Cannot start a scan on Malwarebytes

[kimchi]

I successfully downloaded Malwarebytes, but when i click on anything else on Malwarebytes, like the scan button it goes to the scan page but then immediately freezes, someone please help? thanks

 

[TwinHeadedEagle]

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll be working with you.
 
    
 
    
Before we start please read and note the following:

• Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
• Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
• Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
• Do not paste the logs in your posts, attachments make my work easier. There is a Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
• Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
• Note that we may live in totally different time zones, what may cause some delays between answers.
• Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
• If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

I can't foresee everything, so if anything unexpected happens, please stop and inform me!
There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 
 
 

Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

[kimchi]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-09-2014

Ran by k4evin (administrator) on K4EVIN-PC on 06-09-2014 10:48:42

Running from C:\Users\k4evin\Downloads

Platform: Windows 7 Home Premium (X64) OS Language: English (United States)

Internet Explorer Version 8

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [intelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel® Corporation)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

BootExecute: autocheck autochk * bootdelete

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3F393AE341C9CF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

 

FireFox:

========

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

 

Chrome: 

=======

CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3331316&octid=EB_ORIGINAL_CTID&ISID=M58CE9201-2694-43B4-966A-ACC10847FE27&SearchSource=55&CUI=&UM=6&UP=SPDAD72470-9ECC-434F-BD08-DE2819E9F815&SSPV=

CHR StartupUrls: Default -> "hxxp://www.google.com/"

CHR DefaultSuggestURL: Default -> http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}

CHR Profile: C:\Users\k4evin\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\k4evin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-05]

CHR Extension: (Google Docs) - C:\Users\k4evin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-05]

CHR Extension: (Google Drive) - C:\Users\k4evin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-05]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\k4evin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]

CHR Extension: (YouTube) - C:\Users\k4evin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-05]

CHR Extension: (Adblock Plus) - C:\Users\k4evin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-05]

CHR Extension: (Google Search) - C:\Users\k4evin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-05]

CHR Extension: (Google Sheets) - C:\Users\k4evin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-05]

CHR Extension: (Swagbucks Extension) - C:\Users\k4evin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2014-09-05]

CHR Extension: (Google Wallet) - C:\Users\k4evin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-05]

CHR Extension: (Gmail) - C:\Users\k4evin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-05]

CHR Extension: (Extutil) - C:\Users\k4evin\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-09-05]

CHR Extension: (Managera) - C:\Users\k4evin\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-09-05]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-09-06] (SurfRight B.V.)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-06] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-09-06 10:48 - 2014-09-06 10:48 - 02104832 _____ (Farbar) C:\Users\k4evin\Downloads\FRST64.exe

2014-09-06 10:48 - 2014-09-06 10:48 - 01370467 _____ () C:\Users\k4evin\Downloads\AdwCleaner.exe

2014-09-06 10:48 - 2014-09-06 10:48 - 00007575 _____ () C:\Users\k4evin\Downloads\FRST.txt

2014-09-06 10:48 - 2014-09-06 10:48 - 00000000 ____D () C:\FRST

2014-09-06 09:11 - 2014-09-06 09:11 - 00262144 _____ () C:\Windows\Minidump\090614-24414-01.dmp

2014-09-06 09:10 - 2014-09-06 09:10 - 00262144 _____ () C:\Windows\Minidump\090614-24788-01.dmp

2014-09-06 09:08 - 2014-09-06 09:08 - 00262144 _____ () C:\Windows\Minidump\090614-25630-01.dmp

2014-09-06 09:00 - 2014-09-06 09:00 - 00262144 _____ () C:\Windows\Minidump\090614-22370-01.dmp

2014-09-06 08:58 - 2014-09-06 08:59 - 00262144 _____ () C:\Windows\Minidump\090614-27908-01.dmp

2014-09-06 08:39 - 2014-09-06 09:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-09-06 08:39 - 2014-09-06 08:39 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-09-06 08:39 - 2014-09-06 08:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-09-06 08:39 - 2014-09-06 08:39 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-09-06 08:39 - 2014-09-06 08:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-09-06 08:39 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-09-06 08:39 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-09-06 08:39 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-09-06 08:38 - 2014-09-06 08:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\k4evin\Downloads\mbam-setup-2.0.2.1012 (2).exe

2014-09-06 08:36 - 2014-09-06 08:36 - 00010716 _____ () C:\Windows\PFRO.log

2014-09-06 08:34 - 2014-09-06 08:34 - 00321848 _____ (Malwarebytes Corporation) C:\Users\k4evin\Downloads\mbam-clean-2.1.1.1001.exe

2014-09-06 08:25 - 2014-09-06 08:25 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe

2014-09-06 08:25 - 2014-09-06 08:25 - 00011136 _____ () C:\Windows\system32\bootdelete.lst

2014-09-06 08:20 - 2014-09-06 08:20 - 00001897 _____ () C:\Users\Public\Desktop\HitmanPro.lnk

2014-09-06 08:20 - 2014-09-06 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro

2014-09-06 08:20 - 2014-09-06 08:20 - 00000000 ____D () C:\Program Files\HitmanPro

2014-09-06 08:19 - 2014-09-06 08:26 - 00000000 ____D () C:\ProgramData\HitmanPro

2014-09-06 08:19 - 2014-09-06 08:19 - 11194928 _____ (SurfRight B.V.) C:\Users\k4evin\Downloads\HitmanPro_x64.exe

2014-09-06 08:17 - 2014-09-06 08:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\k4evin\Downloads\mbam-setup-2.0.2.1012 (1).exe

2014-09-06 08:15 - 2014-09-06 08:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\k4evin\Downloads\mbam-setup-2.0.2.1012.exe

2014-09-05 18:06 - 2014-09-05 18:06 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\Macromedia

2014-09-05 18:06 - 2014-09-05 18:06 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\LolClient

2014-09-05 18:06 - 2014-09-05 18:06 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\Adobe

2014-09-05 16:34 - 2014-09-05 16:34 - 00000000 ____D () C:\ProgramData\Riot Games

2014-09-05 16:32 - 2014-09-05 16:32 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk

2014-09-05 16:32 - 2014-09-05 16:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends

2014-09-05 16:29 - 2014-09-05 16:32 - 00000000 __SHD () C:\AI_RecycleBin

2014-09-05 16:26 - 2014-09-05 16:26 - 00262144 _____ () C:\Windows\Minidump\090514-39015-01.dmp

2014-09-05 16:20 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll

2014-09-05 16:20 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll

2014-09-05 16:20 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll

2014-09-05 16:20 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll

2014-09-05 16:20 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll

2014-09-05 15:27 - 2014-09-05 15:28 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-09-05 15:27 - 2014-09-05 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-09-05 14:40 - 2014-08-25 06:53 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2014-09-05 13:55 - 2014-09-05 15:19 - 00000000 ____D () C:\Users\k4evin\AppData\Local\fst_us_243

2014-09-05 13:55 - 2014-09-05 15:19 - 00000000 ____D () C:\Program Files (x86)\fst_us_243

2014-09-05 13:53 - 2014-09-05 15:19 - 00000000 ____D () C:\Program Files (x86)\Appstein

2014-09-05 13:53 - 2014-09-05 13:55 - 01264078 _____ (Foxit Corporation ) C:\Users\k4evin\Downloads\Unconfirmed 109563.crdownload

2014-09-05 13:53 - 2014-09-05 13:53 - 00000000 ____D () C:\Users\k4evin\Downloads\Windows 8.1 with Update (Pro with Media Center) (x64)

2014-09-05 13:53 - 2014-09-05 13:53 - 00000000 ____D () C:\Users\k4evin\AppData\Local\Pay-By-Ads

2014-09-05 13:52 - 2014-09-05 15:19 - 00000000 ____D () C:\Program Files (x86)\innoApp

2014-09-05 13:52 - 2014-09-05 13:52 - 00013612 _____ () C:\Users\k4evin\Downloads\[kickass.to]windows.8.1.with.update.pro.with.media.center.x64.torrent

2014-09-05 13:50 - 2014-09-05 13:50 - 00000000 ____D () C:\Users\k4evin\AppData\Local\globalUpdate

2014-09-05 13:50 - 2014-09-05 13:50 - 00000000 ____D () C:\Program Files (x86)\globalUpdate

2014-09-05 13:49 - 2014-09-05 15:19 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\TornTV.com

2014-09-05 13:25 - 2014-09-05 15:19 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-09-05 13:25 - 2014-09-05 15:19 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-09-05 13:25 - 2014-09-05 13:25 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-09-05 13:23 - 2014-09-05 15:19 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-09-05 13:23 - 2014-09-05 13:23 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

2014-09-05 13:21 - 2014-09-05 13:22 - 00000000 ____D () C:\Windows\system32\MRT

2014-09-05 13:20 - 2014-09-05 13:20 - 00000134 _____ () C:\Users\k4evin\Desktop\Internet Explorer Troubleshooting.url

2014-09-05 13:14 - 2010-01-09 00:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll

2014-09-05 13:14 - 2010-01-08 23:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll

2014-09-05 13:13 - 2009-12-29 01:03 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2014-09-05 13:13 - 2009-12-28 23:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2014-09-05 13:08 - 2014-09-05 13:08 - 00000000 ____D () C:\Riot Games

2014-09-05 12:59 - 2014-09-05 16:32 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin

2014-09-05 12:59 - 2014-09-05 15:19 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\uTorrent

2014-09-05 12:59 - 2014-09-05 12:59 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\Foxit Software

2014-09-05 12:58 - 2014-09-05 12:58 - 00000000 ____D () C:\Users\Public\Foxit Software

2014-09-05 12:58 - 2014-09-05 12:58 - 00000000 ____D () C:\Program Files (x86)\Foxit Software

2014-09-05 12:54 - 2014-09-05 12:32 - 00000000 ____D () C:\Windows\Panther

2014-09-05 12:49 - 2014-09-06 08:51 - 00000000 ____D () C:\Users\k4evin\AppData\Local\PMB Files

2014-09-05 12:49 - 2014-09-05 16:48 - 00000000 ____D () C:\ProgramData\PMB Files

2014-09-05 12:49 - 2014-09-05 16:32 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\Riot Games

2014-09-05 12:49 - 2014-09-05 12:49 - 00003592 _____ () C:\Windows\System32\Tasks\{AAA539D9-405E-4179-9253-0027A376D756}

2014-09-05 12:49 - 2014-09-05 12:49 - 00000000 ____D () C:\Program Files (x86)\Pando Networks

2014-09-05 12:47 - 2012-06-02 15:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2014-09-05 12:47 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2014-09-05 12:47 - 2012-06-02 15:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2014-09-05 12:47 - 2012-06-02 15:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2014-09-05 12:47 - 2012-06-02 15:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2014-09-05 12:47 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2014-09-05 12:46 - 2014-09-06 09:51 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-09-05 12:46 - 2014-09-06 09:11 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-09-05 12:46 - 2014-09-05 15:19 - 00000000 ____D () C:\Program Files (x86)\GUMCBE5.tmp

2014-09-05 12:46 - 2014-09-05 15:18 - 00000000 ____D () C:\Program Files (x86)\Google

2014-09-05 12:46 - 2014-09-05 12:50 - 00000000 ____D () C:\Users\k4evin\AppData\Local\Google

2014-09-05 12:46 - 2014-09-05 12:46 - 00057560 _____ () C:\Users\k4evin\AppData\Local\GDIPFONTCACHEV1.DAT

2014-09-05 12:46 - 2014-09-05 12:46 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-09-05 12:46 - 2014-09-05 12:46 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-09-05 12:45 - 2014-09-05 12:46 - 00000000 ____D () C:\Users\k4evin\AppData\Local\Deployment

2014-09-05 12:45 - 2014-09-05 12:45 - 00000000 ____D () C:\Users\k4evin\AppData\Local\Apps\2.0

2014-09-05 12:43 - 2014-09-05 12:43 - 00018652 _____ () C:\Windows\system32\results.xml

2014-09-05 12:42 - 2014-09-06 09:11 - 317523409 _____ () C:\Windows\MEMORY.DMP

2014-09-05 12:42 - 2014-09-06 09:11 - 00000000 ____D () C:\Windows\Minidump

2014-09-05 12:42 - 2014-09-05 12:42 - 00262144 _____ () C:\Windows\Minidump\090514-23634-01.dmp

2014-09-05 12:39 - 2014-09-05 12:39 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\Intel

2014-09-05 12:38 - 2014-09-05 12:38 - 00004216 _____ () C:\Windows\DPINST.LOG

2014-09-05 12:38 - 2014-09-05 12:38 - 00000000 ____D () C:\Program Files (x86)\Intel

2014-09-05 12:37 - 2014-09-05 12:38 - 00000000 ____D () C:\Program Files\Common Files\Intel

2014-09-05 12:37 - 2014-09-05 12:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless

2014-09-05 12:37 - 2014-09-05 12:37 - 00000000 ____D () C:\ProgramData\Intel

2014-09-05 12:37 - 2014-09-05 12:37 - 00000000 ____D () C:\Program Files\Intel

2014-09-05 12:37 - 2014-09-05 12:37 - 00000000 ____D () C:\Program Files (x86)\Cisco

2014-09-05 12:37 - 2014-09-05 12:37 - 00000000 ____D () C:\Intel

2014-09-05 12:36 - 2014-09-05 12:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

2014-09-05 12:32 - 2014-09-05 14:21 - 00000000 ____D () C:\Users\k4evin

2014-09-05 12:32 - 2014-09-05 12:32 - 00001447 _____ () C:\Users\k4evin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-09-05 12:32 - 2014-09-05 12:32 - 00001413 _____ () C:\Users\k4evin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

2014-09-05 12:32 - 2014-09-05 12:32 - 00000020 ___SH () C:\Users\k4evin\ntuser.ini

2014-09-05 12:32 - 2014-09-05 12:32 - 00000000 __SHD () C:\Recovery

2014-09-05 12:32 - 2014-09-05 12:32 - 00000000 ____D () C:\Users\k4evin\AppData\Local\VirtualStore

2014-09-05 12:32 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\k4evin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-09-05 12:32 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\k4evin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-09-05 12:00 - 2014-09-05 12:00 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

2014-09-05 12:00 - 2014-09-05 12:00 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

2014-09-05 11:59 - 2014-09-05 11:59 - 00001313 _____ () C:\Windows\TSSysprep.log

2014-09-05 11:58 - 2014-09-06 09:15 - 00262638 _____ () C:\Windows\WindowsUpdate.log

2014-09-01 01:18 - 2014-09-01 01:18 - 00002086 _____ () C:\Users\k4evin\AppData\Roaming\WPONFCU

2014-09-01 01:18 - 2014-09-01 01:18 - 00001248 _____ () C:\Users\k4evin\AppData\Roaming\CXCC

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-09-06 10:48 - 2014-09-06 10:48 - 02104832 _____ (Farbar) C:\Users\k4evin\Downloads\FRST64.exe

2014-09-06 10:48 - 2014-09-06 10:48 - 01370467 _____ () C:\Users\k4evin\Downloads\AdwCleaner.exe

2014-09-06 10:48 - 2014-09-06 10:48 - 00007575 _____ () C:\Users\k4evin\Downloads\FRST.txt

2014-09-06 10:48 - 2014-09-06 10:48 - 00000000 ____D () C:\FRST

2014-09-06 10:44 - 2009-07-13 21:45 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-09-06 10:44 - 2009-07-13 21:45 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-09-06 09:51 - 2014-09-05 12:46 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-09-06 09:15 - 2014-09-05 11:58 - 00262638 _____ () C:\Windows\WindowsUpdate.log

2014-09-06 09:12 - 2014-09-06 08:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-09-06 09:11 - 2014-09-06 09:11 - 00262144 _____ () C:\Windows\Minidump\090614-24414-01.dmp

2014-09-06 09:11 - 2014-09-05 12:46 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-09-06 09:11 - 2014-09-05 12:42 - 317523409 _____ () C:\Windows\MEMORY.DMP

2014-09-06 09:11 - 2014-09-05 12:42 - 00000000 ____D () C:\Windows\Minidump

2014-09-06 09:11 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-09-06 09:11 - 2009-07-13 21:51 - 00020307 _____ () C:\Windows\setupact.log

2014-09-06 09:10 - 2014-09-06 09:10 - 00262144 _____ () C:\Windows\Minidump\090614-24788-01.dmp

2014-09-06 09:08 - 2014-09-06 09:08 - 00262144 _____ () C:\Windows\Minidump\090614-25630-01.dmp

2014-09-06 09:04 - 2009-07-13 22:13 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-09-06 09:00 - 2014-09-06 09:00 - 00262144 _____ () C:\Windows\Minidump\090614-22370-01.dmp

2014-09-06 08:59 - 2014-09-06 08:58 - 00262144 _____ () C:\Windows\Minidump\090614-27908-01.dmp

2014-09-06 08:51 - 2014-09-05 12:49 - 00000000 ____D () C:\Users\k4evin\AppData\Local\PMB Files

2014-09-06 08:39 - 2014-09-06 08:39 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-09-06 08:39 - 2014-09-06 08:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-09-06 08:39 - 2014-09-06 08:39 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-09-06 08:39 - 2014-09-06 08:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-09-06 08:38 - 2014-09-06 08:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\k4evin\Downloads\mbam-setup-2.0.2.1012 (2).exe

2014-09-06 08:36 - 2014-09-06 08:36 - 00010716 _____ () C:\Windows\PFRO.log

2014-09-06 08:34 - 2014-09-06 08:34 - 00321848 _____ (Malwarebytes Corporation) C:\Users\k4evin\Downloads\mbam-clean-2.1.1.1001.exe

2014-09-06 08:26 - 2014-09-06 08:19 - 00000000 ____D () C:\ProgramData\HitmanPro

2014-09-06 08:25 - 2014-09-06 08:25 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe

2014-09-06 08:25 - 2014-09-06 08:25 - 00011136 _____ () C:\Windows\system32\bootdelete.lst

2014-09-06 08:20 - 2014-09-06 08:20 - 00001897 _____ () C:\Users\Public\Desktop\HitmanPro.lnk

2014-09-06 08:20 - 2014-09-06 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro

2014-09-06 08:20 - 2014-09-06 08:20 - 00000000 ____D () C:\Program Files\HitmanPro

2014-09-06 08:19 - 2014-09-06 08:19 - 11194928 _____ (SurfRight B.V.) C:\Users\k4evin\Downloads\HitmanPro_x64.exe

2014-09-06 08:18 - 2014-09-06 08:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\k4evin\Downloads\mbam-setup-2.0.2.1012 (1).exe

2014-09-06 08:15 - 2014-09-06 08:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\k4evin\Downloads\mbam-setup-2.0.2.1012.exe

2014-09-05 18:06 - 2014-09-05 18:06 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\Macromedia

2014-09-05 18:06 - 2014-09-05 18:06 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\LolClient

2014-09-05 18:06 - 2014-09-05 18:06 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\Adobe

2014-09-05 17:54 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache

2014-09-05 16:48 - 2014-09-05 12:49 - 00000000 ____D () C:\ProgramData\PMB Files

2014-09-05 16:34 - 2014-09-05 16:34 - 00000000 ____D () C:\ProgramData\Riot Games

2014-09-05 16:32 - 2014-09-05 16:32 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk

2014-09-05 16:32 - 2014-09-05 16:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends

2014-09-05 16:32 - 2014-09-05 16:29 - 00000000 __SHD () C:\AI_RecycleBin

2014-09-05 16:32 - 2014-09-05 12:59 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin

2014-09-05 16:32 - 2014-09-05 12:49 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\Riot Games

2014-09-05 16:26 - 2014-09-05 16:26 - 00262144 _____ () C:\Windows\Minidump\090514-39015-01.dmp

2014-09-05 15:28 - 2014-09-05 15:27 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-09-05 15:27 - 2014-09-05 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-09-05 15:19 - 2014-09-05 13:55 - 00000000 ____D () C:\Users\k4evin\AppData\Local\fst_us_243

2014-09-05 15:19 - 2014-09-05 13:55 - 00000000 ____D () C:\Program Files (x86)\fst_us_243

2014-09-05 15:19 - 2014-09-05 13:53 - 00000000 ____D () C:\Program Files (x86)\Appstein

2014-09-05 15:19 - 2014-09-05 13:52 - 00000000 ____D () C:\Program Files (x86)\innoApp

2014-09-05 15:19 - 2014-09-05 13:49 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\TornTV.com

2014-09-05 15:19 - 2014-09-05 13:25 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-09-05 15:19 - 2014-09-05 13:25 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-09-05 15:19 - 2014-09-05 13:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-09-05 15:19 - 2014-09-05 12:59 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\uTorrent

2014-09-05 15:19 - 2014-09-05 12:46 - 00000000 ____D () C:\Program Files (x86)\GUMCBE5.tmp

2014-09-05 15:19 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\security

2014-09-05 15:19 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration

2014-09-05 15:18 - 2014-09-05 12:46 - 00000000 ____D () C:\Program Files (x86)\Google

2014-09-05 14:22 - 2009-07-13 22:08 - 00003598 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-09-05 14:21 - 2014-09-05 12:32 - 00000000 ____D () C:\Users\k4evin

2014-09-05 13:55 - 2014-09-05 13:53 - 01264078 _____ (Foxit Corporation ) C:\Users\k4evin\Downloads\Unconfirmed 109563.crdownload

2014-09-05 13:53 - 2014-09-05 13:53 - 00000000 ____D () C:\Users\k4evin\Downloads\Windows 8.1 with Update (Pro with Media Center) (x64)

2014-09-05 13:53 - 2014-09-05 13:53 - 00000000 ____D () C:\Users\k4evin\AppData\Local\Pay-By-Ads

2014-09-05 13:52 - 2014-09-05 13:52 - 00013612 _____ () C:\Users\k4evin\Downloads\[kickass.to]windows.8.1.with.update.pro.with.media.center.x64.torrent

2014-09-05 13:50 - 2014-09-05 13:50 - 00000000 ____D () C:\Users\k4evin\AppData\Local\globalUpdate

2014-09-05 13:50 - 2014-09-05 13:50 - 00000000 ____D () C:\Program Files (x86)\globalUpdate

2014-09-05 13:25 - 2014-09-05 13:25 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-09-05 13:23 - 2014-09-05 13:23 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

2014-09-05 13:22 - 2014-09-05 13:21 - 00000000 ____D () C:\Windows\system32\MRT

2014-09-05 13:20 - 2014-09-05 13:20 - 00000134 _____ () C:\Users\k4evin\Desktop\Internet Explorer Troubleshooting.url

2014-09-05 13:08 - 2014-09-05 13:08 - 00000000 ____D () C:\Riot Games

2014-09-05 12:59 - 2014-09-05 12:59 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\Foxit Software

2014-09-05 12:58 - 2014-09-05 12:58 - 00000000 ____D () C:\Users\Public\Foxit Software

2014-09-05 12:58 - 2014-09-05 12:58 - 00000000 ____D () C:\Program Files (x86)\Foxit Software

2014-09-05 12:54 - 2009-07-13 22:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG

2014-09-05 12:54 - 2009-07-13 22:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template

2014-09-05 12:50 - 2014-09-05 12:46 - 00000000 ____D () C:\Users\k4evin\AppData\Local\Google

2014-09-05 12:49 - 2014-09-05 12:49 - 00003592 _____ () C:\Windows\System32\Tasks\{AAA539D9-405E-4179-9253-0027A376D756}

2014-09-05 12:49 - 2014-09-05 12:49 - 00000000 ____D () C:\Program Files (x86)\Pando Networks

2014-09-05 12:46 - 2014-09-05 12:46 - 00057560 _____ () C:\Users\k4evin\AppData\Local\GDIPFONTCACHEV1.DAT

2014-09-05 12:46 - 2014-09-05 12:46 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-09-05 12:46 - 2014-09-05 12:46 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-09-05 12:46 - 2014-09-05 12:45 - 00000000 ____D () C:\Users\k4evin\AppData\Local\Deployment

2014-09-05 12:45 - 2014-09-05 12:45 - 00000000 ____D () C:\Users\k4evin\AppData\Local\Apps\2.0

2014-09-05 12:43 - 2014-09-05 12:43 - 00018652 _____ () C:\Windows\system32\results.xml

2014-09-05 12:42 - 2014-09-05 12:42 - 00262144 _____ () C:\Windows\Minidump\090514-23634-01.dmp

2014-09-05 12:39 - 2014-09-05 12:39 - 00000000 ____D () C:\Users\k4evin\AppData\Roaming\Intel

2014-09-05 12:39 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Default

2014-09-05 12:38 - 2014-09-05 12:38 - 00004216 _____ () C:\Windows\DPINST.LOG

2014-09-05 12:38 - 2014-09-05 12:38 - 00000000 ____D () C:\Program Files (x86)\Intel

2014-09-05 12:38 - 2014-09-05 12:37 - 00000000 ____D () C:\Program Files\Common Files\Intel

2014-09-05 12:37 - 2014-09-05 12:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless

2014-09-05 12:37 - 2014-09-05 12:37 - 00000000 ____D () C:\ProgramData\Intel

2014-09-05 12:37 - 2014-09-05 12:37 - 00000000 ____D () C:\Program Files\Intel

2014-09-05 12:37 - 2014-09-05 12:37 - 00000000 ____D () C:\Program Files (x86)\Cisco

2014-09-05 12:37 - 2014-09-05 12:37 - 00000000 ____D () C:\Intel

2014-09-05 12:37 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\system32\restore

2014-09-05 12:36 - 2014-09-05 12:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

2014-09-05 12:32 - 2014-09-05 12:54 - 00000000 ____D () C:\Windows\Panther

2014-09-05 12:32 - 2014-09-05 12:32 - 00001447 _____ () C:\Users\k4evin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-09-05 12:32 - 2014-09-05 12:32 - 00001413 _____ () C:\Users\k4evin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

2014-09-05 12:32 - 2014-09-05 12:32 - 00000020 ___SH () C:\Users\k4evin\ntuser.ini

2014-09-05 12:32 - 2014-09-05 12:32 - 00000000 __SHD () C:\Recovery

2014-09-05 12:32 - 2014-09-05 12:32 - 00000000 ____D () C:\Users\k4evin\AppData\Local\VirtualStore

2014-09-05 12:32 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Recovery

2014-09-05 12:02 - 2009-07-13 21:45 - 00274320 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-09-05 12:00 - 2014-09-05 12:00 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

2014-09-05 12:00 - 2014-09-05 12:00 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

2014-09-05 12:00 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-09-05 12:00 - 2009-07-13 21:46 - 00001774 _____ () C:\Windows\DtcInstall.log

2014-09-05 12:00 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2014-09-05 12:00 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\sysprep

2014-09-05 11:59 - 2014-09-05 11:59 - 00001313 _____ () C:\Windows\TSSysprep.log

2014-09-01 01:18 - 2014-09-01 01:18 - 00002086 _____ () C:\Users\k4evin\AppData\Roaming\WPONFCU

2014-09-01 01:18 - 2014-09-01 01:18 - 00001248 _____ () C:\Users\k4evin\AppData\Roaming\CXCC

2014-08-25 06:53 - 2014-09-05 14:40 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

 

Some content of TEMP:

====================

C:\Users\k4evin\AppData\Local\Temp\swt-win32-3349.dll

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

[kimchi]

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {A891C6F6-BD37-4A51-A9A2-C35E9C84FEB3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-05] (Google Inc.)

Task: {E3DEDB44-E4AA-46CA-8106-1B8DC2A831E1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-05] (Google Inc.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2011-05-02 13:41 - 2011-05-02 13:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

2011-05-02 13:41 - 2011-05-02 13:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll

2011-01-27 08:11 - 2011-01-27 08:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2014-09-05 15:27 - 2014-08-29 19:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll

2014-09-05 15:27 - 2014-08-29 19:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll

2014-09-05 15:27 - 2014-08-29 19:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll

2014-09-05 15:27 - 2014-08-29 19:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll

2014-09-05 15:27 - 2014-08-29 19:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

 

==================== Faulty Device Manager Devices =============

 

Name: SM Bus Controller

Description: SM Bus Controller

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

Name: Standard VGA Graphics Adapter

Description: Standard VGA Graphics Adapter

Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard display types)

Service: vga

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

 

Name: PCI Simple Communications Controller

Description: PCI Simple Communications Controller

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

Name: Ethernet Controller

Description: Ethernet Controller

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

Name: USB2.0-CRW

Description: USB2.0-CRW

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

Name: Universal Serial Bus (USB) Controller

Description: Universal Serial Bus (USB) Controller

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (09/06/2014 09:55:51 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532

Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e

Exception code: 0x40000015

Fault offset: 0x0008d6fd

Faulting process id: 0x7cc

Faulting application start time: 0xmbam.exe0

Faulting application path: mbam.exe1

Faulting module path: mbam.exe2

Report Id: mbam.exe3

 

Error: (09/06/2014 08:41:46 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532

Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e

Exception code: 0x40000015

Fault offset: 0x0008d6fd

Faulting process id: 0xf78

Faulting application start time: 0xmbam.exe0

Faulting application path: mbam.exe1

Faulting module path: mbam.exe2

Report Id: mbam.exe3

 

Error: (09/06/2014 08:41:07 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532

Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e

Exception code: 0x40000015

Fault offset: 0x0008d6fd

Faulting process id: 0x87c

Faulting application start time: 0xmbam.exe0

Faulting application path: mbam.exe1

Faulting module path: mbam.exe2

Report Id: mbam.exe3

 

Error: (09/06/2014 08:40:19 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532

Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e

Exception code: 0x40000015

Fault offset: 0x0008d6fd

Faulting process id: 0xc20

Faulting application start time: 0xmbam.exe0

Faulting application path: mbam.exe1

Faulting module path: mbam.exe2

Report Id: mbam.exe3

 

Error: (09/06/2014 08:39:38 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532

Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e

Exception code: 0x40000015

Fault offset: 0x0008d6fd

Faulting process id: 0xc38

Faulting application start time: 0xmbam.exe0

Faulting application path: mbam.exe1

Faulting module path: mbam.exe2

Report Id: mbam.exe3

 

Error: (09/06/2014 08:36:59 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: svchost.exe_NlaSvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1

Faulting module name: nlasvc.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdfca

Exception code: 0xc0000005

Fault offset: 0x000000000000131d

Faulting process id: 0x2cc

Faulting application start time: 0xsvchost.exe_NlaSvc0

Faulting application path: svchost.exe_NlaSvc1

Faulting module path: svchost.exe_NlaSvc2

Report Id: svchost.exe_NlaSvc3

 

Error: (09/06/2014 08:31:25 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532

Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e

Exception code: 0x40000015

Fault offset: 0x0008d6fd

Faulting process id: 0x10c0

Faulting application start time: 0xmbam.exe0

Faulting application path: mbam.exe1

Faulting module path: mbam.exe2

Report Id: mbam.exe3

 

Error: (09/06/2014 08:29:10 AM) (Source: System Restore) (EventID: 8193) (User: )

Description: Failed to create restore point (Process = C:\Program Files\HitmanPro\HitmanPro.exe Files\HitmanPro\HitmanPro.exe" ; Description = Checkpoint by HitmanPro; Error = 0x80070005).

 

Error: (09/06/2014 08:26:15 AM) (Source: VSS) (EventID: 8193) (User: )

Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000002f4,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,00000000026BEF80.72).  hr = 0x80070005, Access is denied.

.

 

Error: (09/06/2014 08:26:15 AM) (Source: VSS) (EventID: 8193) (User: )

Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000870,(null),0,REG_BINARY,00000000061CE1C0.72).  hr = 0x80070005, Access is denied.

.

 

 

Operation:

   BackupShutdown Event

 

Context:

   Execution Context: Writer

   Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}

   Writer Name: MSSearch Service Writer

   Writer Instance ID: {86c32575-4fd0-4808-8c75-b028d64d5cd5}

 

 

System errors:

=============

Error: (09/06/2014 10:22:29 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)

Description: 0x8000002a171\??\Volume{25e390fb-352e-11e4-9540-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{946B7A35-87CA-421C-9E82-56A60A99D313}

 

Error: (09/06/2014 10:15:49 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)

Description: 0x8000002a171\??\Volume{25e390fb-352e-11e4-9540-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{D4838BB4-C35A-4A6C-88D5-4D532F57C472}

 

Error: (09/06/2014 10:05:46 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)

Description: 0x8000002a171\??\Volume{25e390fb-352e-11e4-9540-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{D9123938-768E-49BA-B65A-1C6AA16FC02D}

 

Error: (09/06/2014 10:05:07 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)

Description: 0x8000002a171\??\Volume{25e390fb-352e-11e4-9540-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{D2DD5C62-F928-4AE8-A6E8-985FA3BECCA8}

 

Error: (09/06/2014 10:04:18 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)

Description: 0x8000002a171\??\Volume{25e390fb-352e-11e4-9540-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{22A50EF5-7A76-4407-97D2-D27C7DA6C515}

 

Error: (09/06/2014 09:16:16 AM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

 

Error: (09/06/2014 09:16:16 AM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

 

Error: (09/06/2014 09:16:13 AM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

 

Error: (09/06/2014 09:16:13 AM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

 

Error: (09/06/2014 09:16:12 AM) (Source: Ntfs) (EventID: 55) (User: )

Description: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

 

 

Microsoft Office Sessions:

=========================

Error: (09/06/2014 09:55:51 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd7cc01cfc9ed49f4f6e2C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dlla825ff11-35e6-11e4-b208-f08508a60bf4

 

Error: (09/06/2014 08:41:46 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdf7801cfc9e904b42ed4C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll4ebabdb9-35dc-11e4-88fd-c37778a9a395

 

Error: (09/06/2014 08:41:07 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd87c01cfc9e8ee531871C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll3731017e-35dc-11e4-88fd-c37778a9a395

 

Error: (09/06/2014 08:40:19 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdc2001cfc9e8cc7e7971C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll1a94ac5f-35dc-11e4-88fd-c37778a9a395

 

Error: (09/06/2014 08:39:38 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdc3801cfc9e8bd6a064dC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll0204edfe-35dc-11e4-88fd-c37778a9a395

 

Error: (09/06/2014 08:36:59 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: svchost.exe_NlaSvc6.1.7600.163854a5bc3c1nlasvc.dll6.1.7600.163854a5bdfcac0000005000000000000131d2cc01cfc9e85ee9b8f8C:\Windows\system32\svchost.exec:\windows\system32\nlasvc.dlla3c8acec-35db-11e4-88fd-78929c2e0040

 

Error: (09/06/2014 08:31:25 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd10c001cfc9e79dc97fb8C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dlldc1f7c1c-35da-11e4-8726-f9004c9e50fb

 

Error: (09/06/2014 08:29:10 AM) (Source: System Restore) (EventID: 8193) (User: )

Description: C:\Program Files\HitmanPro\HitmanPro.exe Files\HitmanPro\HitmanPro.exe" Checkpoint by HitmanPro0x80070005

 

Error: (09/06/2014 08:26:15 AM) (Source: VSS) (EventID: 8193) (User: )

Description: RegSetValueExW(0x000002f4,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,00000000026BEF80.72)0x80070005, Access is denied.

 

Error: (09/06/2014 08:26:15 AM) (Source: VSS) (EventID: 8193) (User: )

Description: RegSetValueExW(0x00000870,(null),0,REG_BINARY,00000000061CE1C0.72)0x80070005, Access is denied.

 

 

Operation:

   BackupShutdown Event

 

Context:

   Execution Context: Writer

   Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}

   Writer Name: MSSearch Service Writer

   Writer Instance ID: {86c32575-4fd0-4808-8c75-b028d64d5cd5}

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core i7-2670QM CPU @ 2.20GHz

Percentage of memory in use: 25%

Total physical RAM: 8102.7 MB

Available physical RAM: 6052.97 MB

Total Pagefile: 16203.54 MB

Available Pagefile: 14093.14 MB

Total Virtual: 8192 MB

Available Virtual: 8191.82 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:596.07 GB) (Free:555.78 GB) NTFS

Drive d: (GRMCHPXFRER_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: EACCCEFF)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

[TwinHeadedEagle]

I think I stated to attach reports not to copy them. Second report isn't complete.

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!