Jump to content

Update issue


Recommended Posts

Hey all, I've been using Malwarebytes for quite some time now, and this is my first time encountering any type of problem with it. I tried the clean uninstall / reinstall with no success. It won't even begin scanning before it says that the program has stopped working.

I've been doing some research here on the forums and saw that diagnostic logs are a good way to find the cause of the error...so here are mine.. I will also attach the mbam-check log...I'm a bit of a noob with all of this so hopefully I've done it correctly...

 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by HP (administrator) on HP-ELITE on 05-07-2014 13:19:00
Running from C:\Users\HP\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files\pcreg\pcreg.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [beatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2011-08-24] (Hewlett-Packard )
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2345848 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [134416 2007-04-11] (Logitech Inc.)
HKLM\...\Run: [pcreg] => C:\Program Files\pcreg\service.exe [89816 2014-06-01] ()
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291096 2011-12-05] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [fst_us_113] => [X]
HKLM-x32\...\Run: [t4pc_en_6] => [X]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-4135122001-3849731273-3069520198-1000\...\Run: [GoogleChromeAutoLaunch_AF07ADB424B82216064A05A2CAB71EA4] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-4135122001-3849731273-3069520198-1000\...\Run: [GetNowUpdater] => "C:\Users\HP\AppData\Roaming\GetNowUpdater\update.0\bin\GetNowUpdater.exe" /autoupdate
HKU\S-1-5-21-4135122001-3849731273-3069520198-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-4135122001-3849731273-3069520198-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4135122001-3849731273-3069520198-1000\...\MountPoints2: K - K:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4135122001-3849731273-3069520198-1000\...\MountPoints2: {130b5a50-4e1f-11e2-8d85-806e6f6e6963} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4135122001-3849731273-3069520198-1000\...\MountPoints2: {130b5a8d-4e1f-11e2-8d85-446d57853d5b} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4135122001-3849731273-3069520198-1000\...\MountPoints2: {5df4381c-c8c3-11e2-8ee8-446d57853d5b} - K:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4135122001-3849731273-3069520198-1000\...\MountPoints2: {63cf54f1-613c-11e2-ab5c-446d57853d5b} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4135122001-3849731273-3069520198-1000\...\MountPoints2: {c4020ac7-8326-11e2-8c8f-446d57853d5b} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4135122001-3849731273-3069520198-1000\...\MountPoints2: {e7643abc-4ad9-11e2-9daf-446d57853d5b} - J:\HTC_Sync_Manager_PC.exe
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
ShellIconOverlayIdentifiers: 4SyncIconOverlayEnable -> {CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} => C:\PROGRA~2\4Sync\ShellExt.dll No File
ShellIconOverlayIdentifiers: 4SyncIconOverlayError -> {C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} => C:\PROGRA~2\4Sync\ShellExt.dll No File
ShellIconOverlayIdentifiers: 4SyncIconOverlayOk -> {2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} => C:\PROGRA~2\4Sync\ShellExt.dll No File
ShellIconOverlayIdentifiers: 4SyncIconOverlayUpdate -> {C72C6188-BEF2-46E5-A89A-52F0ED75219E} => C:\PROGRA~2\4Sync\ShellExt.dll No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4FA754BDA16ACD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {F2C7AC5C-B9C3-44BA-B644-A73511ED08E3} URL = http://www.mysearchresults.com/search?&c=2646&t=03&q={searchTerms}
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Hosts: 54.221.22.25 epjpfmkiegfpfhiaohimeiamofnpdkgj
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: electronicarts.com/GameFacePlugin - C:\Users\HP\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-05-08]
 
Chrome: 
=======
CHR HomePage: hxxp://verizon.yahoo.com/
CHR StartupUrls: "hxxp://verizon.yahoo.com/"
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Google Wallet) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\HP\AppData\Local\speedial.crx [2013-08-21]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\HP\AppData\Local\mysearchdial-speeddial.crx [2013-08-21]
CHR HKCU\...\Chrome\Extension: [jeedhehdfjahfpjhaedmaohbfcdkoolg] - C:\Users\HP\AppData\Local\CRE\jeedhehdfjahfpjhaedmaohbfcdkoolg.crx [2013-01-16]
CHR HKLM-x32\...\Chrome\Extension: [jeedhehdfjahfpjhaedmaohbfcdkoolg] - C:\Users\HP\AppData\Local\CRE\jeedhehdfjahfpjhaedmaohbfcdkoolg.crx [2013-01-16]
 
==================== Services (Whitelisted) =================
 
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244720 2012-02-08] (CyberLink)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-07-16] (Nero AG)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-04-10] (Intel Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] () [File not signed]
R2 pcregservice; C:\Program Files\pcreg\pcreg.exe [249024 2014-04-25] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-07-31] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-02-20] (Razer, Inc.)
S2 Stereo Service; "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R1 MpKsl37c42c89; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A14E5922-42E0-4ED6-AFF7-6A7702EF9666}\MpKsl37c42c89.sys [45352 2014-07-05] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-02-20] (Razer, Inc.)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-14] (Razer Inc)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2014-02-20] (Razer, Inc.)
S3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [34984 2013-11-14] (Razer Inc)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-05 13:19 - 2014-07-05 13:19 - 00019255 _____ () C:\Users\HP\Downloads\FRST.txt
2014-07-05 13:18 - 2014-07-05 13:19 - 00000000 ____D () C:\FRST
2014-07-05 13:18 - 2014-07-05 13:18 - 02084352 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe
2014-07-05 13:07 - 2014-07-05 13:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 13:05 - 2014-07-05 13:05 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-05 13:05 - 2014-07-05 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-05 13:05 - 2014-07-05 13:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-05 13:05 - 2014-07-05 13:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-05 13:05 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-05 13:05 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-05 13:05 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-05 13:04 - 2014-07-05 13:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-07-05 13:01 - 2014-07-05 13:01 - 00321848 _____ (Malwarebytes Corporation) C:\Users\HP\Downloads\mbam-clean-2.1.1.1001.exe
2014-07-05 12:41 - 2014-07-05 12:41 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-05 12:35 - 2014-07-05 12:35 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-27 14:36 - 2014-06-26 10:34 - 00464160 _____ (Sendori) C:\Windows\system32\Sendori64.dll
2014-06-22 21:28 - 2014-06-22 21:28 - 697332780 _____ () C:\Users\HP\Downloads\MY FAVORITE PAWG IN LEGGINGS EVER!.mp4
2014-06-22 11:36 - 2014-06-22 11:36 - 00000000 ____D () C:\Users\HP\AppData\Local\Adobe
2014-06-20 12:09 - 2014-06-20 12:09 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-20 12:07 - 2014-06-20 12:07 - 00000000 ____D () C:\ProgramData\374311380
2014-06-20 12:05 - 2014-06-20 12:05 - 00003120 _____ () C:\Windows\System32\Tasks\{D0DAF671-2131-436B-9814-AC88968BB3A4}
2014-06-20 12:04 - 2014-06-20 12:06 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-20 12:04 - 2014-06-20 12:04 - 00000000 ____D () C:\Users\HP\AppData\Local\globalUpdate
2014-06-20 12:04 - 2014-06-20 12:04 - 00000000 ____D () C:\Users\HP\AppData\Local\com
2014-06-20 12:03 - 2014-06-20 12:03 - 01390920 _____ () C:\Users\HP\Downloads\Setup.exe
2014-06-20 12:03 - 2014-06-20 12:03 - 01390920 _____ () C:\Users\HP\Downloads\Setup (1).exe
2014-06-20 07:01 - 2014-06-20 07:01 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8c9028ba18b0.job
2014-06-17 22:18 - 2014-06-17 22:18 - 00000003 _____ () C:\Users\HP\AppData\Local\proxy.log
2014-06-12 22:34 - 2014-06-12 22:34 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Oracle
2014-06-12 22:33 - 2014-06-12 22:33 - 00005499 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-12 22:33 - 2014-06-12 22:33 - 00000000 ____D () C:\Windows\Sun
2014-06-12 22:33 - 2014-06-12 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-12 22:19 - 2014-06-12 22:19 - 00284224 _____ (Mozilla) C:\Users\HP\Downloads\Firefox Setup Stub 30.0.exe
2014-06-11 15:24 - 2014-05-28 11:53 - 17857536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 15:24 - 2014-05-28 11:37 - 02338816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 15:24 - 2014-05-28 11:35 - 10890240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 15:24 - 2014-05-28 11:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 15:24 - 2014-05-28 11:31 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 15:24 - 2014-05-28 11:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 15:24 - 2014-05-28 11:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-11 15:24 - 2014-05-28 11:29 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 15:24 - 2014-05-28 11:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-11 15:24 - 2014-05-28 11:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 15:24 - 2014-05-28 11:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 15:24 - 2014-05-28 11:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 15:24 - 2014-05-28 11:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 15:24 - 2014-05-28 11:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 15:24 - 2014-05-28 11:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 15:24 - 2014-05-28 11:28 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 15:24 - 2014-05-28 11:28 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 15:24 - 2014-05-28 11:28 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-11 15:24 - 2014-05-28 11:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-11 15:24 - 2014-05-28 11:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-11 15:24 - 2014-05-28 11:27 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 15:24 - 2014-05-28 09:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 15:24 - 2014-05-28 09:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 15:24 - 2014-05-28 09:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 15:24 - 2014-05-28 09:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 15:24 - 2014-05-28 09:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 15:24 - 2014-05-28 09:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 15:24 - 2014-05-28 09:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-11 15:24 - 2014-05-28 09:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 15:24 - 2014-05-28 09:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 15:24 - 2014-05-28 09:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-11 15:24 - 2014-05-28 09:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 15:24 - 2014-05-28 09:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 15:24 - 2014-05-28 09:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 15:24 - 2014-05-28 09:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 15:24 - 2014-05-28 09:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-11 15:24 - 2014-05-28 09:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 15:24 - 2014-05-28 09:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 15:24 - 2014-05-28 09:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 15:24 - 2014-05-28 09:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-11 15:24 - 2014-05-28 09:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-11 15:24 - 2014-05-28 09:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 15:24 - 2014-05-08 02:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 15:24 - 2014-05-08 02:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 15:24 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 15:24 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 15:24 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 15:24 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 15:24 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 15:24 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 15:24 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 15:24 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 15:24 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 15:24 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 15:24 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 15:24 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 15:24 - 2013-11-26 04:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
 
==================== One Month Modified Files and Folders =======
 
2014-07-05 13:19 - 2014-07-05 13:19 - 00019255 _____ () C:\Users\HP\Downloads\FRST.txt
2014-07-05 13:19 - 2014-07-05 13:18 - 00000000 ____D () C:\FRST
2014-07-05 13:18 - 2014-07-05 13:18 - 02084352 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe
2014-07-05 13:14 - 2014-07-05 13:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 13:13 - 2009-07-13 21:45 - 00015136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-05 13:13 - 2009-07-13 21:45 - 00015136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-05 13:12 - 2009-07-13 22:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-05 13:11 - 2014-04-29 00:40 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-05 13:09 - 2012-07-25 12:15 - 01803505 ____N () C:\Windows\WindowsUpdate.log
2014-07-05 13:06 - 2013-02-28 11:44 - 00000000 ____D () C:\Users\HP\AppData\Local\HTC MediaHub
2014-07-05 13:06 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-05 13:05 - 2014-07-05 13:05 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-05 13:05 - 2014-07-05 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-05 13:05 - 2014-07-05 13:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-05 13:05 - 2014-07-05 13:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-05 13:04 - 2014-07-05 13:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-07-05 13:01 - 2014-07-05 13:01 - 00321848 _____ (Malwarebytes Corporation) C:\Users\HP\Downloads\mbam-clean-2.1.1.1001.exe
2014-07-05 12:50 - 2012-07-25 14:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-05 12:49 - 2014-05-14 22:48 - 00000280 _____ () C:\Windows\Tasks\MySearchDial.job
2014-07-05 12:41 - 2014-07-05 12:41 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-05 12:38 - 2012-07-25 12:16 - 00000000 ____D () C:\Users\HP
2014-07-05 12:35 - 2014-07-05 12:35 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-05 12:32 - 2012-07-25 22:33 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-05 12:29 - 2014-05-08 19:25 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-07-05 11:58 - 2014-03-09 21:21 - 00000000 ____D () C:\Users\HP\AppData\Local\Battle.net
2014-06-26 10:34 - 2014-06-27 14:36 - 00464160 _____ (Sendori) C:\Windows\system32\Sendori64.dll
2014-06-25 19:27 - 2014-03-09 21:21 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-22 21:28 - 2014-06-22 21:28 - 697332780 _____ () C:\Users\HP\Downloads\MY FAVORITE PAWG IN LEGGINGS EVER!.mp4
2014-06-22 11:36 - 2014-06-22 11:36 - 00000000 ____D () C:\Users\HP\AppData\Local\Adobe
2014-06-20 12:09 - 2014-06-20 12:09 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-20 12:07 - 2014-06-20 12:07 - 00000000 ____D () C:\ProgramData\374311380
2014-06-20 12:07 - 2013-01-22 12:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-20 12:06 - 2014-06-20 12:04 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-20 12:05 - 2014-06-20 12:05 - 00003120 _____ () C:\Windows\System32\Tasks\{D0DAF671-2131-436B-9814-AC88968BB3A4}
2014-06-20 12:04 - 2014-06-20 12:04 - 00000000 ____D () C:\Users\HP\AppData\Local\globalUpdate
2014-06-20 12:04 - 2014-06-20 12:04 - 00000000 ____D () C:\Users\HP\AppData\Local\com
2014-06-20 12:04 - 2013-12-04 23:33 - 00000000 _____ () C:\END
2014-06-20 12:04 - 2012-07-25 13:33 - 00000000 ____D () C:\ProgramData\Temp
2014-06-20 12:03 - 2014-06-20 12:03 - 01390920 _____ () C:\Users\HP\Downloads\Setup.exe
2014-06-20 12:03 - 2014-06-20 12:03 - 01390920 _____ () C:\Users\HP\Downloads\Setup (1).exe
2014-06-20 07:01 - 2014-06-20 07:01 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8c9028ba18b0.job
2014-06-18 15:12 - 2014-05-05 12:46 - 00000000 ____D () C:\Program Files (x86)\Bench
2014-06-17 22:18 - 2014-06-17 22:18 - 00000003 _____ () C:\Users\HP\AppData\Local\proxy.log
2014-06-17 22:18 - 2012-09-27 00:24 - 00000000 ____D () C:\temp
2014-06-17 22:18 - 2009-07-13 22:08 - 00032570 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-13 08:53 - 2014-06-01 15:32 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-12 22:34 - 2014-06-12 22:34 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Oracle
2014-06-12 22:33 - 2014-06-12 22:33 - 00005499 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-12 22:33 - 2014-06-12 22:33 - 00000000 ____D () C:\Windows\Sun
2014-06-12 22:33 - 2014-06-12 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-12 22:33 - 2013-12-04 23:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-12 22:33 - 2013-03-27 21:16 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-12 22:28 - 2012-07-25 14:01 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-12 22:28 - 2012-07-25 14:01 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-12 22:28 - 2012-07-25 14:01 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 22:19 - 2014-06-12 22:19 - 00284224 _____ (Mozilla) C:\Users\HP\Downloads\Firefox Setup Stub 30.0.exe
2014-06-12 03:02 - 2013-08-15 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 03:01 - 2012-07-25 12:53 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-28 00:20
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by HP at 2014-07-05 13:20:09
Running from C:\Users\HP\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CPUID CPU-Z 1.61.3 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
EA SPORTS Game Face Browser Plugin 1.5.3.0 (HKCU\...\EA SPORTS Game Face Browser Plugin) (Version: 1.5.3.0 - Electronic Arts)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FL Studio 9 (HKLM-x32\...\FL Studio 9) (Version:  - Image-Line)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Hardcore (HKLM-x32\...\Hardcore) (Version:  - Image-Line)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
MAGIX Goya burnR (MSI) (Version: 4.3.1.6 - MAGIX AG) Hidden
MAGIX Music Maker 2013 (Version: 19.0.0.29 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 7.1 (HKLM\...\{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}) (Version: 7.10.344.0 - Microsoft)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
PoiZone (HKLM-x32\...\PoiZone) (Version:  - Image-Line)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Sawer (HKLM-x32\...\Sawer) (Version:  - Image-Line)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version:  - Image-Line)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Vita 2 (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Rock Drums (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita String Ensemble (Version: 1.0.0.0 - MAGIX AG) Hidden
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION
 
==================== Restore Points  =========================
 
23-06-2014 18:40:41 Windows Update
28-06-2014 05:55:14 Windows Update
02-07-2014 05:37:34 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 19:34 - 2014-05-05 12:46 - 00000871 ____A C:\Windows\system32\Drivers\etc\hosts
54.221.22.25 epjpfmkiegfpfhiaohimeiamofnpdkgj
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0C95CDC0-D893-42BF-A928-48E062EC2D07} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {0FB88ED8-705F-4AAD-B8E8-4796D1AA6C7B} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-11-05] (Microsoft Corporation)
Task: {12F6A12A-76BD-42CB-B041-2A16A1CBAA74} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {14B3278A-28FA-4B4D-B1DB-CC9410D8CB9D} - System32\Tasks\PCSpeedClean_Start => C:\Program Files (x86)\PC Speed Clean\PCSpeedClean.exe
Task: {2313F634-C8D9-48D9-941F-727B8417D50B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3CB955C6-BDC4-498A-8CB9-2AA200AD5058} - System32\Tasks\pcreg => C:\Program Files\pcreg\service.exe [2014-06-01] () <==== ATTENTION
Task: {57537F23-2DCB-487C-B89C-C88C4487A02F} - System32\Tasks\Digital Sites => C:\Users\HP\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {7A7E0A14-35E2-4E2B-AC63-EA3A7B3490B1} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {7B5604C1-45F0-4EAF-96DA-B2E6D3C0BA50} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {E9A6B7F0-4CD0-404C-8012-343767067579} - System32\Tasks\PCSpeedClean_Popup => C:\Program Files (x86)\PC Speed Clean\Splash.exe
Task: {ED942BBF-27AE-47FD-8977-26DB59BC51D5} - System32\Tasks\MySearchDial => C:\Users\HP\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {F1B63059-C80B-4B0A-9666-AD751EB53CFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-25] (Google Inc.)
Task: {FEFAAE0B-998F-438B-9D6F-B109683308FE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\HP\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8c9028ba18b0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\HP\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2012-07-25 13:28 - 2014-05-19 18:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-08 17:04 - 2012-10-08 17:04 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-04-25 01:13 - 2014-04-25 01:13 - 00249024 _____ () C:\Program Files\pcreg\pcreg.exe
2012-07-25 20:46 - 2012-07-31 11:38 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-09-26 19:14 - 2012-09-26 19:14 - 00168864 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-26 19:11 - 2012-09-26 19:11 - 00024496 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2012-09-26 19:12 - 2012-09-26 19:12 - 00466256 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2012-09-26 19:12 - 2012-09-26 19:12 - 00043944 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2012-09-26 19:12 - 2012-09-26 19:12 - 00035776 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2012-09-26 19:15 - 2012-09-26 19:15 - 00223152 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2012-07-25 12:35 - 2012-04-10 21:13 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-06-13 08:53 - 2014-06-05 06:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-13 08:53 - 2014-06-05 06:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-13 08:53 - 2014-06-05 06:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-13 08:53 - 2014-06-05 06:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-13 08:53 - 2014-06-05 06:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/05/2014 01:14:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x1724
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (07/05/2014 01:14:16 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-4135122001-3849731273-3069520198-1000}/">.
 
Error: (07/05/2014 01:11:44 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-4135122001-3849731273-3069520198-1000}/">.
 
Error: (07/05/2014 01:08:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xa68
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (07/05/2014 01:07:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xc10
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (07/05/2014 00:58:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x388
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (07/05/2014 00:57:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x2f8
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (07/05/2014 00:55:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x1168
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (07/05/2014 00:42:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x338
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (07/05/2014 00:36:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x2538
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
 
System errors:
=============
Error: (07/05/2014 01:06:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147467259
 
Error: (07/05/2014 01:06:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147467259
 
Error: (07/05/2014 01:06:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Stereoscopic 3D Driver Service service failed to start due to the following error: 
%%2
 
Error: (07/05/2014 01:02:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147467259
 
Error: (07/05/2014 01:02:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147467259
 
Error: (07/05/2014 01:02:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Stereoscopic 3D Driver Service service failed to start due to the following error: 
%%2
 
Error: (07/05/2014 01:01:23 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (07/05/2014 00:40:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147467259
 
Error: (07/05/2014 00:40:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147467259
 
Error: (07/05/2014 00:39:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Stereoscopic 3D Driver Service service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (07/05/2014 01:14:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd172401cf988dbc86e05eC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll00625e54-0481-11e4-bb1e-446d57853d5b
 
Error: (07/05/2014 01:14:16 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-4135122001-3849731273-3069520198-1000}/
 
Error: (07/05/2014 01:11:44 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-4135122001-3849731273-3069520198-1000}/
 
Error: (07/05/2014 01:08:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fda6801cf988cda142f47C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll19c08202-0480-11e4-bb1e-446d57853d5b
 
Error: (07/05/2014 01:07:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdc1001cf988cafdd47ebC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dllef65e602-047f-11e4-bb1e-446d57853d5b
 
Error: (07/05/2014 00:58:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd38801cf988b8ab4e5ddC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dllcc8253b7-047e-11e4-90b6-446d57853d5b
 
Error: (07/05/2014 00:57:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd2f801cf988b506610a2C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll92b51b7a-047e-11e4-90b6-446d57853d5b
 
Error: (07/05/2014 00:55:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd116801cf9889f24121f3C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll45456ee6-047e-11e4-90b6-446d57853d5b
 
Error: (07/05/2014 00:42:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd33801cf9889349275f7C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll73b4b8e2-047c-11e4-90b6-446d57853d5b
 
Error: (07/05/2014 00:36:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd253801cf98887739b823C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dllba3efa41-047b-11e4-b7dc-446d57853d5b
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 17%
Total physical RAM: 10197.41 MB
Available physical RAM: 8407.24 MB
Total Pagefile: 20393 MB
Available Pagefile: 18415.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: (Boot) (Fixed) (Total:119.02 GB) (Free:15.4 GB) NTFS
Drive d: (Data) (Fixed) (Total:1862.89 GB) (Free:1813.16 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 119 GB) (Disk ID: 51433B80)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

 

 

Any help is greatly appreciated!! Thanks for your time  :D

CheckResults.txt

Link to post
Share on other sites

Hi:
 
Preliminary review of your logs show some abnormalities suggestive of possible infection.
 
As such, you might want to take advantage of the free, one-on-one assistance of our malware experts.
So, for expert assistance, I suggest that you please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
A malware analyst will assist you with looking into your issue and with getting MBAM up and running.

Since you have already run FRST, you just need to start a new topic over in the malware removal section >>here<< and include these same logs, as ATTACHMENTS, in your new post.

Thanks,

Link to post
Share on other sites

uhmmm,  when you say <<It won't even begin scanning before it says that the program has stopped working.>>

 

are you seeing any message like the screen captures shown here  What to do: Runtime error - database stuck on 2014.03.04 - program stopped

 

Let me know.

Link to post
Share on other sites

Not exactly like those screen captures... It says..

 

Malwarebytes Anti-Malware has stopped working

Windows can check online for a solution to the problem.

--->Check online for a solution and close the program

--->Close the program

 

This happens after I either click scan (before it scans anything, not mid-scan) or even when I try to update it...When I click update now, same thing happens.

 

Also, I will go ahead and post in the forum that daledoc1 suggested. Thanks for the replies

Link to post
Share on other sites

Please go forward and do these next steps.

 

Step 1

Save the attached file Fixlist.txt    to the same location where you have FRST.exe   ---- the Desktop

It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite an existing one please allow)

Run FRST again but this time press the "Fix" button just once and wait.

When finished, it will make a log (fixlog.txt) next to FRST.
Please attach the Fixlog.txt  into a reply.

 

Step 2

Close any open work documents, if any, saving your work.
Make sure to close any other programs that you started before.

Please download Junkware Removal Tool by Thisisu to your Desktop
http://thisisudax.org/downloads/JRT.exe

Please close your security software to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or 7 or 8, right-mouse click JRT.exe and select Run as administrator.
The tool will open and display information and disclaimer in a Command prompt window.

I'd suggest you close all internet browsers at this point.

 Press a key on keyboard to start scanning your system.

Please be very patient as this will take several minutes to complete, depending on your system's specifications.
There are approximatly 12 phases or so in this tool.  You will see each phase listed in the Command prompt window.
On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.  And the command prompt will have been closed.

Please attach JRT.txt into a new reply.

 

 

Step 3

Please download **AdwCleaner** and save it to your desktop.
http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/2-adwcleaner

Now Close all browsers, all open apps.

Run **AdwCleaner** and click on "scan"
After the scan has completed I want you to click on "clean"
Once done it will ask to reboot, allow the reboot
On reboot a log will be produced, please attach the log to your next reply

Fixlist.txt

Link to post
Share on other sites

Hello Makaveli.

 

Very worthwhile runs.  The FRST fix took care of a unwanted restriction on Google Chrome.   And the other two tools removed unwamted addon-crud.

 

Please do this next:

Please do a Threat & Rootkit Scan:
Start the Anti-Malware program.

Click the Settings icon ( on the top bar) > then click **Detection and Protection** subtab, Detection Options, tick the box 'Scan for rootkits'.
Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
A Threat Scan will begin.

With _some infections_, you may see this message box.
'Could not load DDA driver'
Click 'Yes' to this message, to allow the driver to load after a restart.

Allow the computer to restart. Continue with the rest of these instructions.
When the scan is complete, click Apply Actions.
Wait for the prompt to restart the computer to appear, then click on Yes.

After the scan has completed, Click on the **History tab** > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click **'Copy to Clipboard'**
Paste the contents of the clipboard into your reply.
 

Link to post
Share on other sites

Hello. I did recognize a few of those addon  names that the programs found and removed. I thought they had previously been deleted from the PC but I guess not!

 

I ran the rootkits scan and it came up clean. Here are the results...

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 7/7/2014
Scan Time: 7:28:40 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.07.07.04
Rootkit Database: v2014.07.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: HP
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 279755
Time Elapsed: 2 min, 51 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

This last run is all fine.  I do suggest that you get the Premium License so that you can have realtime protection going forward.

 

Do this online scan for viruses and pests  ( free ):

Close all open browsers at this point.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
http://www.bleepingcomputer.com/forums/index.php?showtopic=114351
Do NOT turn off the firewall

Start Internet Explorer
Using Internet Explorer browser only, go to BitDefender Quickscan website:
http://quickscan.bitdefender.com

and click "Start Scan".
Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.
Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.
If prompted, reply yes to allow it to run.
Press the Allow button and follow prompts.

Press the "Start Scan" once more.
You'll see the EULA in a pop-up window. Click the "I accept" & then the OK button

Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/
and that QuickScan has no removal capability.

The site boasts a 60-second scan. Do have patience as it likely will take longer.
It may seem to stall at moments, but have patience; it will move on.
You'll see a progress bar at top right of window.

Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.
The log report will show in your text editor. Save the log.
Then attach the log with your next reply.

When all done, Re-Enable your antivirus program.

 

 

Step 2
Save and close any work documents, close any apps that you started.

Download the Microsoft® Windows® Malicious Software Removal Tool from the Microsoft Download Center
http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en
It is suggested that you rename mrt.exe to some other name, such as Omega.exe, then run it.

After a run of MSRT has finished, you will find the log at C:\WINDOWS\Debug\mrt.log or C:\WINNT\Debug\mrt.log
The file may be opened and viewed with Notepad or similar text editor.

For 64-bit Windows systems:
If and only if your system is  Windows 7 x64, Vista x64, Windows XP x64 and Windows 2008/2003 x64 computers.
Get Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64
http://www.microsoft.com/downloads/details.aspx?familyid=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

Additional information Microsoft® Windows® Malicious Software Removal Tool is here http://support.microsoft.com/?kbid=890830

If no infections were found, you will see in your log

Results Summary:
----------------
No infection found.



Step 3
Download and Save McAfee Stinger to your Desktop
http://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Close all browsers before starting. Disable your antivirus program and anti-malware,if any.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
On Windows 7 & Vista systems, Right Click stinger-icon.gif and select Run as Administrator.
On XP, double-click to start it.

The GUI interface will look like this
stinger2.png

The C drive is the default for scanning.
Press the Preferences button.  In the top right-block "On virus detection", click Report only
In the bottom block "Heuristic network check for suspicious files" select High

Click the Scan Now button.
When done, use the File menu and select Save report to file
Stinger.txt is the log report and will be saved to your Desktop.  I will need a copy of that log.

Stinger is a standalone utility used to detect and remove specific malware. It is not a full scan for all types of malware or viruses.
It is not intended as virus protection.
 

 

Link to post
Share on other sites

Hello,

 

The Adobe Reader on this system is version 10, now long since obsolete;  and is a security risk.

Older versions of Adobe Reader pose a potential security risk.
De-install your Adobe Reader: Use Control Panel's Add-or-Remove Programs, Un-install Adobe "Reader".

 

Then do either of (a) or (b)

(a)

Consider getting an alternate tool like Sumatra PDF as mentioned by Corrine on her Security Garden blog.
http://securitygarden.blogspot.com/2013/02/replacing-adobe-reader-with-sumatra-pdf.html
 

OR  (b)

Get latest Adobe Reader version
http://get.adobe.com/reader/]http://get.adobe.com/reader/
Be sure to un-check the box for "Free McAfee Security Scan"  or any "toolbar" (if offered )
 

You may now delete these tools & items:

FRST64.exe

mbam-check.exe

Fixlist.txt

Fixlog.txt

FRST.txt

Addition.txt

JRT.exe

Stinger.exe

 

 

To remove AdwCleaner:
Double click on AdwCleaner.exe to run the tool.
Click on Uninstall
Confirm with yes

 

You should get the Premium license for the Anti-Malware so that your pc gets benefits of realtime protections.

 

Your pc is good to go.   Please let me know if you have any questions or need further assistance.

Link to post
Share on other sites

Alrighty everything is taken care of. I truly appreciate all of the time you took to help me out here. I probably will go ahead and get the premium license...I looked into it and it's a lot more affordable that I expected. Better safe than sorry!

 

Thanks again man, you're the best!  :D

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.