Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Links get hijacked, Trojan, insane amount of pop ups... [Solved]

Started by hank_venture , Jul 25 2013 06:58 PM

This topic is locked

#16
JSntgRvr

Posted 03 August 2013 - 09:31 AM

Global Moderator

Global Moderator
11,579 posts

Post the contents of the C:\Windows\logs\CBS\CBS.log. The file can be opened with Notepad.

#17
hank_venture

Posted 03 August 2013 - 03:11 PM

Member

Topic Starter
Member
19 posts

Hello. So I tried to copy paste the log contents, it crashed Firefox. I opened it in words and it is over 6,000, albeit in word formating. Should I attach the file?

#18
JSntgRvr

Posted 03 August 2013 - 07:18 PM

Global Moderator

Global Moderator
11,579 posts

Yes, you may need to zip it and then upload. If too large try here.

#19
JSntgRvr

Posted 04 August 2013 - 12:23 PM

Global Moderator

Global Moderator
11,579 posts

It is quite a large file. The System File Checker seems to have detected some changes on many of the system's files, but has not found the files in the file store. Some OEM versions have these issues and do not repair the file. Also, is the system an upgrade? That could also affect the ability to repair files. Another possibility is the the files detected are not part or do not respond to the actual Operating System. Lets test the ntdll.dll.

Type the following in the edit box on FRST, after "Search:".

ntdll.dll

It then should look like:

Search: ntdll.dll

Click Search button and post the log (Search.txt) it makes on the USB drive in your next reply.

#20
hank_venture

Posted 05 August 2013 - 10:07 PM

Member

Topic Starter
Member
19 posts

Hello, thanks once again for your excellent help.

Yes, my laptop came with Windows 7 however I received the Windows 8 upgrade from university. Here is the log file you requested.

Farbar Recovery Scan Tool (x64) Version: 05-08-2013
Ran by SYSTEM at 2013-08-05 20:28:47
Running from D:\
Boot Mode: Recovery

================== Search: "ntdll.dll" ===================

C:\Windows\WinSxS\wow64_microsoft-windows-ntdll_31bf3856ad364e35_6.2.9200.20683_none_bc7dd045d37124c9\ntdll.dll
[2013-05-17 21:22] - [2013-04-08 15:33] - 1409408 ____A (Microsoft Corporation) 4212856B53569AC88C2B773EC58E4664

C:\Windows\WinSxS\wow64_microsoft-windows-ntdll_31bf3856ad364e35_6.2.9200.20521_none_bcbcad53d3424d4e\ntdll.dll
[2012-12-16 13:20] - [2012-09-19 22:43] - 1409376 ____A (Microsoft Corporation) EA970EE27D5B80231B7414BDF3E7A191

C:\Windows\WinSxS\wow64_microsoft-windows-ntdll_31bf3856ad364e35_6.2.9200.16579_none_bc050522ba460118\ntdll.dll
[2013-05-17 21:23] - [2013-04-08 15:39] - 1408896 ____A (Microsoft Corporation) FCCEDE04F10EC0B72321333FF928E5AF

C:\Windows\WinSxS\wow64_microsoft-windows-ntdll_31bf3856ad364e35_6.2.9200.16420_none_bc32103eba25942d\ntdll.dll
[2012-12-16 13:20] - [2012-09-19 22:26] - 1409376 ____A (Microsoft Corporation) 0F38E5BAB0E4CEBB57987967F5505CD7

C:\Windows\WinSxS\wow64_microsoft-windows-ntdll_31bf3856ad364e35_6.2.9200.16384_none_bbf52ff8ba52a408\ntdll.dll
[2012-07-25 18:42] - [2012-07-25 19:39] - 1409384 ____A (Microsoft Corporation) A0E0D7C52BB708A075E71C2847750B42

C:\Windows\WinSxS\amd64_microsoft-windows-ntdll_31bf3856ad364e35_6.2.9200.20683_none_b22925f39f1062ce\ntdll.dll
[2013-05-17 21:23] - [2013-07-26 15:38] - 0234785 ____A () B905FF83587F88618AB643A6401E4BD3

C:\Windows\WinSxS\amd64_microsoft-windows-ntdll_31bf3856ad364e35_6.2.9200.20521_none_b26803019ee18b53\ntdll.dll
[2012-12-16 13:21] - [2013-07-26 15:38] - 0235598 ____A () 2E2B885D5475EC21E5373474E073D34A

C:\Windows\WinSxS\amd64_microsoft-windows-ntdll_31bf3856ad364e35_6.2.9200.16579_none_b1b05ad085e53f1d\ntdll.dll
[2013-05-17 21:23] - [2013-04-08 21:17] - 1829408 ____A (Microsoft Corporation) A05BA2FE3B3FFE1920F383E3E321D9A2

C:\Windows\WinSxS\amd64_microsoft-windows-ntdll_31bf3856ad364e35_6.2.9200.16420_none_b1dd65ec85c4d232\ntdll.dll
[2012-12-16 13:21] - [2013-07-26 15:38] - 0235579 ____A () FEE23CCEBD9508F5B0B586F94002B45C

C:\Windows\WinSxS\amd64_microsoft-windows-ntdll_31bf3856ad364e35_6.2.9200.16384_none_b1a085a685f1e20d\ntdll.dll
[2012-07-25 21:26] - [2013-07-26 15:37] - 0236377 ____A () DC463E4AA062DD6A2DBA6423549CFBFC

C:\Windows\SysWOW64\ntdll.dll
[2013-05-17 21:23] - [2013-04-08 15:39] - 1408896 ____A (Microsoft Corporation) FCCEDE04F10EC0B72321333FF928E5AF

C:\Windows\System32\ntdll.dll
[2013-05-17 21:23] - [2013-04-08 21:17] - 1829408 ____A (Microsoft Corporation) A05BA2FE3B3FFE1920F383E3E321D9A2

====== End Of Search ======

#21
JSntgRvr

Posted 06 August 2013 - 09:38 AM

Global Moderator

Global Moderator
11,579 posts

That could be the reason SFC encounters corrupted files. They are in fact not corrupted, but different from those logged prior to the upgrade.

How is the computer doing? Are you still experiencing the redirection and popups?

#22
hank_venture

Posted 06 August 2013 - 09:46 AM

Member

Topic Starter
Member
19 posts

Hello. Yes, the computer experiences roughly the same amount of redirects and popups, embedded ads...the internet toolbars that had installed themselves have been removed.

#23
JSntgRvr

Posted 06 August 2013 - 10:58 AM

Global Moderator

Global Moderator
11,579 posts

Run FRST, check the Addition box and perform anothe scan. Post the contents of the scan and addition.txt.

#24
hank_venture

Posted 06 August 2013 - 10:19 PM

Member

Topic Starter
Member
19 posts

sorry, pasted the wrong log...will the re-scan and post

Edited by hank_venture, 06 August 2013 - 10:25 PM.

#25
JSntgRvr

Posted 07 August 2013 - 12:11 PM

Global Moderator

Global Moderator
11,579 posts

#26
hank_venture

Posted 07 August 2013 - 10:50 PM

Member

Topic Starter
Member
19 posts

not sure why...but running FRST64.exe off the USB from the command prompt will not yield an addition.txt even with the box checked..tried several times.

I ran it off the usb in regular desktop mode and I am posting those logs.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-08-2013
Ran by SYSTEM on 07-08-2013 21:39:06
Running from D:\
Windows 8 Pro (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-21] (IDT, Inc.)
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe [2384896 2009-07-22] ()
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VMM Mode Selection] - C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe [43520 2011-02-14] ()
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [ADSK DLMSession] - C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [684024 2012-10-17] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKU\Jacob\...\Run: [Pokki] - C:\WINDOWS\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\LaunchDeskband.dll",RunLaunchDeskband [x]
HKU\Jacob\...\Run: [Spotify Web Helper] - C:\Users\Jacob\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-02-03] (Spotify Ltd)
HKU\Jacob\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18643048 2013-02-28] (Skype Technologies S.A.)
HKU\Jacob\...\Run: [Akamai NetSession Interface] - C:\Users\Jacob\AppData\Local\Akamai\netsession_win.exe [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKU\Jacob\...\Run: [GoogleChromeAutoLaunch_BE49B27017FD712DF1E70FE7861589BC] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [846288 2013-07-24] (Google Inc.)
HKU\Jacob\...\Run: [ConduitFloatingPlugin_mfchmfgdaabgdjbcaophikcobddojjoe] - "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Conduit\CT3298573\plugins\TBVerifier.dll",RunConduitFloatingPlugin mfchmfgdaabgdjbcaophikcobddojjoe [x]

==================== Services (Whitelisted) =================

S2 AESTFilters; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_0057cbec48a2d7cf\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 InstallFilterService; C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2009-06-23] ()
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 Remote Solver for Flow Simulation 2011; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [110344 2011-07-11] (Mentor Graphics Corporation)
S2 STacSV; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_0057cbec48a2d7cf\STacSV64.exe [244736 2010-01-21] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-28] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
S2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-28] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-28] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-28] ()
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S0 stdflt; C:\Windows\SysWow64\DRIVERS\stdflt.sys [15336 2009-07-23] (ST Microelectronics)
S2 TurboB; C:\Windows\system32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S0 stdflt; system32\DRIVERS\stdflt.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-08-07 20:29 - 2013-08-07 20:29 - 00000000 ____D C:\avast! sandbox
2013-08-06 20:15 - 2013-08-06 22:02 - 1465889464 ____R C:\Users\Jacob\Downloads\Zen of Screaming 2-DVDRip-marchindeed.avi
2013-08-06 20:15 - 2013-08-06 21:34 - 00000000 ____D C:\Users\Jacob\Downloads\Zen Of Screaming
2013-08-05 18:50 - 2013-08-05 18:56 - 00000000 ____D C:\Program Files (x86)\Monkey's Audio
2013-08-05 18:50 - 2013-08-05 18:50 - 01122101 _____ ( ) C:\Users\Jacob\Downloads\MAC_410.exe
2013-08-05 18:50 - 2011-04-16 20:08 - 00446464 _____ (Matthew T. Ashland) C:\Windows\SysWOW64\MACDll.dll
2013-08-04 11:27 - 2013-08-04 11:39 - 00002739 _____ C:\Users\Jacob\Downloads\Search.txt
2013-08-04 11:25 - 2013-08-04 11:25 - 01781485 _____ (Farbar) C:\Users\Jacob\Downloads\FRST64.exe
2013-08-03 23:55 - 2013-08-03 23:55 - 01376768 _____ C:\Users\Jacob\Downloads\7z920-x64.msi
2013-07-31 23:16 - 2013-07-31 23:16 - 01844196 _____ C:\Users\Jacob\Downloads\My recording #76.wav
2013-07-31 22:01 - 2013-07-31 22:01 - 01844196 _____ C:\Users\Jacob\Desktop\My recording #76.wav
2013-07-31 19:16 - 2013-07-31 19:16 - 00002099 _____ C:\Users\Jacob\Desktop\FSS.txt
2013-07-31 19:15 - 2013-07-31 19:15 - 00357145 _____ (Farbar) C:\Users\Jacob\Desktop\FSS.exe
2013-07-31 18:53 - 2013-07-31 18:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-31 18:15 - 2013-07-31 18:16 - 00038284 _____ C:\Users\Jacob\Desktop\FRST.txt
2013-07-31 18:15 - 2013-07-31 18:15 - 00027769 _____ C:\Users\Jacob\Desktop\Addition.txt
2013-07-31 17:47 - 2013-07-31 17:47 - 01781589 _____ (Farbar) C:\Users\Jacob\Desktop\FRST64.exe
2013-07-29 17:53 - 2013-07-29 17:54 - 00001166 _____ C:\AdwCleaner[S6].txt
2013-07-29 16:52 - 2013-07-29 16:53 - 00001105 _____ C:\AdwCleaner[S5].txt
2013-07-29 16:49 - 2013-07-29 16:49 - 00002545 _____ C:\Users\Jacob\Desktop\JRT.txt
2013-07-28 20:44 - 2013-08-05 19:01 - 00000000 ___RD C:\Users\Jacob\Desktop\TAKE THE HILL
2013-07-28 15:48 - 2013-07-28 15:49 - 00001034 _____ C:\AdwCleaner[S4].txt
2013-07-28 12:38 - 2013-07-29 17:17 - 00002322 _____ C:\Users\Jacob\Desktop\Rkill.txt
2013-07-28 12:38 - 2013-07-28 12:38 - 00000000 ____D C:\Users\Jacob\Desktop\rkill
2013-07-27 21:37 - 2013-07-27 21:38 - 00000975 _____ C:\AdwCleaner[S3].txt
2013-07-27 21:26 - 2013-07-27 21:26 - 00000000 ____D C:\Windows\ERUNT
2013-07-27 20:55 - 2013-08-04 00:02 - 00000000 ____D C:\Users\Jacob\Desktop\geekstogo
2013-07-27 20:51 - 2013-07-27 20:52 - 00001038 _____ C:\AdwCleaner[S2].txt
2013-07-26 21:12 - 2004-08-19 23:00 - 49109804 _____ C:\Users\Jacob\Desktop\GHOST.WAV
2013-07-26 20:18 - 2013-06-01 03:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2013-07-26 20:18 - 2013-06-01 03:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2013-07-26 20:18 - 2013-06-01 03:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-26 20:18 - 2013-06-01 03:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-07-26 20:18 - 2013-06-01 03:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2013-07-26 20:18 - 2013-06-01 03:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-07-26 20:18 - 2013-06-01 03:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-07-26 20:18 - 2013-06-01 03:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2013-07-26 20:18 - 2013-06-01 02:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-26 20:18 - 2013-06-01 01:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-26 20:18 - 2013-06-01 01:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-26 20:18 - 2013-06-01 01:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-26 20:18 - 2013-06-01 01:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-26 20:18 - 2013-06-01 01:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-26 20:18 - 2013-06-01 01:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-26 20:18 - 2013-06-01 01:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\System32\vds.exe
2013-07-26 20:18 - 2013-06-01 01:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-07-26 20:18 - 2013-06-01 01:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-07-26 20:18 - 2013-06-01 01:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2013-07-26 20:18 - 2013-06-01 01:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\System32\MbaeParserTask.exe
2013-07-26 20:18 - 2013-06-01 01:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2013-07-26 20:18 - 2013-06-01 01:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\System32\samlib.dll
2013-07-26 20:18 - 2013-06-01 01:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2013-07-26 20:18 - 2013-06-01 01:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2013-07-26 20:18 - 2013-06-01 01:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2013-07-26 20:18 - 2013-06-01 01:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\System32\mscms.dll
2013-07-26 20:18 - 2013-06-01 01:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2013-07-26 20:18 - 2013-06-01 01:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\System32\DeviceSetupManager.dll
2013-07-26 20:18 - 2013-05-31 19:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2013-07-26 20:18 - 2013-05-24 14:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-07-26 20:18 - 2013-05-24 14:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-07-26 20:18 - 2013-05-24 14:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-07-26 20:18 - 2013-05-24 14:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-07-26 20:18 - 2013-05-19 16:08 - 00386642 _____ C:\Windows\System32\ApnDatabase.xml
2013-07-26 20:17 - 2013-06-16 14:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2013-07-26 20:03 - 2013-07-26 20:03 - 00000489 _____ C:\Users\Jacob\Desktop\aswMBR.txt
2013-07-26 19:56 - 2013-07-26 19:58 - 04745728 _____ (AVAST Software) C:\Users\Jacob\Downloads\aswMBR.exe
2013-07-26 19:51 - 2013-07-26 19:53 - 00000000 ____D C:\Windows\System32\appmgmt
2013-07-25 20:49 - 2013-07-25 20:49 - 00000000 ____D C:\FRST
2013-07-25 16:35 - 2013-07-25 16:35 - 03416108 _____ C:\Users\Jacob\Downloads\A Fight Song.wav
2013-07-21 20:15 - 2013-07-21 20:16 - 05251116 _____ C:\Users\Jacob\Downloads\20130721_135835.wav
2013-07-21 20:14 - 2013-07-21 20:14 - 00852012 _____ C:\Users\Jacob\Downloads\20130721_185336.wav
2013-07-21 20:13 - 2013-07-21 20:13 - 02981932 _____ C:\Users\Jacob\Downloads\20130514_203736.wav
2013-07-20 20:57 - 2013-07-20 20:58 - 00000000 ____D C:\Users\Jacob\Downloads\Troy Stetina - Speed Mechanics for Lead guitar
2013-07-20 10:13 - 2013-07-20 10:13 - 00602112 _____ (OldTimer Tools) C:\Users\Jacob\Downloads\OTL (1).exe
2013-07-17 18:24 - 2013-07-17 18:25 - 08273964 _____ C:\Users\Jacob\Downloads\Strike the Ground P1.wav
2013-07-16 21:37 - 2013-07-16 21:37 - 06807596 _____ C:\Users\Jacob\Downloads\Song2.wav
2013-07-16 20:48 - 2013-07-16 20:49 - 08560684 _____ C:\Users\Jacob\Downloads\Song1.wav
2013-07-14 17:05 - 2013-07-14 17:06 - 00262144 _____ C:\Windows\Minidump\071413-76328-01.dmp
2013-07-14 17:05 - 2013-07-14 17:05 - 00520416 _____ C:\Windows\System32\FNTCACHE.DAT
2013-07-13 22:58 - 2013-05-30 15:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-07-13 22:56 - 2013-06-01 01:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-13 22:56 - 2013-06-01 01:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2013-07-13 22:56 - 2013-04-11 14:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-13 22:56 - 2013-04-11 14:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-07-13 22:55 - 2013-06-11 15:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-13 22:55 - 2013-06-11 15:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-13 22:55 - 2013-06-11 15:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-13 22:55 - 2013-06-11 15:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-13 22:55 - 2013-06-11 15:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-13 22:55 - 2013-06-11 15:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-13 22:55 - 2013-06-11 15:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-13 22:55 - 2013-06-11 15:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-13 22:55 - 2013-06-11 15:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-13 22:55 - 2013-06-11 15:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-13 22:55 - 2013-06-11 15:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-13 22:55 - 2013-06-11 15:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-13 22:55 - 2013-06-11 15:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-13 22:55 - 2013-06-11 15:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-13 22:55 - 2013-06-11 15:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-13 22:55 - 2013-06-11 15:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-13 22:55 - 2013-06-11 15:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-13 22:54 - 2013-05-03 22:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-07-13 22:54 - 2013-05-03 20:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-13 20:13 - 2013-07-13 20:13 - 00602112 _____ (OldTimer Tools) C:\Users\Jacob\Downloads\OTL.exe
2013-07-10 17:48 - 2013-07-10 17:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-10 17:48 - 2013-07-10 17:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-09 20:15 - 2013-07-09 20:15 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-09 20:15 - 2013-07-09 20:15 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
116

==================== One Month Modified Files and Folders =======

2013-08-07 20:35 - 2012-12-16 01:44 - 00000000 ____D C:\Users\Jacob\AppData\Local\Pokki
2013-08-07 20:29 - 2013-08-07 20:29 - 00000000 ____D C:\avast! sandbox
2013-08-07 20:27 - 2013-01-27 18:05 - 00000564 _____ C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job
2013-08-07 20:26 - 2013-06-15 19:16 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-07 20:25 - 2013-01-01 21:26 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-07 20:25 - 2012-07-25 23:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-07 20:15 - 2012-12-16 01:24 - 00000000 ____D C:\Program Files\PeerBlock
2013-08-07 20:15 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\sru
2013-08-06 22:48 - 2013-01-01 21:26 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-06 22:25 - 2012-12-16 03:00 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-06 22:14 - 2013-06-01 09:39 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\vlc
2013-08-06 22:03 - 2012-12-16 00:59 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\uTorrent
2013-08-06 22:02 - 2013-08-06 20:15 - 1465889464 ____R C:\Users\Jacob\Downloads\Zen of Screaming 2-DVDRip-marchindeed.avi
2013-08-06 22:02 - 2013-06-07 19:21 - 00000282 _____ C:\Windows\Tasks\TopArcadeHits.job
2013-08-06 21:34 - 2013-08-06 20:15 - 00000000 ____D C:\Users\Jacob\Downloads\Zen Of Screaming
2013-08-05 21:37 - 2013-03-31 18:25 - 01308769 _____ C:\Windows\WindowsUpdate.log
2013-08-05 19:25 - 2012-07-25 21:26 - 00262144 ___SH C:\Windows\System32\config\BBI
2013-08-05 19:03 - 2012-07-25 23:28 - 00848230 _____ C:\Windows\System32\PerfStringBackup.INI
2013-08-05 19:01 - 2013-07-28 20:44 - 00000000 ___RD C:\Users\Jacob\Desktop\TAKE THE HILL
2013-08-05 19:00 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-05 18:56 - 2013-08-05 18:50 - 00000000 ____D C:\Program Files (x86)\Monkey's Audio
2013-08-05 18:50 - 2013-08-05 18:50 - 01122101 _____ ( ) C:\Users\Jacob\Downloads\MAC_410.exe
2013-08-04 11:39 - 2013-08-04 11:27 - 00002739 _____ C:\Users\Jacob\Downloads\Search.txt
2013-08-04 11:25 - 2013-08-04 11:25 - 01781485 _____ (Farbar) C:\Users\Jacob\Downloads\FRST64.exe
2013-08-04 00:02 - 2013-07-27 20:55 - 00000000 ____D C:\Users\Jacob\Desktop\geekstogo
2013-08-03 23:57 - 2013-01-10 16:50 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-08-03 23:55 - 2013-08-03 23:55 - 01376768 _____ C:\Users\Jacob\Downloads\7z920-x64.msi
2013-08-03 12:51 - 2012-12-16 01:57 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-03 08:06 - 2012-12-16 03:55 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\TakeOwnershipEx
2013-08-02 21:15 - 2012-12-16 00:22 - 00419840 ___SH C:\Users\Jacob\Desktop\Thumbs.db
2013-08-02 21:15 - 2012-09-09 16:24 - 00063488 ___SH C:\Users\Jacob\Downloads\Thumbs.db
2013-08-01 16:52 - 2013-01-01 21:26 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-31 23:16 - 2013-07-31 23:16 - 01844196 _____ C:\Users\Jacob\Downloads\My recording #76.wav
2013-07-31 22:01 - 2013-07-31 22:01 - 01844196 _____ C:\Users\Jacob\Desktop\My recording #76.wav
2013-07-31 20:51 - 2012-12-16 01:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-31 19:16 - 2013-07-31 19:16 - 00002099 _____ C:\Users\Jacob\Desktop\FSS.txt
2013-07-31 19:15 - 2013-07-31 19:15 - 00357145 _____ (Farbar) C:\Users\Jacob\Desktop\FSS.exe
2013-07-31 18:53 - 2013-07-31 18:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-31 18:16 - 2013-07-31 18:15 - 00038284 _____ C:\Users\Jacob\Desktop\FRST.txt
2013-07-31 18:15 - 2013-07-31 18:15 - 00027769 _____ C:\Users\Jacob\Desktop\Addition.txt
2013-07-31 17:47 - 2013-07-31 17:47 - 01781589 _____ (Farbar) C:\Users\Jacob\Desktop\FRST64.exe
2013-07-29 17:54 - 2013-07-29 17:53 - 00001166 _____ C:\AdwCleaner[S6].txt
2013-07-29 17:17 - 2013-07-28 12:38 - 00002322 _____ C:\Users\Jacob\Desktop\Rkill.txt
2013-07-29 17:10 - 2012-12-16 00:03 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2234159068-2688919450-3802922479-1000
2013-07-29 16:53 - 2013-07-29 16:52 - 00001105 _____ C:\AdwCleaner[S5].txt
2013-07-29 16:49 - 2013-07-29 16:49 - 00002545 _____ C:\Users\Jacob\Desktop\JRT.txt
2013-07-28 15:49 - 2013-07-28 15:48 - 00001034 _____ C:\AdwCleaner[S4].txt
2013-07-28 12:38 - 2013-07-28 12:38 - 00000000 ____D C:\Users\Jacob\Desktop\rkill
2013-07-27 22:40 - 2012-12-16 01:37 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\R-Wipe&Clean
2013-07-27 21:38 - 2013-07-27 21:37 - 00000975 _____ C:\AdwCleaner[S3].txt
2013-07-27 21:26 - 2013-07-27 21:26 - 00000000 ____D C:\Windows\ERUNT
2013-07-27 21:18 - 2012-12-15 23:39 - 00041734 _____ C:\Windows\PFRO.log
2013-07-27 20:52 - 2013-07-27 20:51 - 00001038 _____ C:\AdwCleaner[S2].txt
2013-07-26 23:13 - 2013-04-13 17:25 - 00001314 _____ C:\Users\Jacob\Desktop\Inland Empire (2006) - Shortcut.lnk
2013-07-26 20:03 - 2013-07-26 20:03 - 00000489 _____ C:\Users\Jacob\Desktop\aswMBR.txt
2013-07-26 19:58 - 2013-07-26 19:56 - 04745728 _____ (AVAST Software) C:\Users\Jacob\Downloads\aswMBR.exe
2013-07-26 19:57 - 2011-05-28 22:11 - 00000000 ___RD C:\Users\Jacob\Virtual Machines
2013-07-26 19:53 - 2013-07-26 19:51 - 00000000 ____D C:\Windows\System32\appmgmt
2013-07-26 19:52 - 2013-05-12 11:08 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\BSplayer
2013-07-26 19:52 - 2013-05-12 11:08 - 00000000 ____D C:\Program Files (x86)\Webteh
2013-07-26 19:44 - 2013-01-26 19:07 - 00000000 ____D C:\ProgramData\MFAData
2013-07-26 19:42 - 2012-07-26 00:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-07-25 20:49 - 2013-07-25 20:49 - 00000000 ____D C:\FRST
2013-07-25 20:48 - 2010-09-02 12:02 - 00000000 __SHD C:\Recovery
2013-07-25 16:35 - 2013-07-25 16:35 - 03416108 _____ C:\Users\Jacob\Downloads\A Fight Song.wav
2013-07-21 21:43 - 2013-04-13 11:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-21 20:16 - 2013-07-21 20:15 - 05251116 _____ C:\Users\Jacob\Downloads\20130721_135835.wav
2013-07-21 20:14 - 2013-07-21 20:14 - 00852012 _____ C:\Users\Jacob\Downloads\20130721_185336.wav
2013-07-21 20:13 - 2013-07-21 20:13 - 02981932 _____ C:\Users\Jacob\Downloads\20130514_203736.wav
2013-07-20 20:58 - 2013-07-20 20:57 - 00000000 ____D C:\Users\Jacob\Downloads\Troy Stetina - Speed Mechanics for Lead guitar
2013-07-20 10:13 - 2013-07-20 10:13 - 00602112 _____ (OldTimer Tools) C:\Users\Jacob\Downloads\OTL (1).exe
2013-07-19 21:09 - 2012-07-25 21:26 - 00262144 ___SH C:\Windows\System32\config\ELAM
2013-07-17 18:25 - 2013-07-17 18:24 - 08273964 _____ C:\Users\Jacob\Downloads\Strike the Ground P1.wav
2013-07-16 21:37 - 2013-07-16 21:37 - 06807596 _____ C:\Users\Jacob\Downloads\Song2.wav
2013-07-16 20:49 - 2013-07-16 20:48 - 08560684 _____ C:\Users\Jacob\Downloads\Song1.wav
2013-07-14 17:06 - 2013-07-14 17:05 - 00262144 _____ C:\Windows\Minidump\071413-76328-01.dmp
2013-07-14 17:05 - 2013-07-14 17:05 - 00520416 _____ C:\Windows\System32\FNTCACHE.DAT
2013-07-14 17:05 - 2013-07-01 17:18 - 00000000 ____D C:\Windows\Minidump
2013-07-14 17:05 - 2013-07-01 17:17 - 564690292 _____ C:\Windows\MEMORY.DMP
2013-07-14 12:13 - 2012-07-25 23:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-14 12:13 - 2012-07-25 21:38 - 00000000 ____D C:\Windows\System32\oobe
2013-07-13 20:13 - 2013-07-13 20:13 - 00602112 _____ (OldTimer Tools) C:\Users\Jacob\Downloads\OTL.exe
2013-07-12 19:43 - 2013-01-01 21:26 - 00003886 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-12 19:43 - 2013-01-01 21:26 - 00003650 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-10 21:19 - 2012-07-25 21:37 - 00000000 ____D C:\Windows\servicing
2013-07-10 17:54 - 2012-12-16 03:22 - 78185248 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-07-10 17:53 - 2012-12-16 11:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 17:48 - 2013-07-10 17:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-10 17:48 - 2013-07-10 17:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-09 20:15 - 2013-07-09 20:15 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-09 20:15 - 2013-07-09 20:15 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-09 20:08 - 2012-07-26 00:12 - 00000000 ____D C:\Program Files\Common Files\System
2013-07-09 20:08 - 2012-07-25 21:26 - 00000167 _____ C:\Windows\win.ini

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-07-26 19:41:15
Restore point made on: 2013-08-03 23:57:33

==================== Memory info ===========================

Percentage of memory in use: 18%
Total physical RAM: 3892.52 MB
Available physical RAM: 3188.18 MB
Total Pagefile: 3892.52 MB
Available Pagefile: 3195.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:52.89 GB) NTFS (Disk=0 Partition=2)
Drive d: () (Removable) (Total:14.9 GB) (Free:13.54 GB) FAT32 (Disk=1 Partition=1)
Drive f: (MetalEdge 9-07) (CDROM) (Total:0.49 GB) (Free:0 GB) CDFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 72284663)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)

LastRegBack: 2013-07-31 00:00

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2013
Ran by Jacob at 2013-08-07 21:34:12
Running from E:\
Boot Mode: Normal
==========================================================

==================== Installed Programs =======================

µTorrent (x32 Version: 3.2.3.28705)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
7-Zip 9.22beta (x32)
Accelerometer (x32 Version: 1.06.08.17)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader XI (11.0.03) (x32 Version: 11.0.03)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638)
Akamai NetSession Interface (HKCU)
AutoCAD MEP 2013 Language Pack - English (Version: 7.0.50.0)
Autodesk Content Service (x32 Version: 3.0.84.0)
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82)
Autodesk Download Manager (x32 Version: 2.0.6.0)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206)
Autodesk Material Library 2013 (x32 Version: 3.0.13)
Autodesk Material Library Base Resolution Image Library 2013 (x32 Version: 3.0.13)
Autodesk Sync (Version: 3.5.24.0)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
Bullzip PDF Printer 9.5.0.1579 (Version: 9.5.0.1579)
Canon IJ Network Scanner Selector EX (x32)
Canon IJ Network Tool (x32 Version: 3.1.1)
Canon MG3100 series MP Drivers
Canon MG3100 series On-screen Manual (x32)
Canon MP Navigator EX 5.0 (x32)
Canon Quick Menu (x32 Version: 2.1.0)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.01065)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.01065)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dell System Detect (HKCU Version: 3.3.2.1)
getsav-in (x32 Version: 1.1368387917)
Google Chrome (x32 Version: 28.0.1500.95)
Google Drive (x32 Version: 1.10.4769.632)
Google Update Helper (x32 Version: 1.3.21.153)
IDT Audio (x32 Version: 1.0.6267.0)
Intel® Turbo Boost Technology Monitor (Version: 1.0.186.6)
Java 7 Update 21 (x32 Version: 7.0.210)
Java Auto Updater (x32 Version: 2.1.9.5)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MATLAB R2012b (Version: 8.0)
Microsoft Office 2003 Web Components (x32 Version: 12.0.6213.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (Version: 8.0.52572)
Microsoft Visual Studio 2005 Tools for Applications - ENU (x32 Version: 8.0.50727.146)
Microsoft Visual Studio 2005 Tools for Applications - ENU (x32)
Monkey's Audio (x32)
Mozilla Firefox 22.0 (x86 en-US) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MPC-HC 1.6.7.7114 (9eb64ec) (x32 Version: 1.6.7.7114)
oCAD MEP 2013 - English (Version: 7.0.50.0)
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
Pokki (HKCU Version: 0.263.13.319)
Pokki Download Helper (HKCU Version: 1.3.1.282)
R-Wipe&Clean 9.8 (x32)
Secure Download Manager (x32 Version: 3.1.0)
Skype Click to Call (x32 Version: 6.10.13089)
Skype™ 6.3 (x32 Version: 6.3.105)
SolidWorks 2011 x64 Edition SP05 (Version: 19.150.91)
SolidWorks 2011 x64 Edition SP05 (x32 Version: 19.5.0.91)
SolidWorks eDrawings 2011 x64 Edition SP05 (Version: 11.5.111)
SolidWorks Flow Simulation 2011 SP05 x64 Edition (Version: 19.50.92)
Spotify (HKCU Version: 0.8.5.1333.g822e0de8)
TakeOwnershipEx (x32 Version: 1.2.0.1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Updater By SweetPacks 2.0.0.586 (Version: 2.0.0.586)
VIO Player version 1.0.1 (x32 Version: 1.0.1)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.6 (x32 Version: 2.0.6)
WAV To MP3 Converter version 1.0 r1 (x32 Version: 1.0 r1)
Windows 7 Codec Pack 4.0.6 (x32 Version: 4.0.6)
WModem Driver Installer (x32 Version: 2.0.6.13)

==================== Restore Points =========================

27-07-2013 03:40:36 Removed AVG 2013
04-08-2013 07:56:53 Installed 7-Zip 9.20 (x64 edition)

==================== Hosts content: ==========================

2012-07-25 22:26 - 2012-07-25 22:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-25] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {1442481C-EE64-40D7-97CE-4CB42ED1EE1F} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2234159068-2688919450-3802922479-1000
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {360EC3E3-F2EB-404E-9EBD-251F6EF52084} - System32\Tasks\MATLAB R2012b Startup Accelerator => C:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe [2012-07-20] ()
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {491B4BCC-39A6-49C4-B411-D62377D6CDBB} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync
Task: {4A4AEA56-A18A-4A1E-B3AC-1E7B1139DD1B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-25] (Microsoft Corporation)
Task: {698A3C79-018A-4D9F-AE56-C79748C530BA} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {6A40AE5A-8526-4528-8C46-93B14508A0CC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\WINDOWS\system32\sc.exe [2012-07-25] (Microsoft Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-19] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {7F946EF2-334B-444E-A015-3BDDD1956036} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11] (Adobe Systems Incorporated)
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {92D81485-8C00-4063-B8C8-1168F8C60DEB} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {9823366E-A2FC-4B74-8B62-47A3AC88E747} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-01] (Google Inc.)
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A050D47B-FC50-4C8A-83AC-B596C7151081} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {A551438B-D725-4414-80AE-DBCC115E6583} - System32\Tasks\TopArcadeHits => C:\Users\Jacob\AppData\Local\TopArcadeHits\updater.exe No File
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {A91A6B2C-CC3D-4DB8-B1B4-9A4156435503} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-01] (Google Inc.)
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {AFAD0A85-71A8-4C81-9218-EA1CD51DE937} - System32\Tasks\Shutdown => C:\Windows\System32\shutdown.exe [2012-07-25] (Microsoft Corporation)
Task: {B0D2C0D6-D89A-41B6-A238-8BF418D91922} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1776531-15E3-449C-A47C-1EC1738C6F94} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-19] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MATLAB R2012b Startup Accelerator.job => C:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe
Task: C:\WINDOWS\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
Task: C:\WINDOWS\Tasks\TopArcadeHits.job => C:\Users\Jacob\AppData\Local\TopArcadeHits\updater.exe

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ST Micro Accelerometer
Description: ST Micro Accelerometer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: ST Microelectronics
Service: Acceler
Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48)
Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (08/05/2013 08:04:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Jacob-PC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/03/2013 02:02:39 PM) (Source: Application Hang) (User: )
Description: The program WINWORD.EXE version 14.0.6129.5000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 126c

Start Time: 01ce908c9740e9dd

Termination Time: 9

Application Path: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

Report Id: 01669187-fc80-11e2-bf20-b8ac6f6c93ca

Faulting package full name:

Faulting package-relative application ID:

Error: (08/03/2013 02:01:04 PM) (Source: Application Hang) (User: )
Description: The program WINWORD.EXE version 14.0.6129.5000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1388

Start Time: 01ce908c346bd728

Termination Time: 8

Application Path: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

Report Id: c5f99c5c-fc7f-11e2-bf20-b8ac6f6c93ca

Faulting package full name:

Faulting package-relative application ID:

Error: (08/03/2013 01:48:11 PM) (Source: COM) (User: NT AUTHORITY)
Description: C:\Program Files (x86)\Google\Update\GoogleUpdate.exeUnavailableUnavailableS-1-5-18UnavailableUnavailable

Error: (08/03/2013 01:40:18 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 22.0.0.4917 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 14b0

Start Time: 01ce90633e38a741

Termination Time: 180

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: e2b4914f-fc7c-11e2-bf1f-b8ac6f6c93ca

Faulting package full name:

Faulting package-relative application ID:

Error: (08/02/2013 02:07:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Jacob-PC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/01/2013 05:35:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Jacob-PC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/29/2013 07:04:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: aswMBR.exe, version: 0.9.9.1771, time stamp: 0x5147644e
Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e
Exception code: 0xc0000005
Fault offset: 0x00051f81
Faulting process id: 0x10fc
Faulting application start time: 0xaswMBR.exe0
Faulting application path: aswMBR.exe1
Faulting module path: aswMBR.exe2
Report Id: aswMBR.exe3
Faulting package full name: aswMBR.exe4
Faulting package-relative application ID: aswMBR.exe5

Error: (07/29/2013 05:25:53 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.2.9200.16628, time stamp: 0x51a94434
Faulting module name: twinui.dll, version: 6.2.9200.16604, time stamp: 0x5184a60b
Exception code: 0xc0000005
Fault offset: 0x00000000000a812a
Faulting process id: 0x7bc
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5

Error: (07/28/2013 10:43:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: aswMBR.exe, version: 0.9.9.1771, time stamp: 0x5147644e
Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e
Exception code: 0xc0000005
Fault offset: 0x00051f81
Faulting process id: 0xcf4
Faulting application start time: 0xaswMBR.exe0
Faulting application path: aswMBR.exe1
Faulting module path: aswMBR.exe2
Report Id: aswMBR.exe3
Faulting package full name: aswMBR.exe4
Faulting package-relative application ID: aswMBR.exe5

System errors:
=============
Error: (08/07/2013 09:24:45 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\System32\drivers\Acceler.sys

Error: (08/07/2013 09:24:38 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (08/07/2013 09:15:07 PM) (Source: DCOM) (User: Jacob-PC)
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}

Error: (08/06/2013 05:44:43 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\System32\drivers\Acceler.sys

Error: (08/06/2013 05:44:37 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (08/06/2013 05:30:28 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\System32\drivers\Acceler.sys

Error: (08/06/2013 05:30:25 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (08/06/2013 05:22:28 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\System32\drivers\Acceler.sys

Error: (08/06/2013 05:22:24 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (08/05/2013 08:56:55 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\System32\drivers\Acceler.sys

Microsoft Office Sessions:
=========================
Error: (08/05/2013 08:04:03 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Jacob-PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147023174

Error: (08/03/2013 02:02:39 PM) (Source: Application Hang)(User: )
Description: WINWORD.EXE14.0.6129.5000126c01ce908c9740e9dd9C:\Program Files\Microsoft Office\Office14\WINWORD.EXE01669187-fc80-11e2-bf20-b8ac6f6c93ca

Error: (08/03/2013 02:01:04 PM) (Source: Application Hang)(User: )
Description: WINWORD.EXE14.0.6129.5000138801ce908c346bd7288C:\Program Files\Microsoft Office\Office14\WINWORD.EXEc5f99c5c-fc7f-11e2-bf20-b8ac6f6c93ca

Error: (08/03/2013 01:48:11 PM) (Source: COM)(User: NT AUTHORITY)
Description: C:\Program Files (x86)\Google\Update\GoogleUpdate.exeUnavailableUnavailableS-1-5-18UnavailableUnavailable

Error: (08/03/2013 01:40:18 PM) (Source: Application Hang)(User: )
Description: firefox.exe22.0.0.491714b001ce90633e38a741180C:\Program Files (x86)\Mozilla Firefox\firefox.exee2b4914f-fc7c-11e2-bf1f-b8ac6f6c93ca

Error: (08/02/2013 02:07:39 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Jacob-PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147023174

Error: (08/01/2013 05:35:47 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Jacob-PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147023174

Error: (07/29/2013 07:04:35 PM) (Source: Application Error)(User: )
Description: aswMBR.exe0.9.9.17715147644entdll.dll6.2.9200.16578515fac6ec000000500051f8110fc01ce8cc8fbda4512C:\Users\Jacob\Downloads\aswMBR.exeC:\WINDOWS\SYSTEM32\ntdll.dll618c6493-f8bc-11e2-bf1a-b8ac6f6c93ca

Error: (07/29/2013 05:25:53 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.2.9200.1662851a94434twinui.dll6.2.9200.166045184a60bc000000500000000000a812a7bc01ce8cbb4839e4f2C:\WINDOWS\Explorer.EXEC:\Windows\System32\twinui.dll97aba14a-f8ae-11e2-bf18-b8ac6f6c93ca

Error: (07/28/2013 10:43:10 PM) (Source: Application Error)(User: )
Description: aswMBR.exe0.9.9.17715147644entdll.dll6.2.9200.16578515fac6ec000000500051f81cf401ce8c1e5af4f2deC:\Users\Jacob\Downloads\aswMBR.exeC:\WINDOWS\SYSTEM32\ntdll.dllc01bb104-f811-11e2-bf17-b8ac6f6c93ca

==================== Memory info ===========================

Percentage of memory in use: 39%
Total physical RAM: 3892.52 MB
Available physical RAM: 2365.02 MB
Total Pagefile: 7860.52 MB
Available Pagefile: 6348.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:52.89 GB) NTFS (Disk=0 Partition=2)
Drive d: (MetalEdge 9-07) (CDROM) (Total:0.49 GB) (Free:0 GB) CDFS
Drive e: () (Removable) (Total:14.9 GB) (Free:13.54 GB) FAT32 (Disk=1 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 72284663)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)

==================== End Of Log ============================

#27
hank_venture

Posted 07 August 2013 - 10:51 PM

Member

Topic Starter
Member
19 posts

#28
JSntgRvr

Posted 08 August 2013 - 10:42 AM

Global Moderator

Global Moderator
11,579 posts

When ran in the Recovery environment no addition.txt is produced.

Go to here
Click the download button under Kaspersky Security Scan
Download and run the file
It will start to download the Kaspersky Security Scan program data
Once downloaded the installer will begin
Click Next
Accept the License Agreement
Click Install
The program will now install
Click Finish
Kaspersky Security Scan will now start
Click the Full Scan button
The scan will take about an hour or two depending on the amount of data on your hard drive
If the scan detects problems it will open a Problems found window
Click Details to generate a scan results report
Once the scan is complete do the following:
- For XP: Navigate to C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot
  For Vista/7: Navigate to C:\ProgramData\Kaspersky Lab\KSS2\DataRoot
- Right-click on the HtmlReport folder --> Click Send to --> Click Compressed (zipped) folder
- Attach the HtmlReport zipped folder to your next post
You can now close Kaspersky Security Scan