antfarmer

Members

View Profile See their activity

Posts
5
Joined
April 24, 2014
Last visited
April 27, 2014

Reputation

0 Neutral

Can't Install Malwarebytes (Error 183)

antfarmer replied to antfarmer's topic in Resolved Malware Removal Logs

Sorry to keep you waiting! Thankfully, this time it worked, and I've managed to successfully install Malwarebytes. I'll post the log just in case. Feel free to close this thread now. Thank you so much! _Windows_Repair_Log.txt
- April 27, 2014
- 9 replies
Can't Install Malwarebytes (Error 183)

antfarmer replied to antfarmer's topic in Resolved Malware Removal Logs

Malwarebytes still won't install, but here's the other logs you requested: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.4 (04.06.2014:1)OS: Windows 7 Home Premium x64Ran by Matt on 04/24/2014 Thu at 15:23:33.69~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ FireFox Emptied folder: C:\Users\Matt\AppData\Roaming\mozilla\firefox\profiles\t34g7ha4.default\minidumps [7 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 04/24/2014 Thu at 15:28:38.11End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v3.202 - Report created 24/04/2014 at 15:17:08# Updated 23/04/2014 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Matt - MATT-PC# Running from : C:\Users\Matt\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16518 -\\ Mozilla Firefox v28.0 (en-US) [ File : C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\t34g7ha4.default\prefs.js ] -\\ Google Chrome v33.0.1750.146 [ File : C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [891 octets] - [24/04/2014 15:16:23]AdwCleaner[s0].txt - [1490 octets] - [24/04/2014 15:17:08] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1550 octets] ########## Fixlog.txt
- April 24, 2014
- 9 replies
Can't Install Malwarebytes (Error 183)

antfarmer replied to antfarmer's topic in Resolved Malware Removal Logs

Whoops, here's the content of FRST.txt: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014Ran by Matt (administrator) on MATT-PC on 24-04-2014 02:00:28Running from C:\Users\Matt\DesktopWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe(Microsoft Corporation) C:\Windows\system32\WLANExt.exe() C:\Windows\system32\AppleOSSMgr.exe(Apple Inc.) C:\Windows\system32\AppleTimeSrv.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe(Paltiosoft Inc.) C:\Program Files (x86)\SoftDenchi\UCManSvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [746336 2013-09-10] (Apple Inc.)HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)HKLM\...\Run: [Language bar] => "ctfmon"="CTFMON.EXE"HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)HKU\S-1-5-21-1701587152-3951579498-3246996213-1000\...\Run: [GoogleChromeAutoLaunch_952AA941B71FA68F2EFC80A225B9EE63] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859464 2014-03-01] (Google Inc.)Startup: C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE72C39FF52D5CE01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeBHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.42.1 FireFox:========FF ProfilePath: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\t34g7ha4.defaultFF Homepage: https://accounts.google.com/ServiceLogin?service=mail&continue=https://mail.google.com/mail/FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)FF Plugin: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)FF Plugin-x32: wacom.com/WacomTabletPlugin - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)FF Extension: Rikaichan Japanese-English Dictionary File - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\t34g7ha4.default\Extensions\rikaichan-jpen@polarcloud.com [2013-11-17]FF Extension: Rikaichan - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\t34g7ha4.default\Extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82} [2013-11-04]FF Extension: Adblock Plus - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\t34g7ha4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-30] Chrome: =======CHR StartupUrls: "startup_urls_migration_time": "13034591674078457"CHR Extension: (Google Docs) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-30]CHR Extension: (Google Drive) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-30]CHR Extension: (Missing e) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid [2013-10-30]CHR Extension: (YouTube) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-30]CHR Extension: (Chromoji - Emoji for Google Chrome™) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahedbegdkagmcjfolhdlechbkeaieki [2014-02-26]CHR Extension: (Adblock Plus) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-30]CHR Extension: (Google Search) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-30]CHR Extension: (Lookup Companion for Wikipedia) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhgpkiiipkgmckicafkhcihkcldbdeej [2013-10-30]CHR Extension: (Search YouTube) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekiijecongnkbcikpkkoalboflbhoiap [2013-10-30]CHR Extension: (Amazon Search) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\enmmhdbooodmkdndokhkjjgnbejjbmbf [2013-10-30]CHR Extension: (Cloud Reader) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2013-10-30]CHR Extension: (Forecastfox) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihffmkcfkejomlfnilnmkokcpgclhfeg [2013-10-30]CHR Extension: (rikaikun) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jipdnfibhldikgcjhfnomkfpcebammhp [2013-10-30]CHR Extension: (Google Wallet) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-30]CHR Extension: (Checker Plus for Gmail™) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2013-10-30]CHR Extension: (WordReference Extension) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofnmflhedfocnfnoafgcojkllnmdipoj [2013-10-30]CHR Extension: (Gmail) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-30]CHR Extension: (RSS Feed Reader) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2013-10-30] ==================== Services (Whitelisted) ================= R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [226144 2013-09-10] ()S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)R2 UCManSvc; C:\Program Files (x86)\SoftDenchi\UCManSvc.exe [186512 2012-11-01] (Paltiosoft Inc.)R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635160 2014-04-03] (Wacom Technology, Corp.) ==================== Drivers (Whitelisted) ==================== R3 applebmt; C:\Windows\System32\DRIVERS\applebmt.sys [52736 2011-06-17] (Apple Inc.)U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-09] (Intel Corporation)R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [124928 2010-11-10] (Razer USA Ltd)R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-11-05] (Duplex Secure Ltd.)U3 aaps7vq5; C:\Windows\System32\Drivers\aaps7vq5.sys [0 ] (Advanced Micro Devices)S3 catchme; \??\C:\test.exe\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-24 01:55 - 2014-04-24 02:00 - 00013864 _____ () C:\Users\Matt\Desktop\FRST.txt2014-04-24 01:53 - 2014-04-24 01:53 - 00018201 _____ () C:\ComboFix.txt2014-04-23 21:17 - 2014-04-23 21:17 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\AVG20142014-04-23 21:16 - 2014-04-23 21:17 - 00000000 ____D () C:\ProgramData\AVG20142014-04-23 21:16 - 2014-04-23 21:16 - 00000973 _____ () C:\Users\Public\Desktop\AVG 2014.lnk2014-04-23 21:16 - 2014-04-23 21:16 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\TuneUp Software2014-04-23 21:16 - 2014-04-23 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG2014-04-23 21:16 - 2014-04-23 21:16 - 00000000 ____D () C:\Program Files (x86)\AVG2014-04-23 21:16 - 2014-04-23 21:16 - 00000000 ____D () C:\$AVG2014-04-23 21:14 - 2014-04-23 21:20 - 00000000 ____D () C:\Users\Matt\AppData\Local\Avg20142014-04-23 21:14 - 2014-04-23 21:19 - 00000000 ____D () C:\ProgramData\MFAData2014-04-23 21:14 - 2014-04-23 21:14 - 00000000 ____D () C:\Users\Matt\AppData\Local\MFAData2014-04-23 19:08 - 2014-04-23 23:54 - 00018013 _____ () C:\Windows\WindowsUpdate.log2014-04-23 19:05 - 2014-04-24 06:50 - 00000112 _____ () C:\Windows\setupact.log2014-04-23 19:05 - 2014-04-23 19:05 - 00000000 _____ () C:\Windows\setuperr.log2014-04-23 19:00 - 2014-04-24 01:53 - 00000000 ____D () C:\Qoobox2014-04-23 19:00 - 2014-04-23 19:08 - 00000000 ____D () C:\Windows\erdnt2014-04-23 19:00 - 2011-06-25 23:45 - 00256000 _____ () C:\Windows\PEV.exe2014-04-23 19:00 - 2010-11-07 10:20 - 00208896 _____ () C:\Windows\MBR.exe2014-04-23 19:00 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe2014-04-23 19:00 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe2014-04-23 19:00 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe2014-04-23 19:00 - 2000-08-30 17:00 - 00098816 _____ () C:\Windows\sed.exe2014-04-23 19:00 - 2000-08-30 17:00 - 00080412 _____ () C:\Windows\grep.exe2014-04-23 19:00 - 2000-08-30 17:00 - 00068096 _____ () C:\Windows\zip.exe2014-04-23 18:58 - 2014-04-23 18:59 - 05196870 ____R (Swearware) C:\Users\Matt\Desktop\test.exe.exe2014-04-23 18:48 - 2014-04-24 02:00 - 00000000 ____D () C:\FRST2014-04-23 18:48 - 2014-04-23 18:48 - 02061824 _____ (Farbar) C:\Users\Matt\Desktop\FRST64.exe2014-04-23 18:40 - 2014-04-23 19:04 - 00010986 _____ () C:\Windows\PFRO.log2014-04-23 18:23 - 2014-04-23 18:43 - 00003232 _____ () C:\Users\Matt\Desktop\Rkill.txt2014-04-23 18:23 - 2014-04-23 18:23 - 03972608 _____ () C:\Users\Matt\Desktop\RogueKiller.exe2014-04-23 18:21 - 2014-04-23 18:21 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Desktop\rkill.exe2014-04-23 18:19 - 2014-04-23 18:19 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-04-23 18:02 - 2014-04-23 18:02 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Matt\Desktop\mbam-clean-2.0.2.0 (1).exe2014-04-23 17:22 - 2014-04-23 17:22 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Matt\Desktop\mapp.exe2014-04-23 17:06 - 2014-04-23 17:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_silabser_01009.Wdf2014-04-23 17:04 - 2014-04-23 17:04 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet2014-04-23 02:54 - 2014-04-23 02:54 - 00001190 _____ () C:\Users\Public\Desktop\Titanfall.lnk2014-04-23 02:54 - 2014-04-23 02:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall2014-04-22 21:23 - 2014-04-22 21:30 - 00000000 ____D () C:\Program Files (x86)\Origin Games2014-04-22 21:22 - 2014-04-22 21:30 - 00000000 ____D () C:\Users\Matt\AppData\Local\Origin2014-04-22 21:22 - 2014-04-22 21:29 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Origin2014-04-22 21:20 - 2014-04-22 21:29 - 00000000 ____D () C:\ProgramData\Origin2014-04-22 21:20 - 2014-04-22 21:29 - 00000000 ____D () C:\Program Files (x86)\Origin2014-04-22 21:20 - 2014-04-22 21:20 - 00000991 _____ () C:\Users\Public\Desktop\Origin.lnk2014-04-22 21:20 - 2014-04-22 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin2014-04-22 21:20 - 2014-04-22 21:20 - 00000000 ____D () C:\ProgramData\Electronic Arts2014-04-22 19:35 - 2014-04-22 19:35 - 00000222 _____ () C:\Users\Matt\Desktop\DARK SOULS II.url2014-04-22 05:45 - 2014-04-22 05:45 - 00000063 _____ () C:\Update.Microsoft.com.url2014-04-22 03:44 - 2014-04-24 01:28 - 00000000 ____D () C:\Users\Matt\AppData\Local\RUWIN2014-04-22 00:26 - 2014-04-22 00:26 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\RenPy2014-04-21 23:07 - 2014-04-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-04-21 21:53 - 2014-02-06 18:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-04-21 21:53 - 2014-01-28 19:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll2014-04-21 21:53 - 2014-01-28 19:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll2014-04-21 21:51 - 2014-02-03 19:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll2014-04-21 21:51 - 2014-02-03 19:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys2014-03-27 22:14 - 2014-03-27 22:14 - 00192792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys2014-03-27 22:14 - 2014-03-27 22:14 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys2014-03-27 22:07 - 2014-03-27 22:07 - 00236824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys2014-03-27 22:05 - 2014-03-27 22:05 - 00324376 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys2014-03-27 22:03 - 2014-03-27 22:03 - 00032536 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys ==================== One Month Modified Files and Folders ======= 2014-04-24 06:50 - 2014-04-23 19:05 - 00000112 _____ () C:\Windows\setupact.log2014-04-24 06:50 - 2013-10-30 02:25 - 00000000 ____D () C:\ProgramData\NVIDIA2014-04-24 02:00 - 2014-04-24 01:55 - 00013864 _____ () C:\Users\Matt\Desktop\FRST.txt2014-04-24 02:00 - 2014-04-23 18:48 - 00000000 ____D () C:\FRST2014-04-24 01:53 - 2014-04-24 01:53 - 00018201 _____ () C:\ComboFix.txt2014-04-24 01:53 - 2014-04-23 19:00 - 00000000 ____D () C:\Qoobox2014-04-24 01:52 - 2009-07-13 19:34 - 00000215 _____ () C:\Windows\system.ini2014-04-24 01:28 - 2014-04-22 03:44 - 00000000 ____D () C:\Users\Matt\AppData\Local\RUWIN2014-04-24 00:02 - 2013-10-30 05:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-04-23 23:58 - 2009-07-13 21:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-04-23 23:58 - 2009-07-13 21:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-04-23 23:55 - 2009-07-13 22:13 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI2014-04-23 23:54 - 2014-04-23 19:08 - 00018013 _____ () C:\Windows\WindowsUpdate.log2014-04-23 23:53 - 2013-10-30 02:46 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Dropbox2014-04-23 23:52 - 2013-10-30 02:47 - 00000000 ___RD () C:\Users\Matt\Dropbox2014-04-23 21:20 - 2014-04-23 21:14 - 00000000 ____D () C:\Users\Matt\AppData\Local\Avg20142014-04-23 21:19 - 2014-04-23 21:14 - 00000000 ____D () C:\ProgramData\MFAData2014-04-23 21:17 - 2014-04-23 21:17 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\AVG20142014-04-23 21:17 - 2014-04-23 21:16 - 00000000 ____D () C:\ProgramData\AVG20142014-04-23 21:16 - 2014-04-23 21:16 - 00000973 _____ () C:\Users\Public\Desktop\AVG 2014.lnk2014-04-23 21:16 - 2014-04-23 21:16 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\TuneUp Software2014-04-23 21:16 - 2014-04-23 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG2014-04-23 21:16 - 2014-04-23 21:16 - 00000000 ____D () C:\Program Files (x86)\AVG2014-04-23 21:16 - 2014-04-23 21:16 - 00000000 ____D () C:\$AVG2014-04-23 21:14 - 2014-04-23 21:14 - 00000000 ____D () C:\Users\Matt\AppData\Local\MFAData2014-04-23 20:17 - 2013-10-30 02:30 - 00000000 ___RD () C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-23 20:16 - 2013-10-30 03:05 - 00000000 ____D () C:\Program Files (x86)\Steam2014-04-23 19:09 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Default2014-04-23 19:08 - 2014-04-23 19:00 - 00000000 ____D () C:\Windows\erdnt2014-04-23 19:05 - 2014-04-23 19:05 - 00000000 _____ () C:\Windows\setuperr.log2014-04-23 19:04 - 2014-04-23 18:40 - 00010986 _____ () C:\Windows\PFRO.log2014-04-23 19:04 - 2013-12-02 13:04 - 45613056 _____ () C:\Windows\system32\config\SOFTWARE.bak2014-04-23 19:04 - 2013-12-02 13:04 - 19136512 _____ () C:\Windows\system32\config\SYSTEM.bak2014-04-23 19:04 - 2009-07-13 19:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak2014-04-23 19:04 - 2009-07-13 19:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak2014-04-23 19:04 - 2009-07-13 19:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak2014-04-23 19:03 - 2014-03-11 01:38 - 00000000 ____D () C:\NTKernel2014-04-23 18:59 - 2014-04-23 18:58 - 05196870 ____R (Swearware) C:\Users\Matt\Desktop\test.exe.exe2014-04-23 18:48 - 2014-04-23 18:48 - 02061824 _____ (Farbar) C:\Users\Matt\Desktop\FRST64.exe2014-04-23 18:43 - 2014-04-23 18:23 - 00003232 _____ () C:\Users\Matt\Desktop\Rkill.txt2014-04-23 18:23 - 2014-04-23 18:23 - 03972608 _____ () C:\Users\Matt\Desktop\RogueKiller.exe2014-04-23 18:21 - 2014-04-23 18:21 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Desktop\rkill.exe2014-04-23 18:19 - 2014-04-23 18:19 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-04-23 18:18 - 2013-10-30 22:39 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\uTorrent2014-04-23 18:02 - 2014-04-23 18:02 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Matt\Desktop\mbam-clean-2.0.2.0 (1).exe2014-04-23 17:22 - 2014-04-23 17:22 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Matt\Desktop\mapp.exe2014-04-23 17:08 - 2013-10-30 16:54 - 00000000 ____D () C:\ProgramData\69B6DBD2-8E05-476F-B662-CF8D235FD4992014-04-23 17:06 - 2014-04-23 17:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_silabser_01009.Wdf2014-04-23 17:04 - 2014-04-23 17:04 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet2014-04-23 17:04 - 2013-11-11 02:10 - 00000000 ____D () C:\Program Files\Tablet2014-04-23 03:08 - 2013-11-11 02:10 - 00000000 ____D () C:\Program Files\TabletPlugins2014-04-23 03:08 - 2013-11-11 02:10 - 00000000 ____D () C:\Program Files (x86)\TabletPlugins2014-04-23 02:54 - 2014-04-23 02:54 - 00001190 _____ () C:\Users\Public\Desktop\Titanfall.lnk2014-04-23 02:54 - 2014-04-23 02:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall2014-04-23 02:53 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games2014-04-22 23:03 - 2013-10-30 19:44 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\vlc2014-04-22 21:30 - 2014-04-22 21:23 - 00000000 ____D () C:\Program Files (x86)\Origin Games2014-04-22 21:30 - 2014-04-22 21:22 - 00000000 ____D () C:\Users\Matt\AppData\Local\Origin2014-04-22 21:29 - 2014-04-22 21:22 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Origin2014-04-22 21:29 - 2014-04-22 21:20 - 00000000 ____D () C:\ProgramData\Origin2014-04-22 21:29 - 2014-04-22 21:20 - 00000000 ____D () C:\Program Files (x86)\Origin2014-04-22 21:20 - 2014-04-22 21:20 - 00000991 _____ () C:\Users\Public\Desktop\Origin.lnk2014-04-22 21:20 - 2014-04-22 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin2014-04-22 21:20 - 2014-04-22 21:20 - 00000000 ____D () C:\ProgramData\Electronic Arts2014-04-22 19:35 - 2014-04-22 19:35 - 00000222 _____ () C:\Users\Matt\Desktop\DARK SOULS II.url2014-04-22 05:45 - 2014-04-22 05:45 - 00000063 _____ () C:\Update.Microsoft.com.url2014-04-22 03:29 - 2009-07-13 21:45 - 00268712 _____ () C:\Windows\system32\FNTCACHE.DAT2014-04-22 03:27 - 2013-10-30 05:20 - 00000000 ____D () C:\Windows\system32\MRT2014-04-22 02:00 - 2013-10-30 22:47 - 00000000 ____D () C:\Program Files\PeerBlock2014-04-22 00:26 - 2014-04-22 00:26 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\RenPy2014-04-21 23:07 - 2014-04-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys2014-04-03 16:55 - 2013-11-11 02:10 - 01946904 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll2014-04-03 16:55 - 2013-11-11 02:10 - 01929496 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll2014-04-03 16:55 - 2013-11-11 02:10 - 01922328 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll2014-04-03 16:55 - 2013-11-11 02:10 - 01796888 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll2014-04-03 16:55 - 2013-11-11 02:10 - 01563416 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll2014-04-03 16:55 - 2013-11-11 02:10 - 01560344 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll2014-04-03 16:55 - 2013-11-11 02:10 - 01556760 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll2014-04-03 16:55 - 2013-11-11 02:10 - 01443096 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys2014-03-31 09:35 - 2010-11-20 20:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2014-03-31 03:51 - 2013-10-30 05:20 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-03-27 22:14 - 2014-03-27 22:14 - 00192792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys2014-03-27 22:14 - 2014-03-27 22:14 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys2014-03-27 22:07 - 2014-03-27 22:07 - 00236824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys2014-03-27 22:05 - 2014-03-27 22:05 - 00324376 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys2014-03-27 22:03 - 2014-03-27 22:03 - 00032536 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys Files to move or delete:====================C:\NTKernel ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-12 03:30 ==================== End Of Log ============================
- April 24, 2014
- 9 replies
Can't Install Malwarebytes (Error 183)

antfarmer replied to antfarmer's topic in Resolved Malware Removal Logs

Here they are: ComboFix.txt FRST.txt Addition.txt
- April 24, 2014
- 9 replies
Can't Install Malwarebytes (Error 183)

antfarmer posted a topic in Resolved Malware Removal Logs

Malwarebytes refused to run, so I uninstalled it using mmab-clean (which itself was a hassle, having to deal with rewritten permissions and "error 5"), then attempted to reinstall it in Safe Mode, only to be greeted by "Error 183: Cannot create a new file when that file exists" on multiple filed, such as rules.ref and actions.ref. The culprit seems to be "load32.exe", from what I can tell, but I don't know how to remove it. I've attached my Combofix log. Thank you for your time and assistance. ComboFix.txt
- April 24, 2014
- 9 replies

Sign In

antfarmer

Posts

Joined

Last visited

Reputation

Can't Install Malwarebytes (Error 183)

Can't Install Malwarebytes (Error 183)

Can't Install Malwarebytes (Error 183)

Can't Install Malwarebytes (Error 183)

Can't Install Malwarebytes (Error 183)

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information