxes only:
 
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
• List Minidump Files
 
Click on Go to start the scan.  Once it is finished highlight the text, then copy it and paste it in your topic.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#8 CERBERUSCLH

CERBERUSCLH
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:05:33 AM

Posted 11 July 2015 - 10:25 AM

Here is the malwarebytes log : Malwarebytes Anti-Malware

www.malwarebytes.org
 
Scan Date: 11.7.2015
Scan Time: 13:21:06
Logfile: 
Administrator: Yes
 
Version: 2.01.6.1022
Malware Database: v2015.07.11.02
Rootkit Database: v2015.07.10.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: korisnik
 
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 1004334
Time Elapsed: 3 hr, 48 min, 42 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#9 CERBERUSCLH

CERBERUSCLH
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:05:33 AM

Posted 11 July 2015 - 10:26 AM



 

Please download and install Speccy to provide us with information about your computer.  Clicking on this link will automatically initiate the download. 
 
When Speccy opens you will see a screen similar to the one below.
 
speccy9_zps2d9cdedc.png
 
Click on File which is outlined in red in the screen above, and then click on Publish Snapshot.
 
The following screen will appear, click on Yes.
 
speccy7_zpsfa02105f.png
 
The following screen will appear, click on Copy to Clipboard.
 
speccy3_zps1791b093.png
 
In your next post right click inside the Reply to Topic box, then click on Paste.  This will load a link to the Speccy log.

 

================

 

You do not need to quote my posts, it just uses unneeded bandwidth and takes up space.

 

Please download MiniToolBox to your desktop.
 
Right-click on MiniToolBox.exe and select Run as Administrator.
 
You will see an image like the one below.
 
minitoolbox_zps7byuwkla.png
 
Click on the following checkboxes only:
 
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
• List Minidump Files
 
Click on Go to start the scan.  Once it is finished highlight the text, then copy it and paste it in your topic.

 

Sorry, gave wrong log, here is the one you asked mbam-check result log version:     2.1.1.1001

========================================
 
User Account type:                 Administrator
OS:                                Windows 7 Service Pack 1 Service Pack 1 64 bit Operating System
Current Version and Build:         6.1.7601.0 
Malwarebytes Anti-Malware:         2.1.6.1022
Installed On:                      2015/05/30
Malware Database:                  2015.07.11.02
Rootkit Database:                  2015.07.10.01
Remediation Database:              2015.07.01.02
IP Database:                       2015.06.12.01
Domain Database:                   2015.06.12.01
License:                           Free
Malware Protection:                4 (The service is running.)
Malicious Website Protection:      1 (The service is not running.)
Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
Log Created:                       2015/07/11 17:26:05
Compatibility Flag Settings:
=================================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
F:\PROGRAMI\Poboljsavanje sistema\Windows 7 registry tweaks silent installs\Disable Hibernate\Instal.exeREG_SZ VISTARTM
F:\PROGRAMI\Poboljsavanje sistema\Windows 7 registry tweaks silent installs\Speed up shell response\Instal.exeREG_SZ VISTARTM
C:\Program Files\Echobit\Evolve\EvolveClient.exeREG_SZ DISABLEUSERCALLBACKEXCEPTION
SIGN.MEDIA=3404E14 Network\Realtek\PCIE\WIN7\setup.exeREG_SZ VISTARTM
D:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth ™ II\game.datREG_SZ FaultTolerantHeap
D:\Program Files (x86)\The Witcher 3 Wild Hunt\bin\x64\witcher3.exeREG_SZ HIGHDPIAWARE
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
D:\Program Files (x86)\Guacamelee! Gold Edition\Guac.exeREG_SZ RUNASADMIN HIGHDPIAWARE
C:\Program Files (x86)\Steam\Steam.exeREG_SZ RUNASADMIN
D:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exeREG_SZ WIN7RTM
D:\Program Files (x86)\R.G. Mechanics\The Binding of Isaac - Rebirth\isaac-ng.exeREG_SZ RUNASADMIN
D:\Program Files (x86)\The Witcher 3 Wild Hunt\bin\x64\witcher3.exeREG_SZ HIGHDPIAWARE
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
C:\Program Files (x86)\MonitorTest\monitortest.exeREG_SZ DisableNXShowUI
D:\Program Files (x86)\Hotline Miami 2 - Wrong Number\HotlineMiami2.exeREG_SZ RUNASADMIN
D:\Program Files (x86)\Europa Universalis IV - Common Sense\eu4.exeREG_SZ RUNASADMIN
 
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:
 
MBAM Startup Entries: 
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
 
Malwarebytes Anti-Malware Service and Driver Status:
=======================================================
 
--------------Driver File Info:--------------
C:\Windows\system32\drivers\mbam.sys
File Size: 25816     BYTES FileVersion: 0.1.15.0 MD5: [1e9e32aec3e1eb1b31b8169f33168b56]
C:\Windows\system32\drivers\mwac.sys
File Size: 63704     BYTES FileVersion: 1.0.6.0 MD5: [f49fb3c88e263ae9a246593b0bb29294]
C:\Windows\system32\drivers\mbamswissarmy.sys
File Size: 136408    BYTES FileVersion: 0.2.21.0 MD5: [e9cd058c79ea15b4aa93e259fa713b07]
C:\Windows\system32\drivers\mbamchameleon.sys
File Size: 107736    BYTES FileVersion: 1.1.13.0 MD5: [54d70409de6932e9efa117779611e7a9]
 
--------------MBAMProtector:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
--------------MBAMService:--------------
Type:                   16
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
--------------MBAMScheduler:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMScheduler
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMChameleon:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMWebAccessControl:--------------
Type:                   2
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
Required Dependencies:
======================
 
--------------BFE:--------------
Type:                   32
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
Group                         REG_SZ NetworkProvider
ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
ObjectName                    REG_SZ NT AUTHORITY\LocalService
ErrorControl                  REG_DWORD 1
Start                         REG_DWORD 2
Type                          REG_DWORD 32
DependOnService               REG_MULTI_SZ RpcSs
 
ServiceSidType                REG_DWORD 3
RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege
 
FailureActions                REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
ServiceDllUnloadOnStop        REG_DWORD 1
ServiceMain                   REG_SZ BfeServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout
{39a601ca-e62e-4af0-9147-1f1abed2430d}REG_BINARY Binary Data
 
{7e1e0ec6-eb08-46fc-9c5b-24059680de00}REG_BINARY Binary Data
 
{4060ea52-e11a-49f4-9b52-f58b00cc41ef}REG_BINARY Binary Data
 
{acc52d54-5e2d-4379-8910-f7393816aae6}REG_BINARY Binary Data
 
{b082741f-324a-4fa8-ade7-93c97481b025}REG_BINARY Binary Data
 
{eda330a1-4a26-4550-844f-315c68d05fc1}REG_BINARY Binary Data
 
{ab1861a4-9ba7-4a49-819c-d1f3066190cb}REG_BINARY Binary Data
 
{f016cf0e-f210-4947-a17a-8613d0c45acc}REG_BINARY Binary Data
 
{69029c39-dfac-4768-bdc1-dbef041d7228}REG_BINARY Binary Data
 
{58bb3d6b-32bb-4e7d-9087-5f9d1d72152f}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
{b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY Binary Data
 
{d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY Binary Data
 
{8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY Binary Data
 
{4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY Binary Data
 
{3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY Binary Data
 
{17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY Binary Data
 
{567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY Binary Data
 
{4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY Binary Data
 
{3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY Binary Data
 
{a9bdb705-06d9-4978-ba91-884127762079}REG_BINARY Binary Data
 
{68806cd2-dc1a-4ebf-8d5f-f66f3b5a188e}REG_BINARY Binary Data
 
{c61756ee-5b8a-464c-94e3-7976cf0f0797}REG_BINARY Binary Data
 
{986dd3dd-f49a-4eef-8ce4-2b5e8c9faeea}REG_BINARY Binary Data
 
{9568ff84-e876-47ac-a430-007f7d5510bb}REG_BINARY Binary Data
 
{4ef12e77-6726-45be-b14c-14f704e4324b}REG_BINARY Binary Data
 
{f7b17b5c-512d-45af-bb29-be9afef8268a}REG_BINARY Binary Data
 
{f30dd197-583e-4891-8360-5da90c0e880a}REG_BINARY Binary Data
 
{c692efa4-c1c6-4147-b39e-788b097adb6d}REG_BINARY Binary Data
 
{016a59fe-edfe-4015-9f24-c585a8a17e2e}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
{decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data
 
{4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data
 
{1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data
 
{aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data
 
{34bb4b10-3ece-4c99-a209-e506533c03c0}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
{b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data
 
{b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data
 
{b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data
 
{9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data
 
--------------fltmgr:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
AttachWhenLoaded              REG_DWORD 1
DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
Group                         REG_SZ FSFilter Infrastructure
ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys
Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
ErrorControl                  REG_DWORD 3
Start                         REG_DWORD 0
Tag                           REG_DWORD 1
Type                          REG_DWORD 2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
0                             REG_SZ Root\LEGACY_FLTMGR\0000
Count                         REG_DWORD 1
NextInstance                  REG_DWORD 1
 
 
C:\Windows\system32\drivers\fltmgr.sys
File Size: 289664    BYTES FileVersion: 6.1.7601.17514 MD5: [da6b67270fd9db3697b20fce94950741]
C:\Windows\SysWOW64\mscomctl.ocx
File Size: 1077336   BYTES FileVersion: 6.1.95.45 MD5: [f7bbb7d79adb9e3adc13f3b3c33d3d4d]
C:\Windows\SysWOW64\olepro32.dll
File Size: 90112     BYTES FileVersion: 6.1.7601.17514 MD5: [703ffd301ab900b047337c5d40fd6f96]
 
 
MBAM Registry Settings and License Info:
========================================
--------------Settings:--------------
Advanced: 
    AutomaticQuarantine:                                       true 
    AutostartProtection:                                       true 
    LimitedMode:                                               false 
    StartSilentMode:                                           false 
    StartupDelay:                                              -15 
ApplicationState: 
    First-Run-After-Installation:                              false 
General: 
    DaysUntilNotifyExpiration:                                 5 
    Language:                                                  en 
    RightClickAccess:                                          false 
    SilentErrors:                                              false 
Logging: 
    ExportLog:                                                 true 
Marketing: 
    LastPostScanMarketingIndex:                                4 
Notification: 
ProtectionTray: 
    DisplayMilliseconds:                                       3000 
ScanHistory: 
    Duration_Complete:                                         167230 
    Duration_Driver:                                           13912 
    Duration_Filesystem:                                       87 
    Duration_Heuristics:                                       13445864 
    Duration_Loading:                                          0 
    Duration_MasterBootRecord:                                 66 
    Duration_Memory:                                           40000 
    Duration_PreScan:                                          18159 
    Duration_Registry:                                         12732 
    Duration_Sector:                                           0 
    Duration_Startup:                                          11522 
    ItemCount_Complete:                                        279867 
    ItemCount_Driver:                                          331 
    ItemCount_Filesystem:                                      53718 
    ItemCount_Heuristics:                                      668351 
    ItemCount_Loading:                                         0 
    ItemCount_MasterBootRecord:                                1 
    ItemCount_Memory:                                          2797 
    ItemCount_PreScan:                                         0 
    ItemCount_Registry:                                        616 
    ItemCount_Sector:                                          0 
    ItemCount_Startup:                                         1388 
    LastScanDateEpoch:                                         1436613666834 
    LastScanType:                                              3 (Hyper Scan)
Update: 
    LastUpdate:                                                2015-07-11T11:21:06 
    NotifyInstallReady:                                        true 
    NotifyOutdatedDatabase:                                    7 
    ProxyPassword:                                              
    ProxyPort:                                                 0 
    ProxyServer:                                                
    ProxyUsername:                                              
    UseProxy:                                                  false 
    UseProxyAuthentication:                                    false 
--------------Account:--------------
  Account Status:                                              Free 
  Expiration Time:                                              
  Activation Time:                                              
  Trial Used:                                                  false 
--------------Access Policies:--------------
 
Scheduler Queue:
================
 
 
Pending File Rename Operations: 
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
 
MBAMProtector Registry Values:
==============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
Type                          REG_DWORD 2
Start                         REG_DWORD 3
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys
Group                         REG_SZ FSFilter Anti-Virus
DependOnService               REG_MULTI_SZ FltMgr
 
WOW64                         REG_DWORD 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
DefaultInstance               REG_SZ MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
Altitude                      REG_SZ 328800
Flags                         REG_DWORD 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters
PassThruFile                  REG_SZ mbampt.exe
ProductPath                   REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
0                             REG_SZ Root\LEGACY_MBAMPROTECTOR\0000
Count                         REG_DWORD 1
NextInstance                  REG_DWORD 1
 
MBAMService Registry Values:
============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
Type                          REG_DWORD 16
Start                         REG_DWORD 2
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
DependOnService               REG_MULTI_SZ MBAMProtector
 
WOW64                         REG_DWORD 1
ObjectName                    REG_SZ LocalSystem
Description                   REG_SZ Malwarebytes Anti-Malware service
DelayedAutostart              REG_DWORD 0
 
MBAMScheduler Registry Values:
==============================
 
 
 
Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================
 
--------------TERMService:--------------
Type:                   32
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
TermService Start is set to: 3 (Manual Startup)
 
Proxy Status: No proxy is Set
 
Proxy Server: 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\
ProxyServer REG_SZ 223.252.33.217:80
 
LAN Settings:
=============
 
No Settings are Set <--NOT DETECTING SETTING AUTOMATICALLY
 
SystemPartition:
================
 
HKEY_LOCAL_MACHINE\SYSTEM\Setup\
SystemPartition REG_SZ \Device\HarddiskVolume1
 
Balloon Tips Status:
====================
 
Enabled
 
Time Format Settings:
=====================
 
Should be:
h:mm:ss tt
AM 
PM 
:
 
Currently:
REG_SZ H:mm:ss
REG_SZ
REG_SZ
REG_SZ
 
Language and Regional Settings:
===============================
 
ACP: 1250 Please refer to this link for details: Here 
MACCP: 10029 Please refer to this link for details: Here 
OEMCP: 852 Please refer to this link for details: Here 
 
Startup Folders for Error_Expanding_Variables Check:
====================================================
 
All Users Startup Folder Exists.
Current User's Startup Folder Exists.
 
 
Context Menu Entries:
=====================
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
List of MBAM Related Directories:
=================================
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\
7z.dll                                   File Size: 920888    BYTES FileVersion:  9.20.0.0       MD5: [3c88cad475b8b4b30b62199e40b2498c]
changes.txt                             File Size: 577       BYTES FileVersion:  N/A            MD5: [58354dbb59bc2955d070559338f970a4]
license.rtf                             File Size: 42936     BYTES FileVersion:  N/A            MD5: [b22cb49aa8d1359b08eb9e4a4e13899b]
master.conf                             File Size: 1258      BYTES FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
mbam.dll                                 File Size: 602936    BYTES FileVersion:  1.0.35.0       MD5: [296e2ee79be1a6cf197ad38ae3bd58d9]
mbam.exe                                 File Size: 6212920   BYTES FileVersion:  1.0.2.929      MD5: [7e212e742bf06bf678ae35e9c1b74b8f]
mbamcore.dll                             File Size: 1971000   BYTES FileVersion:  1.2.0.0        MD5: [043835a4a31239fe57b891ec960e6075]
mbamdor.exe                             File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [b83bd7a2c8c2c03d06859c9c46358de7]
mbamext.dll                             File Size: 310584    BYTES FileVersion:  3.0.6.0        MD5: [2f3e8b9ee709180e01b197929b3dd4eb]
mbampt.exe                               File Size: 39736     BYTES FileVersion:  1.0.0.0        MD5: [416c41110833b3e1c14c7188b71ae70f]
mbamscheduler.exe                       File Size: 1871160   BYTES FileVersion:  3.1.2.0        MD5: [516e29ad03bdf610cc36a95ae692fe42]
mbamservice.exe                         File Size: 1080120   BYTES FileVersion:  3.1.0.0        MD5: [2b983f067aee3f9eb4df5e97f45d21d1]
mbamsrv.dll                             File Size: 3847992   BYTES FileVersion:  1.2.7.0        MD5: [22c7bd320a5c2ae3ae24c529768702f9]
msvcp100.dll                             File Size: 421688    BYTES FileVersion:  10.0.40219.325 MD5: [83c628fb6b293d61f7bfbbc3d8f88ac9]
msvcr100.dll                             File Size: 774456    BYTES FileVersion:  10.0.40219.325 MD5: [e8115316a914da20529e984f0c52828d]
QtCore4.dll                             File Size: 2582840   BYTES FileVersion:  4.8.5.0        MD5: [f8e05dc5365f07d0337ef56be17b3e04]
QtGui4.dll                               File Size: 8420152   BYTES FileVersion:  4.8.5.0        MD5: [fd1d67dd57309ffe4ae508c14b71b561]
QtNetwork4.dll                           File Size: 909112    BYTES FileVersion:  4.8.5.0        MD5: [d966279de7fa2193eb84cfb859e704a6]
unins000.dat                             File Size: 27857     BYTES FileVersion:  N/A            MD5: [f2a461fbd5745ac5a5e22a0479994362]
unins000.exe                             File Size: 718037    BYTES FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\accessible
qtaccessiblewidgets4.dll                 File Size: 198968    BYTES FileVersion:  4.8.4.0        MD5: [9ba27dab5412b71cb8238740d6619d1d]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows
chameleon.chm                           File Size: 235882    BYTES FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
firefox.com                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [4518dd9a09b4fef7db3b13f0ddddd36e]
firefox.exe                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [4518dd9a09b4fef7db3b13f0ddddd36e]
firefox.pif                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [4518dd9a09b4fef7db3b13f0ddddd36e]
firefox.scr                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [4518dd9a09b4fef7db3b13f0ddddd36e]
iexplore.exe                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [4518dd9a09b4fef7db3b13f0ddddd36e]
mbam-chameleon.com                       File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [4518dd9a09b4fef7db3b13f0ddddd36e]
mbam-chameleon.exe                       File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [4518dd9a09b4fef7db3b13f0ddddd36e]
mbam-chameleon.pif                       File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [4518dd9a09b4fef7db3b13f0ddddd36e]
mbam-chameleon.scr                       File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [4518dd9a09b4fef7db3b13f0ddddd36e]
mbam-killer.exe                         File Size: 1445176   BYTES FileVersion:  3.0.9.0        MD5: [99345356e450a5a403488280d3520550]
rundll32.exe                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [4518dd9a09b4fef7db3b13f0ddddd36e]
svchost.exe                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [4518dd9a09b4fef7db3b13f0ddddd36e]
windows.exe                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [4518dd9a09b4fef7db3b13f0ddddd36e]
winlogon.exe                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [4518dd9a09b4fef7db3b13f0ddddd36e]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats
qgif4.dll                               File Size: 32568     BYTES FileVersion:  4.8.4.0        MD5: [769d18b10c86186dc31a389979d33c27]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages
lang_ar.qm                               File Size: 102066    BYTES FileVersion:  N/A            MD5: [1601bc6ef4bec7d2ab9ba68a7f989a37]
lang_bg.qm                               File Size: 124167    BYTES FileVersion:  N/A            MD5: [1353a08c12f1de3f9daf8d4accf005de]
lang_ca.qm                               File Size: 107459    BYTES FileVersion:  N/A            MD5: [5549692fe8f9e43e0012a088f6a94450]
lang_cs.qm                               File Size: 119884    BYTES FileVersion:  N/A            MD5: [585ff91200e8e356bc713f5ee7dd78a5]
lang_da.qm                               File Size: 102643    BYTES FileVersion:  N/A            MD5: [ef3261171bcaebac883893f374ad4024]
lang_de.qm                               File Size: 130017    BYTES FileVersion:  N/A            MD5: [7558ad2d9a5f23f95bcb9d50f7458250]
lang_el.qm                               File Size: 128427    BYTES FileVersion:  N/A            MD5: [4450767b6eaaa6869ee410d389a5e9ed]
lang_en.qm                               File Size: 100191    BYTES FileVersion:  N/A            MD5: [2b85d8e24659bf96f2c8a666bead54c4]
lang_es.qm                               File Size: 129307    BYTES FileVersion:  N/A            MD5: [74e57ce8c0dc024d7c5fcb068debb3a0]
lang_et.qm                               File Size: 122063    BYTES FileVersion:  N/A            MD5: [ff11420bba00002307e14b288c4ce19f]
lang_fi.qm                               File Size: 103951    BYTES FileVersion:  N/A            MD5: [89d33b2b7175fb7b3924d9864cdf2230]
lang_fr.qm                               File Size: 131783    BYTES FileVersion:  N/A            MD5: [d2b1267fbbb51c39e79f975fbe2182a7]
lang_he.qm                               File Size: 112817    BYTES FileVersion:  N/A            MD5: [a2614d9a5d9aba7817fbae878a92de2c]
lang_hu.qm                               File Size: 123254    BYTES FileVersion:  N/A            MD5: [c64b7919827df30fd55d9e9f40cf87a7]
lang_id.qm                               File Size: 120134    BYTES FileVersion:  N/A            MD5: [dffed4516bf61605021d9e8861c01951]
lang_it.qm                               File Size: 126353    BYTES FileVersion:  N/A            MD5: [4736f333e32d0c8f091ca9afe3fa4e71]
lang_ja.qm                               File Size: 87363     BYTES FileVersion:  N/A            MD5: [d982d5194aaa6e24e7191ee908491f9d]
lang_ko.qm                               File Size: 99039     BYTES FileVersion:  N/A            MD5: [5211e95dd40ea3b4cde5c831490822c9]
lang_lt.qm                               File Size: 105352    BYTES FileVersion:  N/A            MD5: [d610679ecb6929ee3ce82cac8f8d00a1]
lang_lv.qm                               File Size: 105344    BYTES FileVersion:  N/A            MD5: [985309298c683a35571fdb9486708287]
lang_nl.qm                               File Size: 125821    BYTES FileVersion:  N/A            MD5: [018c55baa051080bb012e63cb446b203]
lang_no.qm                               File Size: 120529    BYTES FileVersion:  N/A            MD5: [c2ee34817e0dfed9d5a5a85bc667e73c]
lang_pl.qm                               File Size: 125910    BYTES FileVersion:  N/A            MD5: [56e9a207bf8f4b564fd71e9defa96d4b]
lang_pt_BR.qm                           File Size: 124022    BYTES FileVersion:  N/A            MD5: [46a048872f4091a6a9862a54457c3a2c]
lang_pt_PT.qm                           File Size: 129551    BYTES FileVersion:  N/A            MD5: [99eb0c042faad4ee276f267a870a7abf]
lang_ro.qm                               File Size: 104981    BYTES FileVersion:  N/A            MD5: [0cbdb05b7927831d8331eb14d4638f32]
lang_ru.qm                               File Size: 126972    BYTES FileVersion:  N/A            MD5: [0febf393c35f2f1a3cd914b838da66dc]
lang_sk.qm                               File Size: 103656    BYTES FileVersion:  N/A            MD5: [d3fd5aa90bdae21984139a21058f4d71]
lang_sl.qm                               File Size: 122126    BYTES FileVersion:  N/A            MD5: [59911addc36e105cc55ba2ee31d09b7a]
lang_sv.qm                               File Size: 121593    BYTES FileVersion:  N/A            MD5: [f96d43155d3c98e43d7682983c0a9898]
lang_tr.qm                               File Size: 103127    BYTES FileVersion:  N/A            MD5: [12b05f94c8e397c62f324485e3059b07]
lang_vi.qm                               File Size: 119896    BYTES FileVersion:  N/A            MD5: [651b66fb4a9cfa95b640876670be7a27]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins
fixdamage.exe                           File Size: 821560    BYTES FileVersion:  1.1.0.1010     MD5: [796973043d5b665178150dd1cfb41a43]
 
C:\Users\korisnik\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
actions.ref                             File Size: 1292      BYTES FileVersion:  N/A            MD5: [60724fbf34c50f5495943fe06647ab13]
domains.ref                             File Size: 92        BYTES FileVersion:  N/A            MD5: [643b11322d78d9f4f46f030869ecfc49]
exclusions.dat                           File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
ips.ref                                 File Size: 80        BYTES FileVersion:  N/A            MD5: [2ec9c118caec1ae4b78c6ea95da0539f]
rules.ref                               File Size: 9722622   BYTES FileVersion:  N/A            MD5: [ad1243a31c5fd1c17dc4fb3208690d74]
swissarmy.ref                           File Size: 25573     BYTES FileVersion:  N/A            MD5: [4916d5f45664998b8b77858e43fe5766]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
build.conf                               File Size: 4600      BYTES FileVersion:  N/A            MD5: [178e43d93afafc2f747cf6f8c031d9ad]
database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                             File Size: 780       BYTES FileVersion:  N/A            MD5: [7b5324ef55a9d3fdedf4e2479f4992bb]
manifest.conf                           File Size: 2432      BYTES FileVersion:  N/A            MD5: [df9d34fb78f6c99d4f2eba19339295dc]
marketing.conf                           File Size: 11163     BYTES FileVersion:  N/A            MD5: [5ae2d2735ac9e32afd2ddbab1d604496]
net.conf                                 File Size: 6900      BYTES FileVersion:  N/A            MD5: [249a2309dfb4a2012db89f97ae8cb253]
notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
settings.conf                           File Size: 2048      BYTES FileVersion:  N/A            MD5: [1dd412326ebea865f9cdb6c455fdf477]
statistics.conf                         File Size: 513       BYTES FileVersion:  N/A            MD5: [f39b482137699783df3cf84d01cfbdca]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\Restore
build.conf                               File Size: 4182      BYTES FileVersion:  N/A            MD5: [a6f4892a9a602a54ecfc8681294103bb]
database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                             File Size: 23        BYTES FileVersion:  N/A            MD5: [0ec01df616b565180556881d8042255b]
manifest.conf                           File Size: 1576      BYTES FileVersion:  N/A            MD5: [af6de7a6ee83d328eb7211c854c57c67]
marketing.conf                           File Size: 11163     BYTES FileVersion:  N/A            MD5: [5ae2d2735ac9e32afd2ddbab1d604496]
net.conf                                 File Size: 6085      BYTES FileVersion:  N/A            MD5: [2e9986b0f3babad30e41fd2468197e94]
notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
settings.conf                           File Size: 1725      BYTES FileVersion:  N/A            MD5: [5454026126dac24f6e96eeb0c64123d3]
statistics.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
mbam-log-2015-05-30 (18-20-52).xml       File Size: 8662      BYTES FileVersion:  N/A            MD5: [c0f02d10bcd2c832a17684d8b1f81e3f]
mbam-log-2015-05-30 (20-39-42).xml       File Size: 2504      BYTES FileVersion:  N/A            MD5: [2298ec7fe157f216d0cff10eb7ecd86e]
mbam-log-2015-06-01 (20-22-31).xml       File Size: 2506      BYTES FileVersion:  N/A            MD5: [bf6fe96fa723d5124cf79735a6ef34f0]
mbam-log-2015-06-08 (19-05-24).xml       File Size: 2506      BYTES FileVersion:  N/A            MD5: [fb57d7938fd67cfbbf1387a969547463]
mbam-log-2015-06-18 (11-29-30).xml       File Size: 2502      BYTES FileVersion:  N/A            MD5: [bf56a42433516d42166df6b53523f0eb]
mbam-log-2015-06-19 (20-02-57).xml       File Size: 2506      BYTES FileVersion:  N/A            MD5: [ba1aae8634871e73d5c740e392749074]
mbam-log-2015-06-27 (22-00-23).xml       File Size: 2506      BYTES FileVersion:  N/A            MD5: [7bd6bad92678b4876347dc6687be8981]
mbam-log-2015-07-10 (18-44-18).xml       File Size: 7810      BYTES FileVersion:  N/A            MD5: [d3fc916702525b4064836162b90daace]
mbam-log-2015-07-11 (12-02-28).xml       File Size: 2506      BYTES FileVersion:  N/A            MD5: [381d7b40af8917e8961d916347c25629]
mbam-log-2015-07-11 (13-20-51).xml       File Size: 2508      BYTES FileVersion:  N/A            MD5: [3d80ae70d88ab30470ebea1e9641f612]
protection-log-2015-05-30.xml           File Size: 2010      BYTES FileVersion:  N/A            MD5: [04eb304c3391fdfd607fe6f7ed61f0a3]
protection-log-2015-05-31.xml           File Size: 3378      BYTES FileVersion:  N/A            MD5: [64fe564aff30a40e9069376acbb02260]
protection-log-2015-06-01.xml           File Size: 2692      BYTES FileVersion:  N/A            MD5: [e540bcdff15a2860c8c01800767896d2]
protection-log-2015-06-02.xml           File Size: 2548      BYTES FileVersion:  N/A            MD5: [e5919d7faceffbc30a1045fbdfc22180]
protection-log-2015-06-03.xml           File Size: 2548      BYTES FileVersion:  N/A            MD5: [a40a8848b3cd52479bdf0ac17190ca80]
protection-log-2015-06-04.xml           File Size: 888       BYTES FileVersion:  N/A            MD5: [1f939d3b7fb227298983e3872d44f6da]
protection-log-2015-06-05.xml           File Size: 3378      BYTES FileVersion:  N/A            MD5: [78848fcf3bdf7edfffe136c29340a4aa]
protection-log-2015-06-06.xml           File Size: 888       BYTES FileVersion:  N/A            MD5: [dcf4c8eda3be87828cde1727b3f8b4f5]
protection-log-2015-06-07.xml           File Size: 2548      BYTES FileVersion:  N/A            MD5: [c7b1bbda06b820864cf91d167c624516]
protection-log-2015-06-08.xml           File Size: 2690      BYTES FileVersion:  N/A            MD5: [f5be06af648971d498589d6e0f317d23]
protection-log-2015-06-09.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [942b3eb859c72bf280c2baa5f6b81a5b]
protection-log-2015-06-10.xml           File Size: 2548      BYTES FileVersion:  N/A            MD5: [6252aaf6de04ecf971b71f533eb93ace]
protection-log-2015-06-11.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [2a7b977820aad8c2b1145af42dc56eb6]
protection-log-2015-06-12.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [d74659e1dda31ed3b62bd16a6f9b1f88]
protection-log-2015-06-13.xml           File Size: 2548      BYTES FileVersion:  N/A            MD5: [2698be02d9dc4863248dd2762e842525]
protection-log-2015-06-14.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [2013b4d7e74d6f5dd08f5c96fc7abc4b]
protection-log-2015-06-15.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [459982fff34827cd4c37ddcd002b8837]
protection-log-2015-06-16.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [11ed08cd2ff4ed624d2ff7559ebd9d79]
protection-log-2015-06-17.xml           File Size: 3378      BYTES FileVersion:  N/A            MD5: [8f3e49748bca310308e563b58a1f2f76]
protection-log-2015-06-18.xml           File Size: 5248      BYTES FileVersion:  N/A            MD5: [59f9229214fe852793486d6cbb8bf6b7]
protection-log-2015-06-19.xml           File Size: 4050      BYTES FileVersion:  N/A            MD5: [a544cf210b0d28adac2f1c00da28fa8d]
protection-log-2015-06-20.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [cf1434654dc2cfc9709b5b852d786b4d]
protection-log-2015-06-21.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [0cacbfe3da62ff56030dd52349d5fdde]
protection-log-2015-06-22.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [062bce3aa001612e6d729272c7fb9228]
protection-log-2015-06-23.xml           File Size: 888       BYTES FileVersion:  N/A            MD5: [6e17f8aa041ef996f0ff8d027a7b3bdc]
protection-log-2015-06-24.xml           File Size: 888       BYTES FileVersion:  N/A            MD5: [2929e7badbb42a5b5865fcab66842c79]
protection-log-2015-06-25.xml           File Size: 888       BYTES FileVersion:  N/A            MD5: [1a5516c2a402cffef505ec6e7a8d9271]
protection-log-2015-06-26.xml           File Size: 888       BYTES FileVersion:  N/A            MD5: [0f7151f418c7098ea43757cf404b679f]
protection-log-2015-06-27.xml           File Size: 4660      BYTES FileVersion:  N/A            MD5: [1b156db20b9a50aca9b0ae1637aeeb7c]
protection-log-2015-06-28.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [310c4345175c5ebce11a8189cfa75458]
protection-log-2015-06-29.xml           File Size: 888       BYTES FileVersion:  N/A            MD5: [c8b9c233c1d7e5df244434b13defe2e7]
protection-log-2015-06-30.xml           File Size: 888       BYTES FileVersion:  N/A            MD5: [0e4210b242be61480f117118a5244899]
protection-log-2015-07-01.xml           File Size: 888       BYTES FileVersion:  N/A            MD5: [d4c9a244641b6fc867feb2294b36987c]
protection-log-2015-07-02.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [fffd0cfeb68bf6d999f82ab86b6a9493]
protection-log-2015-07-03.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [6f31532da9077abb0e60e6aba81c118e]
protection-log-2015-07-04.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [ebad90822281af97ab59e30155542009]
protection-log-2015-07-05.xml           File Size: 888       BYTES FileVersion:  N/A            MD5: [3cea7c6ae1ac5c90377d16f8b260cc10]
protection-log-2015-07-06.xml           File Size: 2548      BYTES FileVersion:  N/A            MD5: [e38fb02dc56052a3268372066b68d3c1]
protection-log-2015-07-07.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [2adcf2d644f437c0cc08dd369abe9e64]
protection-log-2015-07-08.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [fb7c83b6e4337feb26e9fccc3771e5b5]
protection-log-2015-07-09.xml           File Size: 1718      BYTES FileVersion:  N/A            MD5: [950cc7b368bd8ce23178f46a04638f2c]
protection-log-2015-07-10.xml           File Size: 3001      BYTES FileVersion:  N/A            MD5: [1b4cf63e8fc6f6fac3f9d380b65ae648]
protection-log-2015-07-11.xml           File Size: 3892      BYTES FileVersion:  N/A            MD5: [1213a4acd5c3319ce6149b1b3f0cdadc]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine
0030323353.data                         File Size: 766       BYTES FileVersion:  N/A            MD5: [a8957efe4e04cf27a7bff680fbe77fe9]
0030323353.quar                         File Size: 1838      BYTES FileVersion:  N/A            MD5: [5622dc0f80e37e4ac29bbc9789b767af]
0136385510.data                         File Size: 809       BYTES FileVersion:  N/A            MD5: [c47d5fc7894c9a6562592f8659f8e123]
0777597889.data                         File Size: 821       BYTES FileVersion:  N/A            MD5: [da03b3a19da7be32c8f54ff1b92dfd7c]
0980176397.data                         File Size: 752       BYTES FileVersion:  N/A            MD5: [ca899eacd232d2caea12fcb4b76a5880]
0980176397.quar                         File Size: 225272    BYTES FileVersion:  N/A            MD5: [e681a2c441350635fecf19fb925d0fa0]
2085558694.data                         File Size: 810       BYTES FileVersion:  N/A            MD5: [e19f014497cc5c14c34f5570edf7ab64]
2501565926.data                         File Size: 758       BYTES FileVersion:  N/A            MD5: [bc3b563887a43b07570459b60ac38c24]
2501565926.quar                         File Size: 380       BYTES FileVersion:  N/A            MD5: [8d6126c558cfbcd112f8fad2e05f12e3]
2684174640.data                         File Size: 817       BYTES FileVersion:  N/A            MD5: [0b91f23f8f00b895389e49c0668b9515]
3118607341.data                         File Size: 822       BYTES FileVersion:  N/A            MD5: [8a6fa493bffaabd70e79298c8b6ce531]
3747036602.data                         File Size: 805       BYTES FileVersion:  N/A            MD5: [8052643912f411ea5d34ecdbb18f5cbb]
4027928650.data                         File Size: 766       BYTES FileVersion:  N/A            MD5: [669057d56dcea7a7aa7500c254801186]
4027928650.quar                         File Size: 370432    BYTES FileVersion:  N/A            MD5: [7d984734a82ad575f75f0ecf28651a8b]
4284342168.data                         File Size: 723       BYTES FileVersion:  N/A            MD5: [a56cb5ee2ca0e15fd8d0712ad904e67b]
4284342168.quar                         File Size: 264240    BYTES FileVersion:  N/A            MD5: [49c3c02d4232238ba5725472d03c532f]
4673645598.data                         File Size: 708       BYTES FileVersion:  N/A            MD5: [603ac94a2496a1e2146312badccb2e34]
4673645598.quar                         File Size: 298500    BYTES FileVersion:  N/A            MD5: [aa83e4b6c27854a7304d089fbc24a6ca]
5478704309.data                         File Size: 768       BYTES FileVersion:  N/A            MD5: [e834b7e9fd39feda2885dc93c8843451]
5478704309.quar                         File Size: 1094      BYTES FileVersion:  N/A            MD5: [3946ac626362fcfbe5787125911e2612]
5552775321.data                         File Size: 753       BYTES FileVersion:  N/A            MD5: [e44d8fb184b8e5ba89b1abe52c7b0aea]
5552775321.quar                         File Size: 370       BYTES FileVersion:  N/A            MD5: [b258078ccc9bcbe4c70f83be54a32033]
6047856344.data                         File Size: 766       BYTES FileVersion:  N/A            MD5: [5f6ac6b5e5845563d42a6001d2f5463b]
6047856344.quar                         File Size: 377840    BYTES FileVersion:  N/A            MD5: [635cc3251d563a3d968579e38828362d]
7039695557.data                         File Size: 722       BYTES FileVersion:  N/A            MD5: [e06251127233a7dc88369bb0e64a220c]
7039695557.quar                         File Size: 419328    BYTES FileVersion:  N/A            MD5: [b9fe426925c962993e3b652bef8d5560]
7054075943.data                         File Size: 786       BYTES FileVersion:  N/A            MD5: [dffe91f9924d565744c71a46aae4da55]
7054075943.quar                         File Size: 11125720  BYTES FileVersion:  N/A            MD5: [5dae89186ee08c118ec289a9d5607c3f]
7731981203.data                         File Size: 730       BYTES FileVersion:  N/A            MD5: [cec59711ada4b1f410cd900c191df1ed]
7731981203.quar                         File Size: 262144    BYTES FileVersion:  N/A            MD5: [34e627f2edc20b43fcb5bc09f180c2c3]
8128026032.data                         File Size: 746       BYTES FileVersion:  N/A            MD5: [937209bcd421faa4542932292fe1b357]
8128026032.quar                         File Size: 356       BYTES FileVersion:  N/A            MD5: [db8d45cf704836cd34350de554780135]
8270425809.data                         File Size: 725       BYTES FileVersion:  N/A            MD5: [9611837563b237071b189522e0930bce]
8270425809.quar                         File Size: 264240    BYTES FileVersion:  N/A            MD5: [49c3c02d4232238ba5725472d03c532f]
8367981965.data                         File Size: 757       BYTES FileVersion:  N/A            MD5: [4b830e18f6e09791d4d28b3f1e6d9a67]
8367981965.quar                         File Size: 378       BYTES FileVersion:  N/A            MD5: [0d6a0a676271acb2802bf8db398ac8ef]
8444103222.data                         File Size: 741       BYTES FileVersion:  N/A            MD5: [cba2508f71e78284c972557fa5e9a484]
8444103222.quar                         File Size: 346       BYTES FileVersion:  N/A            MD5: [a401eab900f40534da6d97b0045e907e]
9065619182.data                         File Size: 745       BYTES FileVersion:  N/A            MD5: [a7a22bbd93780c1badc87d7eeb50a37a]
9065619182.quar                         File Size: 354       BYTES FileVersion:  N/A            MD5: [cd51fa837398744974edf8ae567a8c82]
9820153794.data                         File Size: 754       BYTES FileVersion:  N/A            MD5: [902cfef8c9e0b0eddb133b12c290832b]
9820153794.quar                         File Size: 227032    BYTES FileVersion:  N/A            MD5: [74dd1ecd806211ddbdfa2d7ba954be98]
 
Malware Exclusions:
===================
Web Exclusions:
================
Quarantined Items:
===================
Vendor: PUP.Optional.Multiplug, Date: 2015/07/10 16:44:41, Type: Registry Key, Location: HKU\S-1-5-21-1227359831-991995275-1298296250-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}
Vendor: Security.Hijack, Date: 2015/05/30 16:20:55, Type: Registry Value, Location: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\REGEDIT.EXE|Debugger
Vendor: Security.Hijack, Date: 2015/05/30 16:20:55, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\REGEDIT.EXE|Debugger
Vendor: PUP.Optional.Somoto, Date: 2015/07/10 16:44:41, Type: File, Location: C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000000
Vendor: Security.Hijack, Date: 2015/05/30 16:20:55, Type: Registry Value, Location: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCLEANER.EXE|Debugger
Vendor: Security.Hijack, Date: 2015/05/30 16:20:55, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCLEANER.EXE
Vendor: Security.Hijack, Date: 2015/05/30 16:20:55, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVZ.EXE|Debugger
Vendor: Security.Hijack, Date: 2015/05/30 16:20:55, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCLEANER.EXE|Debugger
Vendor: Security.Hijack, Date: 2015/05/30 16:20:55, Type: Registry Value, Location: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVZ.EXE|Debugger
Vendor: PUP.Optional.OneClickDownloader.A, Date: 2015/07/10 16:44:41, Type: File, Location: C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000
Vendor: PUP.Optional.Multiplug, Date: 2015/07/10 16:44:41, Type: File, Location: C:\Users\korisnik\AppData\Local\Temp\5BA0\temp\sevensetup.exe
Vendor: VirTool.Obfuscator, Date: 2015/07/10 16:44:41, Type: File, Location: D:\Program Files (x86)\Saints Row IV\steam_api.dll
Vendor: PUP.Optional.Multiplug, Date: 2015/07/10 16:44:41, Type: Registry Key, Location: HKU\S-1-5-21-1227359831-991995275-1298296250-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Vendor: Security.Hijack, Date: 2015/05/30 16:20:55, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVZ.EXE
Vendor: PUP.Optional.OneClickDownloader.A, Date: 2015/07/10 16:44:41, Type: File, Location: C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000
Vendor: Trojan.Passwords.GM, Date: 2015/07/10 16:44:41, Type: File, Location: D:\Program Files (x86)\Watch Dogs\Watch Dogs\bin\3dmGameDll.dll
Vendor: PUP.Optional.APNToolBar.A, Date: 2015/07/10 16:44:41, Type: File, Location: C:\Users\korisnik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CGZ8NHSJ\YTDSetup-149215245[1].exe
Vendor: PUP.Optional.Multiplug, Date: 2015/07/10 16:44:41, Type: File, Location: C:\ProgramData\{9611eb22-481a-b339-9611-1eb22481ac89}\sevensetup.exe
Vendor: Security.Hijack, Date: 2015/05/30 16:20:55, Type: Registry Key, Location: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCLEANER.EXE
Vendor: PUP.Optional.Multiplug, Date: 2015/07/10 16:44:41, Type: File, Location: C:\Users\korisnik\AppData\Local\Temp\nsg7E7D.tmp\sevensetup.exe
Vendor: Security.Hijack, Date: 2015/05/30 16:20:55, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\REGEDIT.EXE
Vendor: Security.Hijack, Date: 2015/05/30 16:20:55, Type: Registry Key, Location: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVZ.EXE
Vendor: Security.Hijack, Date: 2015/05/30 16:20:55, Type: Registry Key, Location: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\REGEDIT.EXE
Vendor: PUP.Optional.Somoto.A, Date: 2015/07/10 16:44:41, Type: File, Location: C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000


#10 CERBERUSCLH

CERBERUSCLH
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:05:33 AM

Posted 11 July 2015 - 10:34 AM

 

Please download and install Speccy to provide us with information about your computer.  Clicking on this link will automatically initiate the download. 
 
When Speccy opens you will see a screen similar to the one below.
 
speccy9_zps2d9cdedc.png
 
Click on File which is outlined in red in the screen above, and then click on Publish Snapshot.
 
The following screen will appear, click on Yes.
 
speccy7_zpsfa02105f.png
 
The following screen will appear, click on Copy to Clipboard.
 
speccy3_zps1791b093.png
 
In your next post right click inside the Reply to Topic box, then click on Paste.  This will load a link to the Speccy log.

 

================

 

You do not need to quote my posts, it just uses unneeded bandwidth and takes up space.

 

Please download MiniToolBox to your desktop.
 
Right-click on MiniToolBox.exe and select Run as Administrator.
 
You will see an image like the one below.
 
minitoolbox_zps7byuwkla.png
 
Click on the following checkboxes only:
 
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
• List Minidump Files
 
Click on Go to start the scan.  Once it is finished highlight the text, then copy it and paste it in your topic.

 

http://speccy.piriform.com/results/NtQOHrNaTkbODUs1u6ob1Wj here's the speecy link, I'll download the first program you linked me to download now.



#11 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:33 PM

Posted 11 July 2015 - 11:34 AM

You do not need to quote my posts, it just takes up room.
 
Why do you have AVG disabled?  In view of the infections found in Malwarebytes I would think that you would want all the protection you can get.
 
Your CPU is running very hot.  You need to look inside the case to see if there is an accumulation of dust in the CPU heatsink and fan assembly.
 
If you have not already run the MiniToolBox, don't.  We need to take another look at the infections which were found.

 

================

 

Please download and install Emsisoft.
 
1.  When Emsisoft opens click on Update.
 
emsisoft6_zpsace019ac.png
 
2.  Click on Full Scan.
 
emsisoft7_zps9186dacd.png
 
3.  After the scan has completed the results will be displayed.  Make sure there is a check in the box of each item found, then click on Quarantine.
 
emsisoft9_zpsf493a30a.png
 
4.  After the items have been quarantined click on OK.
 
emsisoft10_zpscd89d5de.png
 
5.  After the quarantine has been completed click on Logs.
 
emsisoft11_zps7f976399.png
 
6.  Click on Export and save the log to a location which you will be able to find and open.  Open the log, copy and then paste the log in your topic.
 
emsisoft12_zpsb7365391.png
 

================

Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to allow this to run till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need to download the Eset Smartinstaller.***

ESET Online Scanner

  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#12 CERBERUSCLH

CERBERUSCLH
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:05:33 AM

Posted 11 July 2015 - 11:42 AM

I turned off AVG because when scanning with malwarebytes it's suggested to turn off. I have it turned off most of the time.


And there's no dust in my pc, it's new. I'll run emistoft now.



#13 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:33 PM

Posted 11 July 2015 - 11:51 AM

Something is causing your CPU to run at 75C, that's too hot.

 

Unless you are off line I wouldn't turn off your antivirus.  You have a torjan which may be on this computer because you weren't running your antivirus.


Edited by dc3, 11 July 2015 - 11:53 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#14 CERBERUSCLH

CERBERUSCLH
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:05:33 AM

Posted 11 July 2015 - 11:55 AM

Hey, sorry I have only 3 options Quick Scan, Malware Scan and Custom Scan in Emisoft Emergency Kit program you requested. And so I will have to leave AntiVirus ON while scanning with Emisoft??



#15 CERBERUSCLH

CERBERUSCLH
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:05:33 AM

Posted 11 July 2015 - 11:57 AM

Also, what kind of trojan do I have?? Am I safe to login to things like email, steam, paypal and similiar??






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users