Jump to content

snaggles

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. My brother said his computer has been giving weird proformence spikes, so I decided to try and run MBAM to see if its something icky like a virus or w/e and it freezes on the last part the scan. Like, I've given it approx 48 hours to finish yet it still doesn't, so that makes me think its something a little more nasty Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014 Ran by Tony (administrator) on 1D4EVR on 20-07-2014 14:30:15 Running from C:\Users\Tony\Desktop Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Scarlet.Crush Productions) C:\XInput-Wrapper-SCP-2.2.1.88\ScpServer\bin\ScpService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe () C:\Windows\System32\dmwu.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe () C:\Windows\SysWOW64\jmdp\stij.exe () C:\Windows\System32\ljkb\stij.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [ASUSQuickGesture(x86)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352 2012-09-11] (ASUSTeK Computer Inc.) HKLM\...\Run: [ASUSTPLoader(x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe [169856 2012-09-11] (AsusTek) HKLM\...\Run: [ASUSQuickGesture(x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [22400 2012-09-11] (ASUSTeK Computer Inc.) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-09-09] (RealNetworks, Inc.) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-05-12] (Malwarebytes Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-10] (Microsoft Corporation) HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect" HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.) HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-07-15] (Valve Corporation) HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\Run: [{A1264D7F-CEF6-4033-8F9D-3E27392E3627}] => "C:\Users\Tony\Downloads\Terraria v1.2.0.2 cracked-KEBAB Full Installer\setup.exe" /cmdloc "HKCU\Sof (the data entry has 59 more characters). HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\Run: [TBHostSupport] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Tony\AppData\Local\TBHostSupport\TBHostSupport.dll",DLL (the data entry has 23 more characters). <===== ATTENTION HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\Run: [APISupport] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Tony\AppData\Local\Conduit\APISupport\APISupport.dll",D (the data entry has 16 more characters). <===== ATTENTION HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe [839560 2014-01-05] (Adobe Systems Incorporated) HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\MountPoints2: D - D:\AutoRun.exe "Start.htm" HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\MountPoints2: {1d4bf47a-d61d-11e3-9c7a-08606e0243df} - E:\TL-BootStrap.exe HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\MountPoints2: {44e31dbe-22e0-11e3-8b2b-08606e0243df} - F:\setup.exe HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.) HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-07-15] (Valve Corporation) HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [{A1264D7F-CEF6-4033-8F9D-3E27392E3627}] => "C:\Users\Tony\Downloads\Terraria v1.2.0.2 cracked-KEBAB Full Installer\setup.exe" /cmdloc "HKCU\Sof (the data entry has 59 more characters). HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TBHostSupport] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Tony\AppData\Local\TBHostSupport\TBHostSupport.dll",DLL (the data entry has 23 more characters). <===== ATTENTION HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [APISupport] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Tony\AppData\Local\Conduit\APISupport\APISupport.dll",D (the data entry has 16 more characters). <===== ATTENTION HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe [839560 2014-01-05] (Adobe Systems Incorporated) HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: D - D:\AutoRun.exe "Start.htm" HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {1d4bf47a-d61d-11e3-9c7a-08606e0243df} - E:\TL-BootStrap.exe HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {44e31dbe-22e0-11e3-8b2b-08606e0243df} - F:\setup.exe AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC64~1.DLL => C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC64~1.DLL File Not Found AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC32~1.DLL => "C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC32~1.DLL" File Not Found ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3314312&octid=CT3314312&SearchSource=61&CUI=UN40910556301108517&UM=2&UP=SPC7C336F4-D905-41B3-9645-0BA7BAA9BB4E&SSPV= HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x981BE34CF6ACCE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us SearchScopes: HKLM-x32 - DefaultScope {87039B55-C160-4C4C-BE53-9ABC9A3C101E} URL = SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKCU - {87039B55-C160-4C4C-BE53-9ABC9A3C101E} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3314312&CUI=UN40910556301108517&UM=2 BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.) BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.) BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.15.1 FireFox: ======== FF ProfilePath: C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\npbdix7w.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll () FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Tony\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\npbdix7w.default\searchplugins\MyStart Search.xml FF Extension: Adblock Plus Pop-up Addon - C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\npbdix7w.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-05-24] FF Extension: Adblock Plus - C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\npbdix7w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-24] FF Extension: Greasemonkey - C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\npbdix7w.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-06-09] FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-09] Chrome: ======= CHR HomePage: hxxp://search.conduit.com/?ctid=CT3314312&SearchSource=48&CUI=UN37402386449835186&UM=2&UP=SPC7C336F4-D905-41B3-9645-0BA7BAA9BB4E&SSPV=&SAT=SCH CHR NewTab: "chrome-extension://eibleipkbineaadpnemmalkahodjhdbd/Search/NewTabPages/html/new_tab.html" CHR DefaultSearchKeyword: trovi.search CHR DefaultSearchURL: http:\/\/search.conduit.com\/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN37402386449835186&ctid=CT3314312&UM=2&UP=SPC7C336F4-D905-41B3-9645-0BA7BAA9BB4E&SSPV=&SAT=GLO CHR DefaultNewTabURL: https://search.conduit.com/?gd=&ctid=CT3314312&octid=CT3314312&ISID=ISID_ID&SearchSource=15&CUI=UN37402386449835186&SSPV=&lay=3&p=cnts&UM=2&SAT=CNTS CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-15] CHR Extension: (YouTube) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-09] CHR Extension: (Google Search) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-09] CHR Extension: (SweetPacks A5) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibleipkbineaadpnemmalkahodjhdbd [2013-10-13] CHR Extension: (WordOv) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh [2013-10-13] CHR Extension: (RealDownloader) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-09-09] CHR Extension: (Google Wallet) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-23] CHR Extension: (Gmail) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-09] CHR Extension: (Extutil) - C:\Users\Tony\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-02-01] CHR Extension: (Managera) - C:\Users\Tony\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-02-01] CHR HKCU\...\Chrome\Extension: [eibleipkbineaadpnemmalkahodjhdbd] - C:\Users\Tony\AppData\Local\CRE\eibleipkbineaadpnemmalkahodjhdbd.crx [2013-10-09] CHR HKLM-x32\...\Chrome\Extension: [eibleipkbineaadpnemmalkahodjhdbd] - C:\Users\Tony\AppData\Local\CRE\eibleipkbineaadpnemmalkahodjhdbd.crx [2013-10-09] CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] ==================== Services (Whitelisted) ================= R2 Ds3Service; C:\XInput-Wrapper-SCP-2.2.1.88\ScpServer\bin\ScpService.exe [388352 2013-05-05] (Scarlet.Crush Productions) R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1761584 2013-09-17] () S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [56704 2012-09-11] (ASUS Corporation) S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [43456 2014-02-16] (http://libusb-win32.sourceforge.net) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-20] (Malwarebytes Corporation) R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions) R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-20 14:30 - 2014-07-20 14:31 - 00021495 _____ () C:\Users\Tony\Desktop\FRST.txt 2014-07-20 14:30 - 2014-07-20 14:30 - 00000000 ____D () C:\FRST 2014-07-20 14:25 - 2014-07-20 14:25 - 02089984 _____ (Farbar) C:\Users\Tony\Desktop\FRST64.exe 2014-07-20 14:25 - 2014-07-20 14:25 - 00017906 _____ () C:\Users\Tony\Desktop\W8T1o6Kd.htm 2014-07-20 13:42 - 2014-07-20 13:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Tony\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-18 17:37 - 2014-07-18 17:39 - 00000000 ____D () C:\Users\Tony\Desktop\games 'n' stuff 2014-07-17 19:45 - 2014-07-17 19:49 - 698992994 _____ () C:\Users\Tony\Downloads\Otaku's Dream Mix 1.zip 2014-07-17 17:19 - 2014-07-20 13:45 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-17 17:19 - 2014-07-20 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-17 17:19 - 2014-07-20 13:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-17 17:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-17 17:19 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-17 12:46 - 2014-07-17 12:46 - 00018370 _____ () C:\Users\Tony\Downloads\User.ini 2014-07-13 22:46 - 2014-07-13 22:48 - 00000000 ____D () C:\Users\Tony\Documents\GTA San Andreas User Files 2014-07-13 22:45 - 2014-07-13 22:45 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-07-13 22:35 - 2014-07-13 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2014-07-13 22:35 - 2014-07-13 22:35 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games 2014-07-10 10:28 - 2014-07-10 10:28 - 00000000 ____D () C:\Users\Tony\Documents\streumon 2014-07-08 18:27 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-08 18:27 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-08 18:27 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-08 18:27 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-08 18:27 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-08 18:27 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-08 18:27 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-08 18:27 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-08 18:27 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-08 18:27 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-08 18:27 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-08 18:27 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-08 18:27 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-08 18:27 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-08 18:27 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-08 18:27 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-08 18:27 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-08 18:27 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-08 18:27 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-08 18:27 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-08 18:27 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-08 18:27 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-08 18:27 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-08 18:27 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-08 18:27 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-08 18:27 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-08 18:27 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-08 18:27 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-08 18:27 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-08 18:27 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-08 18:27 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-08 18:27 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-08 18:27 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-08 18:27 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-08 18:27 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-08 18:27 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-08 18:27 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-08 18:27 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-08 18:27 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-08 18:27 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-08 18:27 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-08 18:27 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-08 18:27 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-08 18:27 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-08 18:27 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-08 18:27 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-08 18:27 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-08 18:27 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-08 18:27 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-08 18:27 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-08 18:27 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-08 18:27 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-08 18:27 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-08 18:27 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-08 18:27 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-08 18:27 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-08 18:24 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-08 18:24 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-08 18:24 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-08 18:24 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-08 18:24 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-08 18:24 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-08 18:24 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-08 18:24 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-08 18:24 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-08 18:24 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-08 18:24 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-08 18:24 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-08 18:24 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-08 18:24 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-08 18:24 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-08 18:24 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-08 18:24 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-08 18:24 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-08 18:24 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-08 18:24 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-08 18:24 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-08 18:24 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-08 18:19 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-08 18:19 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-08 18:19 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-06-30 20:02 - 2014-06-30 20:02 - 00000000 ____D () C:\Users\Tony\Documents\Tribute Games 2014-06-26 16:48 - 2014-06-26 16:48 - 00279968 _____ () C:\Windows\Minidump\062614-22588-01.dmp 2014-06-20 20:40 - 2014-07-12 17:29 - 00000000 ____D () C:\Users\Tony\AppData\Local\nuclearthrone ==================== One Month Modified Files and Folders ======= 2014-07-20 14:31 - 2014-07-20 14:30 - 00021495 _____ () C:\Users\Tony\Desktop\FRST.txt 2014-07-20 14:30 - 2014-07-20 14:30 - 00000000 ____D () C:\FRST 2014-07-20 14:26 - 2013-09-05 17:56 - 01890039 _____ () C:\Windows\WindowsUpdate.log 2014-07-20 14:25 - 2014-07-20 14:25 - 02089984 _____ (Farbar) C:\Users\Tony\Desktop\FRST64.exe 2014-07-20 14:25 - 2014-07-20 14:25 - 00017906 _____ () C:\Users\Tony\Desktop\W8T1o6Kd.htm 2014-07-20 13:45 - 2014-07-17 17:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-20 13:43 - 2014-07-17 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-20 13:43 - 2014-07-17 17:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-20 13:43 - 2014-01-12 13:54 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-20 13:42 - 2014-07-20 13:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Tony\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-20 13:35 - 2013-09-09 08:49 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-20 13:06 - 2013-09-08 20:32 - 00128071 _____ () C:\Windows\setupact.log 2014-07-20 12:40 - 2013-10-20 12:13 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-20 12:40 - 2013-09-29 10:31 - 00000000 ____D () C:\Users\Tony\Documents\My Games 2014-07-20 09:35 - 2013-09-09 08:49 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-18 17:39 - 2014-07-18 17:37 - 00000000 ____D () C:\Users\Tony\Desktop\games 'n' stuff 2014-07-18 14:55 - 2013-10-25 17:32 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\foobar2000 2014-07-18 13:59 - 2013-09-09 08:50 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-07-18 03:00 - 2013-10-13 19:59 - 00000000 ____D () C:\ProgramData\Skype 2014-07-17 19:49 - 2014-07-17 19:45 - 698992994 _____ () C:\Users\Tony\Downloads\Otaku's Dream Mix 1.zip 2014-07-17 19:35 - 2014-03-31 20:26 - 00000000 ____D () C:\Users\Tony\Desktop\Stepmania 3.95 2014-07-17 18:41 - 2013-10-13 20:01 - 00000000 ____D () C:\Users\Tony\AppData\Local\WordOv 2014-07-17 18:41 - 2013-10-13 20:01 - 00000000 ____D () C:\Program Files (x86)\SweetPacks_A5 2014-07-17 17:19 - 2014-01-12 13:55 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Malwarebytes 2014-07-17 17:19 - 2014-01-12 13:54 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-17 17:19 - 2014-01-12 13:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-07-17 12:46 - 2014-07-17 12:46 - 00018370 _____ () C:\Users\Tony\Downloads\User.ini 2014-07-16 12:44 - 2013-09-09 08:50 - 00003334 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3989734936-3346916331-944819991-1000 2014-07-16 12:44 - 2013-09-09 08:50 - 00003198 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3989734936-3346916331-944819991-1000 2014-07-13 22:48 - 2014-07-13 22:46 - 00000000 ____D () C:\Users\Tony\Documents\GTA San Andreas User Files 2014-07-13 22:45 - 2014-07-13 22:45 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-07-13 22:35 - 2014-07-13 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2014-07-13 22:35 - 2014-07-13 22:35 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games 2014-07-13 22:35 - 2013-09-08 20:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-12 17:29 - 2014-06-20 20:40 - 00000000 ____D () C:\Users\Tony\AppData\Local\nuclearthrone 2014-07-11 03:18 - 2009-07-14 00:45 - 00020416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-11 03:18 - 2009-07-14 00:45 - 00020416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-10 10:37 - 2013-09-09 18:46 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-07-10 10:37 - 2013-09-09 18:46 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-07-10 10:28 - 2014-07-10 10:28 - 00000000 ____D () C:\Users\Tony\Documents\streumon 2014-07-10 07:36 - 2013-10-13 20:01 - 00000000 ____D () C:\Program Files (x86)\SearchProtect 2014-07-09 12:52 - 2013-10-13 20:00 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Skype 2014-07-09 12:48 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-09 12:43 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-09 12:43 - 2009-07-14 00:45 - 00275712 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-09 12:41 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-09 12:41 - 2009-07-14 03:46 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-09 12:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-09 12:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-09 12:13 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-09 08:24 - 2013-09-09 19:18 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-09 08:22 - 2013-09-09 19:18 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-30 20:02 - 2014-06-30 20:02 - 00000000 ____D () C:\Users\Tony\Documents\Tribute Games 2014-06-30 20:02 - 2013-10-31 14:02 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2014-06-30 20:02 - 2013-10-31 14:02 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2014-06-30 20:02 - 2013-10-31 14:02 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2014-06-30 20:02 - 2013-10-31 14:02 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2014-06-29 22:09 - 2014-07-08 18:24 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-29 22:04 - 2014-07-08 18:24 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-28 16:28 - 2014-06-01 21:07 - 00000000 ____D () C:\Users\Tony\Documents\My Kindle Content 2014-06-26 16:48 - 2014-06-26 16:48 - 00279968 _____ () C:\Windows\Minidump\062614-22588-01.dmp 2014-06-26 16:48 - 2013-12-03 16:32 - 00000000 ____D () C:\Windows\Minidump 2014-06-26 16:47 - 2013-12-03 16:32 - 511476772 _____ () C:\Windows\MEMORY.DMP 2014-06-26 16:47 - 2013-09-08 20:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-21 20:49 - 2013-09-09 18:56 - 00117001 _____ () C:\Windows\DirectX.log 2014-06-20 16:14 - 2014-07-08 18:27 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-06-20 15:39 - 2014-07-08 18:27 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll Some content of TEMP: ==================== C:\Users\Tony\AppData\Local\Temp\BingBarSetup-Partner.exe C:\Users\Tony\AppData\Local\Temp\Core.dll C:\Users\Tony\AppData\Local\Temp\ICReinstall_Audacity_setup.exe C:\Users\Tony\AppData\Local\Temp\ICReinstall_BitlordSetup.exe C:\Users\Tony\AppData\Local\Temp\mgsqlite3.dll C:\Users\Tony\AppData\Local\Temp\nsj78F5.exe C:\Users\Tony\AppData\Local\Temp\nso6EB5.exe C:\Users\Tony\AppData\Local\Temp\nstC03E.exe C:\Users\Tony\AppData\Local\Temp\nsy1B7A.exe C:\Users\Tony\AppData\Local\Temp\nsy41DB.exe C:\Users\Tony\AppData\Local\Temp\nsy4A66.exe C:\Users\Tony\AppData\Local\Temp\SecondStepInstaller.exe C:\Users\Tony\AppData\Local\Temp\Setup.exe C:\Users\Tony\AppData\Local\Temp\Shortcut_IMsetup.exe C:\Users\Tony\AppData\Local\Temp\SPSetup.exe C:\Users\Tony\AppData\Local\Temp\SPStub.exe C:\Users\Tony\AppData\Local\Temp\SweetIMInstallValidator.exe C:\Users\Tony\AppData\Local\Temp\swt-win32-3349.dll C:\Users\Tony\AppData\Local\Temp\Window.dll C:\Users\Tony\AppData\Local\Temp\WSSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-08 06:55 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-07-2014 Ran by Tony at 2014-07-20 14:31:41 Running from C:\Users\Tony\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== 1001 Spikes (HKLM-x32\...\Steam App 260790) (Version: - Nicalis, Inc.) 140 (HKLM-x32\...\Steam App 242820) (Version: - Carlsen Games) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated) Alien Swarm (HKLM-x32\...\Steam App 630) (Version: - Valve) Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon) Antichamber (HKLM-x32\...\Steam App 219890) (Version: - Alexander Bruce) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.32 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0020 - ASUS) Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team) Audiosurf 2 - Beta (HKLM-x32\...\{DDA55E82-39A4-4692-999D-4B2A363241CE}_is1) (Version: - ) Bastion (HKLM-x32\...\Steam App 107100) (Version: - Supergiant Games) Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) calibre (HKLM-x32\...\{8C31E86B-2A66-40E8-BF47-32A25D65DB12}) (Version: 1.15.0 - Kovid Goyal) Cargo Commander (HKLM-x32\...\Steam App 220460) (Version: - Serious Brew) Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth) Cave Story+ (HKLM-x32\...\Steam App 200900) (Version: - Nicalis) Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios) Chivalry: Medieval Warfare Beta (HKLM-x32\...\Steam App 232210) (Version: - ) Comical 0.8 (HKLM-x32\...\Comical_is1) (Version: - James Athey) Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment) Drunken Robot Pornography 1.0 (HKLM-x32\...\Drunken Robot Pornography 1.0) (Version: 1.0 - Cat-A-Cat) DuckTales Remastered (HKLM-x32\...\RHVja1RhbGVzUmVtYXN0ZXJlZA==_is1) (Version: 1 - ) Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version: - AMPLITUDE Studios) Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version: - Humble Hearts LLC) Dustforce (HKLM-x32\...\Steam App 65300) (Version: - Hitbox Team) E.Y.E: Divine Cybermancy (HKLM-x32\...\Steam App 91700) (Version: - Streum On Studio) Electronic Super Joy (HKLM-x32\...\Steam App 244870) (Version: - Michael Todd Games) Element4l (HKLM-x32\...\Steam App 235820) (Version: - I-Illusions) foobar2000 v1.2.9 (HKLM-x32\...\foobar2000) (Version: 1.2.9 - Peter Pawlowski) FTL version 1.03.3 (HKLM-x32\...\{20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1) (Version: 1.03.3 - Subset Games) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden GTA San Andreas (HKLM-x32\...\{E0303B6A-C675-4102-95DA-C013625BFA99}) (Version: 1.00.00001 - Rockstar Games) Half-Life (HKLM-x32\...\Steam App 70) (Version: - Valve) Hotline Miami (HKLM-x32\...\GOGPACKHOTLINEMIAMI_is1) (Version: 2.0.0.4 - GOG.com) IB Updater Service (HKLM-x32\...\WNLT) (Version: 4.0.7.6 - ) <==== ATTENTION ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel PROSet Wireless (Version: - ) Hidden Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3257 - Intel Corporation) Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0083 - Intel Corporation) Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0708 - Intel Corporation) Jamestown (HKLM-x32\...\Steam App 94200) (Version: - Final Form Games) Java 7 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.400 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive) League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games) League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) Lone Survivor: The Director's Cut (HKLM-x32\...\Steam App 209830) (Version: - Jasper Byrne) Magicite (HKLM-x32\...\Steam App 268750) (Version: - SmashGames) Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios) Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Mercenary Kings (HKLM-x32\...\Steam App 218820) (Version: - Tribute Games Inc.) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MPC-HC 1.7.3 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.3 - MPC-HC Team) Mutant Mudds Deluxe (HKLM-x32\...\Steam App 247370) (Version: - Renegade Kid) My Game Long Name (HKLM\...\UDK-8db7e1ad-85d8-4840-a57b-1d93719367e6) (Version: - Epic Games, Inc.) Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof) Nuclear Throne (HKLM-x32\...\Steam App 242680) (Version: - Vlambeer) NVIDIA PhysX (HKLM-x32\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Painkiller Black Edition version 0.0.0.9 (HKLM-x32\...\Painkiller Black Edition_is1) (Version: 0.0.0.9 - WaLMaRT) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.) Quake Live (HKLM-x32\...\Quake Live) (Version: - id Software) Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros) Race The Sun (HKLM-x32\...\Steam App 253030) (Version: - Flippfly LLC) RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - ) Scoregasm (HKLM-x32\...\Steam App 202410) (Version: - RC Knight) Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.15.13.48 - Client Connect LTD) <==== ATTENTION Serious Sam: The First Encounter (HKLM-x32\...\{815050E5-F545-11D4-9569-004095812ACC}) (Version: - ) Shelter (HKLM-x32\...\Steam App 244710) (Version: - Might and Delight) Skullgirls (HKLM-x32\...\Skullgirls_is1) (Version: - ) Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.) Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform) State of Decay (HKLM-x32\...\Steam App 241540) (Version: - Undead Labs) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) StepMania v5.0 beta 2a (remove only) (HKLM-x32\...\StepMania 5) (Version: - StepMania Team) Super Amazing Wagon Adventure (HKLM-x32\...\Steam App 250500) (Version: - sparsevector) Super House of Dead Ninjas (HKLM-x32\...\Steam App 224820) (Version: - Megadev) Super House of Dead Ninjas v0.8.7 incl. True Ninja Pack (HKLM-x32\...\U3VwZXJIb3VzZW9mRGVhZE5pbmphc3YwODdpbmNsVHJ1ZU5p~01254CA9_is1) (Version: 1 - ) SweetPacks A5 Toolbar for IE (HKLM-x32\...\IECT3314312) (Version: 6.17.0.33 - SweetPacks A5) <==== ATTENTION Terraria v1.2.0.2 cracked-KEBAB (HKLM-x32\...\{A1264D7F-CEF6-4033-8F9D-3E27392E3627}) (Version: 1.2.0.2 - KEBAB) The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version: - Telltale Games) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS) USB GamePad (HKLM-x32\...\{B8CDAD75-96FB-48A5-A2AE-6515DDEB7BFA}) (Version: 3.85 - My Company Name) Vampire - The Masquerade Bloodlines (HKLM-x32\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision) Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000 - Activision) Hidden VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes) Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes) Windows Driver Package - ASUS (ATP) Mouse (08/27/2012 1.0.0.125) (HKLM\...\2BD897DEE9289F769D9176245811D5330A360B0B) (Version: 08/27/2012 1.0.0.125 - ASUS) WinImage (HKLM-x32\...\WinImage) (Version: - ) WordOv (HKCU\...\WordOv) (Version: 3 - wordoverview.com) ==================== Restore Points ========================= 17-07-2014 07:00:10 Windows Update 18-07-2014 07:00:11 Windows Update ==================== Hosts content: ========================== 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {015BF913-CFBA-4200-BF73-051B1B718E47} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-06-20] (ASUSTeK Computer Inc.) Task: {41AEAF5C-E25F-4C1C-A6D9-86CDA70D8881} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-09] (Google Inc.) Task: {51D423BB-AEA0-44FF-AA91-39D5D8BBAC8B} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25] (ASUSTek Computer Inc.) Task: {89738C1F-1E83-43A5-A053-11889FD45E29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-09] (Google Inc.) Task: {D592A8DB-C898-4E56-8264-45A80FF25C88} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3989734936-3346916331-944819991-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {D7C9A2BF-7082-42FA-90BF-19E44F936281} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3989734936-3346916331-944819991-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {EF693A16-35A3-476D-87B1-28F7D54F9D54} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2013-03-21] () Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-10-13 20:00 - 2013-09-17 13:25 - 01761584 _____ () C:\Windows\system32\dmwu.exe 2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe 2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-09-17 13:25 - 2013-09-17 13:25 - 00415024 ____N () C:\Windows\SysWOW64\jmdp\stij.exe 2013-09-17 13:25 - 2013-09-17 13:25 - 00473392 _____ () C:\Windows\System32\ljkb\stij.exe 2013-09-17 13:25 - 2013-09-17 13:25 - 01321472 _____ () C:\Windows\System32\ljkb\lmrn.dll 2013-09-17 13:23 - 2013-09-17 13:23 - 01062912 ____N () C:\Windows\SysWOW64\jmdp\lmrn.dll 2014-05-24 09:32 - 2014-07-11 20:53 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll 2014-04-23 10:06 - 2014-07-11 20:53 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll 2014-05-24 09:32 - 2014-07-11 20:53 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll 2014-01-10 16:46 - 2014-07-11 20:53 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll 2013-08-21 14:18 - 2014-06-26 18:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2014-05-24 09:32 - 2014-07-15 22:28 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll 2014-05-24 09:32 - 2014-04-28 20:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll 2013-10-08 18:19 - 2014-07-15 22:28 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2013-09-10 14:20 - 2014-05-01 19:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2014-06-18 08:42 - 2014-06-18 08:42 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-01-05 17:37 - 2014-01-05 17:37 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= Name: Universal Serial Bus (USB) Controller Description: Universal Serial Bus (USB) Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: SM Bus Controller Description: SM Bus Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/20/2014 08:00:53 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mpc-hc64.exe, version: 1.7.3.0, time stamp: 0x52ee6a9e Faulting module name: mpc-hc64.exe, version: 1.7.3.0, time stamp: 0x52ee6a9e Exception code: 0xc0000005 Fault offset: 0x00000000002421b2 Faulting process id: 0x186d74 Faulting application start time: 0xmpc-hc64.exe0 Faulting application path: mpc-hc64.exe1 Faulting module path: mpc-hc64.exe2 Report Id: mpc-hc64.exe3 Error: (07/18/2014 03:01:01 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi Error: (07/18/2014 03:00:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddWin32ServiceFiles: Unable to back up image of service Search Protect Service since QueryServiceConfig API failed System Error: The system cannot find the file specified. . Error: (07/17/2014 11:54:43 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (07/17/2014 03:00:59 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi Error: (07/16/2014 07:23:03 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mpc-hc64.exe, version: 1.7.3.0, time stamp: 0x52ee6a9e Faulting module name: mpc-hc64.exe, version: 1.7.3.0, time stamp: 0x52ee6a9e Exception code: 0xc0000005 Fault offset: 0x000000000019f6d3 Faulting process id: 0x8207c Faulting application start time: 0xmpc-hc64.exe0 Faulting application path: mpc-hc64.exe1 Faulting module path: mpc-hc64.exe2 Report Id: mpc-hc64.exe3 Error: (07/15/2014 05:01:03 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (07/15/2014 03:00:59 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi Error: (07/12/2014 06:24:34 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi Error: (07/12/2014 02:02:10 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (07/20/2014 01:30:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PlugPlay service. Error: (07/18/2014 04:31:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Steam Client Service service failed to start due to the following error: %%1053 Error: (07/18/2014 04:31:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error: (07/18/2014 03:01:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Skype for Windows desktop 6.11 (KB2876229). Error: (07/17/2014 03:01:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Skype for Windows desktop 6.11 (KB2876229). Error: (07/15/2014 08:22:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Steam Client Service service failed to start due to the following error: %%1053 Error: (07/15/2014 08:22:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error: (07/15/2014 03:01:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Skype for Windows desktop 6.11 (KB2876229). Error: (07/13/2014 01:33:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. Error: (07/12/2014 06:25:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Skype for Windows desktop 6.11 (KB2876229). Microsoft Office Sessions: ========================= Error: (07/20/2014 08:00:53 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: mpc-hc64.exe1.7.3.052ee6a9empc-hc64.exe1.7.3.052ee6a9ec000000500000000002421b2186d7401cfa354ccfca87bC:\Program Files\MPC-HC\mpc-hc64.exeC:\Program Files\MPC-HC\mpc-hc64.exe7f575593-1005-11e4-89b7-08606e0243df Error: (07/18/2014 03:01:01 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/18/2014 03:00:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddWin32ServiceFiles: Unable to back up image of service Search Protect Service since QueryServiceConfig API failed System Error: The system cannot find the file specified. Error: (07/17/2014 11:54:43 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Users\Tony\Downloads\vcredist_arm.exe Error: (07/17/2014 03:00:59 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/16/2014 07:23:03 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: mpc-hc64.exe1.7.3.052ee6a9empc-hc64.exe1.7.3.052ee6a9ec0000005000000000019f6d38207c01cfa08a8ddaff5fC:\Program Files\MPC-HC\mpc-hc64.exeC:\Program Files\MPC-HC\mpc-hc64.exe8c905180-0cdb-11e4-89b7-08606e0243df Error: (07/15/2014 05:01:03 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe Error: (07/15/2014 03:00:59 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/12/2014 06:24:34 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/12/2014 02:02:10 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe ==================== Memory info =========================== Percentage of memory in use: 63% Total physical RAM: 3981.68 MB Available physical RAM: 1450.61 MB Total Pagefile: 7961.53 MB Available Pagefile: 4680.03 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:328.8 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: DAAD3D47) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ==================== End Of Log ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.