Jump to content

MBAM freezing when finishing a scan


Recommended Posts

My brother said his computer has been giving weird proformence spikes, so I decided to try and run MBAM to see if its something icky like a virus or w/e and it freezes on the last part the scan. Like, I've given it approx 48 hours to finish yet it still doesn't, so that makes me think its something a little more nasty

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014
Ran by Tony (administrator) on 1D4EVR on 20-07-2014 14:30:15
Running from C:\Users\Tony\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Scarlet.Crush Productions) C:\XInput-Wrapper-SCP-2.2.1.88\ScpServer\bin\ScpService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Windows\System32\dmwu.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
() C:\Windows\SysWOW64\jmdp\stij.exe
() C:\Windows\System32\ljkb\stij.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ASUSQuickGesture(x86)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUSTPLoader(x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe [169856 2012-09-11] (AsusTek)
HKLM\...\Run: [ASUSQuickGesture(x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [22400 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-09-09] (RealNetworks, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-05-12] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-10] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-07-15] (Valve Corporation)
HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\Run: [{A1264D7F-CEF6-4033-8F9D-3E27392E3627}] => "C:\Users\Tony\Downloads\Terraria v1.2.0.2 cracked-KEBAB Full Installer\setup.exe" /cmdloc "HKCU\Sof (the data entry has 59 more characters).
HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\Run: [TBHostSupport] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Tony\AppData\Local\TBHostSupport\TBHostSupport.dll",DLL (the data entry has 23 more characters). <===== ATTENTION
HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\Run: [APISupport] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Tony\AppData\Local\Conduit\APISupport\APISupport.dll",D (the data entry has 16 more characters). <===== ATTENTION
HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe [839560 2014-01-05] (Adobe Systems Incorporated)
HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\MountPoints2: D - D:\AutoRun.exe "Start.htm"
HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\MountPoints2: {1d4bf47a-d61d-11e3-9c7a-08606e0243df} - E:\TL-BootStrap.exe
HKU\S-1-5-21-3989734936-3346916331-944819991-1000\...\MountPoints2: {44e31dbe-22e0-11e3-8b2b-08606e0243df} - F:\setup.exe
HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-07-15] (Valve Corporation)
HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [{A1264D7F-CEF6-4033-8F9D-3E27392E3627}] => "C:\Users\Tony\Downloads\Terraria v1.2.0.2 cracked-KEBAB Full Installer\setup.exe" /cmdloc "HKCU\Sof (the data entry has 59 more characters).
HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TBHostSupport] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Tony\AppData\Local\TBHostSupport\TBHostSupport.dll",DLL (the data entry has 23 more characters). <===== ATTENTION
HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [APISupport] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Tony\AppData\Local\Conduit\APISupport\APISupport.dll",D (the data entry has 16 more characters). <===== ATTENTION
HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe [839560 2014-01-05] (Adobe Systems Incorporated)
HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: D - D:\AutoRun.exe "Start.htm"
HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {1d4bf47a-d61d-11e3-9c7a-08606e0243df} - E:\TL-BootStrap.exe
HKU\S-1-5-21-3989734936-3346916331-944819991-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {44e31dbe-22e0-11e3-8b2b-08606e0243df} - F:\setup.exe
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC64~1.DLL => C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC64~1.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC32~1.DLL => "C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC32~1.DLL" File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3314312&octid=CT3314312&SearchSource=61&CUI=UN40910556301108517&UM=2&UP=SPC7C336F4-D905-41B3-9645-0BA7BAA9BB4E&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x981BE34CF6ACCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM-x32 - DefaultScope {87039B55-C160-4C4C-BE53-9ABC9A3C101E} URL =
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {87039B55-C160-4C4C-BE53-9ABC9A3C101E} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3314312&CUI=UN40910556301108517&UM=2
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1

FireFox:
========
FF ProfilePath: C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\npbdix7w.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Tony\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\npbdix7w.default\searchplugins\MyStart Search.xml
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\npbdix7w.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-05-24]
FF Extension: Adblock Plus - C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\npbdix7w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-24]
FF Extension: Greasemonkey - C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\npbdix7w.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-06-09]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-09]

Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3314312&SearchSource=48&CUI=UN37402386449835186&UM=2&UP=SPC7C336F4-D905-41B3-9645-0BA7BAA9BB4E&SSPV=&SAT=SCH
CHR NewTab: "chrome-extension://eibleipkbineaadpnemmalkahodjhdbd/Search/NewTabPages/html/new_tab.html"
CHR DefaultSearchKeyword: trovi.search
CHR DefaultSearchURL: http:\/\/search.conduit.com\/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN37402386449835186&ctid=CT3314312&UM=2&UP=SPC7C336F4-D905-41B3-9645-0BA7BAA9BB4E&SSPV=&SAT=GLO
CHR DefaultNewTabURL: https://search.conduit.com/?gd=&ctid=CT3314312&octid=CT3314312&ISID=ISID_ID&SearchSource=15&CUI=UN37402386449835186&SSPV=&lay=3&p=cnts&UM=2&SAT=CNTS
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-15]
CHR Extension: (YouTube) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-09]
CHR Extension: (Google Search) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-09]
CHR Extension: (SweetPacks A5) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibleipkbineaadpnemmalkahodjhdbd [2013-10-13]
CHR Extension: (WordOv) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh [2013-10-13]
CHR Extension: (RealDownloader) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-09-09]
CHR Extension: (Google Wallet) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-23]
CHR Extension: (Gmail) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-09]
CHR Extension: (Extutil) - C:\Users\Tony\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-02-01]
CHR Extension: (Managera) - C:\Users\Tony\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-02-01]
CHR HKCU\...\Chrome\Extension: [eibleipkbineaadpnemmalkahodjhdbd] - C:\Users\Tony\AppData\Local\CRE\eibleipkbineaadpnemmalkahodjhdbd.crx [2013-10-09]
CHR HKLM-x32\...\Chrome\Extension: [eibleipkbineaadpnemmalkahodjhdbd] - C:\Users\Tony\AppData\Local\CRE\eibleipkbineaadpnemmalkahodjhdbd.crx [2013-10-09]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) =================

R2 Ds3Service; C:\XInput-Wrapper-SCP-2.2.1.88\ScpServer\bin\ScpService.exe [388352 2013-05-05] (Scarlet.Crush Productions)
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1761584 2013-09-17] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [43456 2014-02-16] (http://libusb-win32.sourceforge.net)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-20] (Malwarebytes Corporation)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-20 14:30 - 2014-07-20 14:31 - 00021495 _____ () C:\Users\Tony\Desktop\FRST.txt
2014-07-20 14:30 - 2014-07-20 14:30 - 00000000 ____D () C:\FRST
2014-07-20 14:25 - 2014-07-20 14:25 - 02089984 _____ (Farbar) C:\Users\Tony\Desktop\FRST64.exe
2014-07-20 14:25 - 2014-07-20 14:25 - 00017906 _____ () C:\Users\Tony\Desktop\W8T1o6Kd.htm
2014-07-20 13:42 - 2014-07-20 13:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Tony\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-18 17:37 - 2014-07-18 17:39 - 00000000 ____D () C:\Users\Tony\Desktop\games 'n' stuff
2014-07-17 19:45 - 2014-07-17 19:49 - 698992994 _____ () C:\Users\Tony\Downloads\Otaku's Dream Mix 1.zip
2014-07-17 17:19 - 2014-07-20 13:45 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-17 17:19 - 2014-07-20 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-17 17:19 - 2014-07-20 13:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-17 17:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-17 17:19 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-17 12:46 - 2014-07-17 12:46 - 00018370 _____ () C:\Users\Tony\Downloads\User.ini
2014-07-13 22:46 - 2014-07-13 22:48 - 00000000 ____D () C:\Users\Tony\Documents\GTA San Andreas User Files
2014-07-13 22:45 - 2014-07-13 22:45 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-07-13 22:35 - 2014-07-13 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-07-13 22:35 - 2014-07-13 22:35 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-07-10 10:28 - 2014-07-10 10:28 - 00000000 ____D () C:\Users\Tony\Documents\streumon
2014-07-08 18:27 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-08 18:27 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-08 18:27 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-08 18:27 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-08 18:27 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-08 18:27 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-08 18:27 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-08 18:27 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-08 18:27 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-08 18:27 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-08 18:27 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-08 18:27 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-08 18:27 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-08 18:27 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-08 18:27 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-08 18:27 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-08 18:27 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-08 18:27 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-08 18:27 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-08 18:27 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-08 18:27 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-08 18:27 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-08 18:27 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-08 18:27 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-08 18:27 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-08 18:27 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-08 18:27 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-08 18:27 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-08 18:27 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-08 18:27 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-08 18:27 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-08 18:27 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-08 18:27 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-08 18:27 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-08 18:27 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-08 18:27 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-08 18:27 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-08 18:27 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-08 18:27 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-08 18:27 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-08 18:27 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-08 18:27 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-08 18:27 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-08 18:27 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-08 18:27 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-08 18:27 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-08 18:27 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-08 18:27 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-08 18:27 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-08 18:27 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-08 18:27 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-08 18:27 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-08 18:27 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-08 18:27 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-08 18:27 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-08 18:27 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-08 18:24 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-08 18:24 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-08 18:24 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-08 18:24 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-08 18:24 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-08 18:24 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-08 18:24 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-08 18:24 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-08 18:24 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-08 18:24 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-08 18:24 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-08 18:24 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-08 18:24 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-08 18:24 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-08 18:24 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-08 18:24 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-08 18:24 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-08 18:24 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-08 18:24 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-08 18:24 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-08 18:24 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-08 18:24 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-08 18:19 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-08 18:19 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-08 18:19 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-30 20:02 - 2014-06-30 20:02 - 00000000 ____D () C:\Users\Tony\Documents\Tribute Games
2014-06-26 16:48 - 2014-06-26 16:48 - 00279968 _____ () C:\Windows\Minidump\062614-22588-01.dmp
2014-06-20 20:40 - 2014-07-12 17:29 - 00000000 ____D () C:\Users\Tony\AppData\Local\nuclearthrone

==================== One Month Modified Files and Folders =======

2014-07-20 14:31 - 2014-07-20 14:30 - 00021495 _____ () C:\Users\Tony\Desktop\FRST.txt
2014-07-20 14:30 - 2014-07-20 14:30 - 00000000 ____D () C:\FRST
2014-07-20 14:26 - 2013-09-05 17:56 - 01890039 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 14:25 - 2014-07-20 14:25 - 02089984 _____ (Farbar) C:\Users\Tony\Desktop\FRST64.exe
2014-07-20 14:25 - 2014-07-20 14:25 - 00017906 _____ () C:\Users\Tony\Desktop\W8T1o6Kd.htm
2014-07-20 13:45 - 2014-07-17 17:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 13:43 - 2014-07-17 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-20 13:43 - 2014-07-17 17:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-20 13:43 - 2014-01-12 13:54 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-20 13:42 - 2014-07-20 13:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Tony\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-20 13:35 - 2013-09-09 08:49 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-20 13:06 - 2013-09-08 20:32 - 00128071 _____ () C:\Windows\setupact.log
2014-07-20 12:40 - 2013-10-20 12:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-20 12:40 - 2013-09-29 10:31 - 00000000 ____D () C:\Users\Tony\Documents\My Games
2014-07-20 09:35 - 2013-09-09 08:49 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-18 17:39 - 2014-07-18 17:37 - 00000000 ____D () C:\Users\Tony\Desktop\games 'n' stuff
2014-07-18 14:55 - 2013-10-25 17:32 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\foobar2000
2014-07-18 13:59 - 2013-09-09 08:50 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-18 03:00 - 2013-10-13 19:59 - 00000000 ____D () C:\ProgramData\Skype
2014-07-17 19:49 - 2014-07-17 19:45 - 698992994 _____ () C:\Users\Tony\Downloads\Otaku's Dream Mix 1.zip
2014-07-17 19:35 - 2014-03-31 20:26 - 00000000 ____D () C:\Users\Tony\Desktop\Stepmania 3.95
2014-07-17 18:41 - 2013-10-13 20:01 - 00000000 ____D () C:\Users\Tony\AppData\Local\WordOv
2014-07-17 18:41 - 2013-10-13 20:01 - 00000000 ____D () C:\Program Files (x86)\SweetPacks_A5
2014-07-17 17:19 - 2014-01-12 13:55 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Malwarebytes
2014-07-17 17:19 - 2014-01-12 13:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-17 17:19 - 2014-01-12 13:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-17 12:46 - 2014-07-17 12:46 - 00018370 _____ () C:\Users\Tony\Downloads\User.ini
2014-07-16 12:44 - 2013-09-09 08:50 - 00003334 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3989734936-3346916331-944819991-1000
2014-07-16 12:44 - 2013-09-09 08:50 - 00003198 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3989734936-3346916331-944819991-1000
2014-07-13 22:48 - 2014-07-13 22:46 - 00000000 ____D () C:\Users\Tony\Documents\GTA San Andreas User Files
2014-07-13 22:45 - 2014-07-13 22:45 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-07-13 22:35 - 2014-07-13 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-07-13 22:35 - 2014-07-13 22:35 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-07-13 22:35 - 2013-09-08 20:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-12 17:29 - 2014-06-20 20:40 - 00000000 ____D () C:\Users\Tony\AppData\Local\nuclearthrone
2014-07-11 03:18 - 2009-07-14 00:45 - 00020416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-11 03:18 - 2009-07-14 00:45 - 00020416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-10 10:37 - 2013-09-09 18:46 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-07-10 10:37 - 2013-09-09 18:46 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-07-10 10:28 - 2014-07-10 10:28 - 00000000 ____D () C:\Users\Tony\Documents\streumon
2014-07-10 07:36 - 2013-10-13 20:01 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-07-09 12:52 - 2013-10-13 20:00 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Skype
2014-07-09 12:48 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-09 12:43 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-09 12:43 - 2009-07-14 00:45 - 00275712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 12:41 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 12:41 - 2009-07-14 03:46 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 12:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-09 12:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 12:13 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-09 08:24 - 2013-09-09 19:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 08:22 - 2013-09-09 19:18 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-30 20:02 - 2014-06-30 20:02 - 00000000 ____D () C:\Users\Tony\Documents\Tribute Games
2014-06-30 20:02 - 2013-10-31 14:02 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-06-30 20:02 - 2013-10-31 14:02 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-06-30 20:02 - 2013-10-31 14:02 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-06-30 20:02 - 2013-10-31 14:02 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-06-29 22:09 - 2014-07-08 18:24 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-29 22:04 - 2014-07-08 18:24 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-28 16:28 - 2014-06-01 21:07 - 00000000 ____D () C:\Users\Tony\Documents\My Kindle Content
2014-06-26 16:48 - 2014-06-26 16:48 - 00279968 _____ () C:\Windows\Minidump\062614-22588-01.dmp
2014-06-26 16:48 - 2013-12-03 16:32 - 00000000 ____D () C:\Windows\Minidump
2014-06-26 16:47 - 2013-12-03 16:32 - 511476772 _____ () C:\Windows\MEMORY.DMP
2014-06-26 16:47 - 2013-09-08 20:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 20:49 - 2013-09-09 18:56 - 00117001 _____ () C:\Windows\DirectX.log
2014-06-20 16:14 - 2014-07-08 18:27 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 15:39 - 2014-07-08 18:27 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

Some content of TEMP:
====================
C:\Users\Tony\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Tony\AppData\Local\Temp\Core.dll
C:\Users\Tony\AppData\Local\Temp\ICReinstall_Audacity_setup.exe
C:\Users\Tony\AppData\Local\Temp\ICReinstall_BitlordSetup.exe
C:\Users\Tony\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Tony\AppData\Local\Temp\nsj78F5.exe
C:\Users\Tony\AppData\Local\Temp\nso6EB5.exe
C:\Users\Tony\AppData\Local\Temp\nstC03E.exe
C:\Users\Tony\AppData\Local\Temp\nsy1B7A.exe
C:\Users\Tony\AppData\Local\Temp\nsy41DB.exe
C:\Users\Tony\AppData\Local\Temp\nsy4A66.exe
C:\Users\Tony\AppData\Local\Temp\SecondStepInstaller.exe
C:\Users\Tony\AppData\Local\Temp\Setup.exe
C:\Users\Tony\AppData\Local\Temp\Shortcut_IMsetup.exe
C:\Users\Tony\AppData\Local\Temp\SPSetup.exe
C:\Users\Tony\AppData\Local\Temp\SPStub.exe
C:\Users\Tony\AppData\Local\Temp\SweetIMInstallValidator.exe
C:\Users\Tony\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Tony\AppData\Local\Temp\Window.dll
C:\Users\Tony\AppData\Local\Temp\WSSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 06:55

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-07-2014
Ran by Tony at 2014-07-20 14:31:41
Running from C:\Users\Tony\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

1001 Spikes (HKLM-x32\...\Steam App 260790) (Version:  - Nicalis, Inc.)
140 (HKLM-x32\...\Steam App 242820) (Version:  - Carlsen Games)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - Alexander Bruce)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.32 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0020 - ASUS)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
Audiosurf 2 - Beta (HKLM-x32\...\{DDA55E82-39A4-4692-999D-4B2A363241CE}_is1) (Version:  - )
Bastion (HKLM-x32\...\Steam App 107100) (Version:  - Supergiant Games)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
calibre (HKLM-x32\...\{8C31E86B-2A66-40E8-BF47-32A25D65DB12}) (Version: 1.15.0 - Kovid Goyal)
Cargo Commander (HKLM-x32\...\Steam App 220460) (Version:  - Serious Brew)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version:  - Nicalis)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Chivalry: Medieval Warfare Beta (HKLM-x32\...\Steam App 232210) (Version:  - )
Comical 0.8 (HKLM-x32\...\Comical_is1) (Version:  - James Athey)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Drunken Robot Pornography 1.0 (HKLM-x32\...\Drunken Robot Pornography 1.0) (Version: 1.0 - Cat-A-Cat)
DuckTales Remastered (HKLM-x32\...\RHVja1RhbGVzUmVtYXN0ZXJlZA==_is1) (Version: 1 - )
Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version:  - AMPLITUDE Studios)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version:  - Humble Hearts LLC)
Dustforce (HKLM-x32\...\Steam App 65300) (Version:  - Hitbox Team)
E.Y.E: Divine Cybermancy (HKLM-x32\...\Steam App 91700) (Version:  - Streum On Studio)
Electronic Super Joy (HKLM-x32\...\Steam App 244870) (Version:  - Michael Todd Games)
Element4l (HKLM-x32\...\Steam App 235820) (Version:  - I-Illusions)
foobar2000 v1.2.9 (HKLM-x32\...\foobar2000) (Version: 1.2.9 - Peter Pawlowski)
FTL version 1.03.3 (HKLM-x32\...\{20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1) (Version: 1.03.3 - Subset Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{E0303B6A-C675-4102-95DA-C013625BFA99}) (Version: 1.00.00001 - Rockstar Games)
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Hotline Miami (HKLM-x32\...\GOGPACKHOTLINEMIAMI_is1) (Version: 2.0.0.4 - GOG.com)
IB Updater Service (HKLM-x32\...\WNLT) (Version: 4.0.7.6 - ) <==== ATTENTION
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3257 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0083 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0708 - Intel Corporation)
Jamestown (HKLM-x32\...\Steam App 94200) (Version:  - Final Form Games)
Java 7 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.400 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Lone Survivor: The Director's Cut (HKLM-x32\...\Steam App 209830) (Version:  - Jasper Byrne)
Magicite (HKLM-x32\...\Steam App 268750) (Version:  - SmashGames)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mercenary Kings (HKLM-x32\...\Steam App 218820) (Version:  - Tribute Games Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.3 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.3 - MPC-HC Team)
Mutant Mudds Deluxe (HKLM-x32\...\Steam App 247370) (Version:  - Renegade Kid)
My Game Long Name (HKLM\...\UDK-8db7e1ad-85d8-4840-a57b-1d93719367e6) (Version:  - Epic Games, Inc.)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
Nuclear Throne (HKLM-x32\...\Steam App 242680) (Version:  - Vlambeer)
NVIDIA PhysX (HKLM-x32\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Painkiller Black Edition version 0.0.0.9 (HKLM-x32\...\Painkiller Black Edition_is1) (Version: 0.0.0.9 - WaLMaRT)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Quake Live (HKLM-x32\...\Quake Live) (Version:  - id Software)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Race The Sun (HKLM-x32\...\Steam App 253030) (Version:  - Flippfly LLC)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Scoregasm (HKLM-x32\...\Steam App 202410) (Version:  - RC Knight)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.15.13.48 - Client Connect LTD) <==== ATTENTION
Serious Sam: The First Encounter (HKLM-x32\...\{815050E5-F545-11D4-9569-004095812ACC}) (Version:  - )
Shelter (HKLM-x32\...\Steam App 244710) (Version:  - Might and Delight)
Skullgirls (HKLM-x32\...\Skullgirls_is1) (Version:  - )
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StepMania v5.0 beta 2a (remove only) (HKLM-x32\...\StepMania 5) (Version:  - StepMania Team)
Super Amazing Wagon Adventure (HKLM-x32\...\Steam App 250500) (Version:  - sparsevector)
Super House of Dead Ninjas (HKLM-x32\...\Steam App 224820) (Version:  - Megadev)
Super House of Dead Ninjas v0.8.7 incl. True Ninja Pack (HKLM-x32\...\U3VwZXJIb3VzZW9mRGVhZE5pbmphc3YwODdpbmNsVHJ1ZU5p~01254CA9_is1) (Version: 1 - )
SweetPacks A5 Toolbar for IE (HKLM-x32\...\IECT3314312) (Version: 6.17.0.33 - SweetPacks A5) <==== ATTENTION
Terraria v1.2.0.2 cracked-KEBAB (HKLM-x32\...\{A1264D7F-CEF6-4033-8F9D-3E27392E3627}) (Version: 1.2.0.2 - KEBAB)
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
USB GamePad (HKLM-x32\...\{B8CDAD75-96FB-48A5-A2AE-6515DDEB7BFA}) (Version: 3.85 - My Company Name)
Vampire - The Masquerade Bloodlines (HKLM-x32\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision)
Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000 - Activision) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Windows Driver Package - ASUS (ATP) Mouse  (08/27/2012 1.0.0.125) (HKLM\...\2BD897DEE9289F769D9176245811D5330A360B0B) (Version: 08/27/2012 1.0.0.125 - ASUS)
WinImage (HKLM-x32\...\WinImage) (Version:  - )
WordOv (HKCU\...\WordOv) (Version: 3 - wordoverview.com)

==================== Restore Points  =========================

17-07-2014 07:00:10 Windows Update
18-07-2014 07:00:11 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {015BF913-CFBA-4200-BF73-051B1B718E47} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-06-20] (ASUSTeK Computer Inc.)
Task: {41AEAF5C-E25F-4C1C-A6D9-86CDA70D8881} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-09] (Google Inc.)
Task: {51D423BB-AEA0-44FF-AA91-39D5D8BBAC8B} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25] (ASUSTek Computer Inc.)
Task: {89738C1F-1E83-43A5-A053-11889FD45E29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-09] (Google Inc.)
Task: {D592A8DB-C898-4E56-8264-45A80FF25C88} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3989734936-3346916331-944819991-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {D7C9A2BF-7082-42FA-90BF-19E44F936281} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3989734936-3346916331-944819991-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {EF693A16-35A3-476D-87B1-28F7D54F9D54} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2013-03-21] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-13 20:00 - 2013-09-17 13:25 - 01761584 _____ () C:\Windows\system32\dmwu.exe
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-17 13:25 - 2013-09-17 13:25 - 00415024 ____N () C:\Windows\SysWOW64\jmdp\stij.exe
2013-09-17 13:25 - 2013-09-17 13:25 - 00473392 _____ () C:\Windows\System32\ljkb\stij.exe
2013-09-17 13:25 - 2013-09-17 13:25 - 01321472 _____ () C:\Windows\System32\ljkb\lmrn.dll
2013-09-17 13:23 - 2013-09-17 13:23 - 01062912 ____N () C:\Windows\SysWOW64\jmdp\lmrn.dll
2014-05-24 09:32 - 2014-07-11 20:53 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-23 10:06 - 2014-07-11 20:53 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-24 09:32 - 2014-07-11 20:53 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-10 16:46 - 2014-07-11 20:53 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2013-08-21 14:18 - 2014-06-26 18:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-24 09:32 - 2014-07-15 22:28 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-24 09:32 - 2014-04-28 20:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2013-10-08 18:19 - 2014-07-15 22:28 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-09-10 14:20 - 2014-05-01 19:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-06-18 08:42 - 2014-06-18 08:42 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-05 17:37 - 2014-01-05 17:37 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/20/2014 08:00:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mpc-hc64.exe, version: 1.7.3.0, time stamp: 0x52ee6a9e
Faulting module name: mpc-hc64.exe, version: 1.7.3.0, time stamp: 0x52ee6a9e
Exception code: 0xc0000005
Fault offset: 0x00000000002421b2
Faulting process id: 0x186d74
Faulting application start time: 0xmpc-hc64.exe0
Faulting application path: mpc-hc64.exe1
Faulting module path: mpc-hc64.exe2
Report Id: mpc-hc64.exe3

Error: (07/18/2014 03:01:01 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi

Error: (07/18/2014 03:00:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddWin32ServiceFiles: Unable to back up image of service Search Protect Service since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (07/17/2014 11:54:43 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/17/2014 03:00:59 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi

Error: (07/16/2014 07:23:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mpc-hc64.exe, version: 1.7.3.0, time stamp: 0x52ee6a9e
Faulting module name: mpc-hc64.exe, version: 1.7.3.0, time stamp: 0x52ee6a9e
Exception code: 0xc0000005
Fault offset: 0x000000000019f6d3
Faulting process id: 0x8207c
Faulting application start time: 0xmpc-hc64.exe0
Faulting application path: mpc-hc64.exe1
Faulting module path: mpc-hc64.exe2
Report Id: mpc-hc64.exe3

Error: (07/15/2014 05:01:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/15/2014 03:00:59 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi

Error: (07/12/2014 06:24:34 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi

Error: (07/12/2014 02:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (07/20/2014 01:30:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PlugPlay service.

Error: (07/18/2014 04:31:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (07/18/2014 04:31:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (07/18/2014 03:01:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Skype for Windows desktop 6.11 (KB2876229).

Error: (07/17/2014 03:01:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Skype for Windows desktop 6.11 (KB2876229).

Error: (07/15/2014 08:22:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (07/15/2014 08:22:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (07/15/2014 03:01:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Skype for Windows desktop 6.11 (KB2876229).

Error: (07/13/2014 01:33:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (07/12/2014 06:25:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Skype for Windows desktop 6.11 (KB2876229).


Microsoft Office Sessions:
=========================
Error: (07/20/2014 08:00:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mpc-hc64.exe1.7.3.052ee6a9empc-hc64.exe1.7.3.052ee6a9ec000000500000000002421b2186d7401cfa354ccfca87bC:\Program Files\MPC-HC\mpc-hc64.exeC:\Program Files\MPC-HC\mpc-hc64.exe7f575593-1005-11e4-89b7-08606e0243df

Error: (07/18/2014 03:01:01 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/18/2014 03:00:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Search Protect Service since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (07/17/2014 11:54:43 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Users\Tony\Downloads\vcredist_arm.exe

Error: (07/17/2014 03:00:59 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/16/2014 07:23:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mpc-hc64.exe1.7.3.052ee6a9empc-hc64.exe1.7.3.052ee6a9ec0000005000000000019f6d38207c01cfa08a8ddaff5fC:\Program Files\MPC-HC\mpc-hc64.exeC:\Program Files\MPC-HC\mpc-hc64.exe8c905180-0cdb-11e4-89b7-08606e0243df

Error: (07/15/2014 05:01:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (07/15/2014 03:00:59 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/12/2014 06:24:34 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Skype™ 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/12/2014 02:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe


==================== Memory info ===========================

Percentage of memory in use: 63%
Total physical RAM: 3981.68 MB
Available physical RAM: 1450.61 MB
Total Pagefile: 7961.53 MB
Available Pagefile: 4680.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:328.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: DAAD3D47)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

  • 1 month later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.