Malwarebytes Anti-Malware
www.malwarebytes.org
Update, 7/22/2014 5:38:11 PM, SYSTEM, KOOSK-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.7.17.1,
Update, 7/22/2014 5:38:13 PM, SYSTEM, KOOSK-PC, Manual, Malware Database, 2014.3.4.9, 2014.7.22.11,
Update, 7/22/2014 5:51:23 PM, SYSTEM, KOOSK-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.7.17.1,
Update, 7/22/2014 5:51:25 PM, SYSTEM, KOOSK-PC, Manual, Malware Database, 2014.3.4.9, 2014.7.22.11,
Update, 7/22/2014 6:02:26 PM, SYSTEM, KOOSK-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.7.17.1,
Update, 7/22/2014 6:02:28 PM, SYSTEM, KOOSK-PC, Manual, Malware Database, 2014.3.4.9, 2014.7.22.11,
Update, 7/22/2014 6:08:26 PM, SYSTEM, KOOSK-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.7.17.1,
Update, 7/22/2014 6:08:28 PM, SYSTEM, KOOSK-PC, Manual, Malware Database, 2014.3.4.9, 2014.7.22.11,
Update, 7/22/2014 6:25:09 PM, SYSTEM, KOOSK-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.7.17.1,
Update, 7/22/2014 6:25:11 PM, SYSTEM, KOOSK-PC, Manual, Malware Database, 2014.3.4.9, 2014.7.22.11,
Update, 7/22/2014 6:26:11 PM, SYSTEM, KOOSK-PC, Manual, Rootkit Database, 0.0.0.0, 2014.7.17.1,
Update, 7/22/2014 6:26:12 PM, SYSTEM, KOOSK-PC, Manual, Remediation Database, 0.0.0.0, 2013.10.16.1,
Update, 7/22/2014 6:26:13 PM, SYSTEM, KOOSK-PC, Manual, Malware Database, 0.0.0.0, 2014.7.22.11,
Update, 7/22/2014 6:26:23 PM, SYSTEM, KOOSK-PC, Manual, Remediation Database, 0.0.0.0, 2013.10.16.1,
Update, 7/22/2014 6:26:24 PM, SYSTEM, KOOSK-PC, Manual, Rootkit Database, 0.0.0.0, 2014.7.17.1,
Update, 7/22/2014 6:26:24 PM, SYSTEM, KOOSK-PC, Manual, Malware Database, 0.0.0.0, 2014.7.22.11,
Update, 7/22/2014 7:30:53 PM, SYSTEM, KOOSK-PC, Manual, Rootkit Database, 0.0.0.0, 2014.7.17.1,
Update, 7/22/2014 7:30:56 PM, SYSTEM, KOOSK-PC, Manual, Malware Database, 0.0.0.0, 2014.7.22.11,
Update, 7/22/2014 7:30:57 PM, SYSTEM, KOOSK-PC, Manual, Remediation Database, 0.0.0.0, 2013.10.16.1,
(end)
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-07-2014
Ran by koosk (administrator) on KOOSK-PC on 23-07-2014 00:55:03
Running from C:\Users\koosk\Downloads
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Safe Mode (minimal)
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Mal (the data entry has 24 more characters).
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1128992775-539344384-568557328-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1128992775-539344384-568557328-1001\...\MountPoints2: {18150d24-aa4e-11df-ae92-806e6f6e6963} - D:\autorun/CDExtra.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @ptc.com/ProductViewLite - C:\Program Files\Common Files\PTC\np6_pvapplite9.dll (PTC)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
========================== Services (Whitelisted) =================
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation)
S2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC) [File not signed]
S2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
==================== Drivers (Whitelisted) ====================
R0 amacpi; C:\Windows\System32\DRIVERS\null.sys [4608 2009-07-13] (Microsoft Corporation)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-07-22] (Malwarebytes Corporation)
S2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-28] (Riverbed Technology, Inc.)
S0 bgqwlcbv; System32\drivers\thsqyxql.sys [X]
S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
S3 TfNetMon; No ImagePath
S0 TfSysMon; system32\drivers\TfSysMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-23 00:55 - 2014-07-23 00:55 - 00005204 _____ () C:\Users\koosk\Downloads\FRST.txt
2014-07-23 00:53 - 2014-07-23 00:53 - 00151288 _____ () C:\Windows\Minidump\072314-31325-01.dmp
2014-07-23 00:47 - 2014-07-23 00:47 - 00151096 _____ () C:\Windows\Minidump\072314-45770-01.dmp
2014-07-22 20:01 - 2014-07-22 20:02 - 00000000 ____D () C:\Users\koosk\Desktop\ad_fix_jrt200713
2014-07-22 19:58 - 2014-07-22 19:59 - 00150856 _____ () C:\Windows\Minidump\072214-38407-01.dmp
2014-07-22 18:54 - 2014-07-22 18:54 - 00151992 _____ () C:\Windows\Minidump\072214-20576-01.dmp
2014-07-22 18:52 - 2014-07-22 18:52 - 00006768 ____N () C:\bootsqm.dat
2014-07-22 18:01 - 2014-07-22 18:23 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-22 18:01 - 2014-07-22 17:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\koosk\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-22 17:51 - 2014-07-22 19:31 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 17:50 - 2014-07-22 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 17:50 - 2014-07-22 18:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-22 17:50 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-22 17:50 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-22 17:50 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-22 17:35 - 2014-07-22 17:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\koosk\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-22 17:20 - 2014-07-22 17:20 - 00151704 _____ () C:\Windows\Minidump\072214-16567-01.dmp
2014-07-22 06:29 - 2014-07-22 06:29 - 00131072 _____ () C:\Windows\Minidump\072214-17846-01.dmp
2014-07-21 23:03 - 2014-07-21 23:03 - 00000000 ____D () C:\Windows\rescache
2014-07-21 21:49 - 2014-07-21 21:49 - 01016261 _____ (Thisisu) C:\Users\koosk\Downloads\JRT.exe
2014-07-21 21:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-07-21 21:40 - 2014-07-21 21:44 - 00000000 ____D () C:\AdwCleaner
2014-07-21 21:40 - 2014-07-21 21:40 - 01354223 _____ () C:\Users\koosk\Downloads\AdwCleaner.exe
2014-07-21 18:06 - 2014-07-21 18:06 - 00151096 _____ () C:\Windows\Minidump\072114-23431-01.dmp
2014-07-20 15:45 - 2014-06-20 14:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-20 15:45 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-20 15:45 - 2014-06-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-20 15:45 - 2014-06-18 18:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-20 15:45 - 2014-06-18 18:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-20 15:45 - 2014-06-18 18:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-20 15:45 - 2014-06-18 18:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-20 15:45 - 2014-06-18 18:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-20 15:45 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-20 15:45 - 2014-06-18 18:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-20 15:45 - 2014-06-18 18:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-20 15:45 - 2014-06-18 18:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-20 15:45 - 2014-06-18 18:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-20 15:45 - 2014-06-18 18:23 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-20 15:45 - 2014-06-18 18:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-20 15:45 - 2014-06-18 18:16 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-20 15:45 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-20 15:45 - 2014-06-18 18:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-20 15:45 - 2014-06-18 18:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-20 15:45 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-20 15:45 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-20 15:45 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-20 15:45 - 2014-06-18 17:52 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-20 15:45 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-20 15:45 - 2014-06-18 17:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-20 15:45 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-20 15:45 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-20 15:45 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-20 15:45 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-20 15:45 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-20 12:57 - 2014-07-20 12:57 - 01080320 _____ (Farbar) C:\Users\koosk\Downloads\FRST.exe
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\Users\koosk\Downloads\FRST-OlderVersion
2014-07-19 21:42 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-19 21:42 - 2014-06-17 19:52 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-19 21:37 - 2014-07-19 21:37 - 00000000 ____D () C:\Windows\CheckSur
2014-07-19 20:43 - 2014-07-19 21:01 - 00025396 _____ () C:\Users\koosk\Downloads\Addition.txt
2014-07-19 20:25 - 2014-07-23 00:55 - 00000000 ____D () C:\FRST
2014-07-18 19:28 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-18 19:27 - 2014-05-30 01:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-18 19:23 - 2014-06-29 20:40 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-18 19:23 - 2014-06-29 20:36 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-18 19:23 - 2014-05-30 02:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-18 19:23 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-18 19:23 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-18 19:23 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-18 19:23 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-18 19:23 - 2014-05-30 02:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-18 19:23 - 2014-05-30 02:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-18 19:21 - 2014-06-05 09:26 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-18 17:06 - 2014-07-18 17:06 - 00151496 _____ () C:\Windows\Minidump\071814-19624-01.dmp
2014-07-18 07:46 - 2014-07-18 07:46 - 00151096 _____ () C:\Windows\Minidump\071814-26161-01.dmp
2014-07-18 06:58 - 2014-07-18 06:58 - 00152736 _____ () C:\Windows\Minidump\071814-27658-01.dmp
2014-07-17 19:10 - 2014-07-17 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-17 19:09 - 2014-07-17 19:10 - 00000000 ____D () C:\Program Files\iPod
2014-07-17 19:09 - 2014-07-17 19:09 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-07-17 19:00 - 2014-07-17 19:00 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-17 18:39 - 2014-07-17 18:39 - 00140096 _____ () C:\Windows\Minidump\071714-21606-01.dmp
2014-07-17 18:37 - 2014-07-17 18:38 - 00152056 _____ () C:\Windows\Minidump\071714-30139-01.dmp
2014-07-17 17:16 - 2014-07-17 17:16 - 04755832 _____ (AVG Technologies) C:\Users\koosk\Downloads\avg_free_stb_all_2014_4744_cnet.exe
2014-07-17 16:55 - 2014-07-23 00:52 - 183050326 _____ () C:\Windows\MEMORY.DMP
2014-07-17 16:55 - 2014-07-17 16:55 - 00151096 _____ () C:\Windows\Minidump\071714-33384-01.dmp
2014-07-15 20:24 - 2014-07-17 18:52 - 00000000 __SHD () C:\found.003
2014-07-15 19:13 - 2014-07-17 18:52 - 00000000 __SHD () C:\found.002
2014-07-15 06:04 - 2014-07-15 06:04 - 00000000 __SHD () C:\found.001
2014-07-15 04:37 - 2014-07-15 05:15 - 00000000 __SHD () C:\found.000
2014-07-09 08:57 - 2014-07-09 09:57 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-06-27 17:38 - 2014-06-27 17:38 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-27 17:36 - 2014-07-17 19:10 - 00000000 ____D () C:\Program Files\iTunes
==================== One Month Modified Files and Folders =======
2014-07-23 00:55 - 2014-07-23 00:55 - 00005204 _____ () C:\Users\koosk\Downloads\FRST.txt
2014-07-23 00:55 - 2014-07-19 20:25 - 00000000 ____D () C:\FRST
2014-07-23 00:53 - 2014-07-23 00:53 - 00151288 _____ () C:\Windows\Minidump\072314-31325-01.dmp
2014-07-23 00:53 - 2011-06-18 10:44 - 00000000 ____D () C:\Windows\Minidump
2014-07-23 00:52 - 2014-07-17 16:55 - 183050326 _____ () C:\Windows\MEMORY.DMP
2014-07-23 00:48 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-23 00:47 - 2014-07-23 00:47 - 00151096 _____ () C:\Windows\Minidump\072314-45770-01.dmp
2014-07-23 00:47 - 2013-08-23 03:13 - 00005956 _____ () C:\Windows\setupact.log
2014-07-23 00:47 - 2011-02-12 11:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-22 20:02 - 2014-07-22 20:01 - 00000000 ____D () C:\Users\koosk\Desktop\ad_fix_jrt200713
2014-07-22 19:59 - 2014-07-22 19:58 - 00150856 _____ () C:\Windows\Minidump\072214-38407-01.dmp
2014-07-22 19:58 - 2010-08-25 14:51 - 00389574 _____ () C:\Windows\PFRO.log
2014-07-22 19:55 - 2010-08-17 17:26 - 01532326 _____ () C:\Windows\WindowsUpdate.log
2014-07-22 19:54 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\Resources
2014-07-22 19:33 - 2009-07-13 23:34 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-22 19:33 - 2009-07-13 23:34 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-22 19:31 - 2014-07-22 17:51 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 18:54 - 2014-07-22 18:54 - 00151992 _____ () C:\Windows\Minidump\072214-20576-01.dmp
2014-07-22 18:52 - 2014-07-22 18:52 - 00006768 ____N () C:\bootsqm.dat
2014-07-22 18:23 - 2014-07-22 18:01 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-22 18:23 - 2014-07-22 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 18:23 - 2014-07-22 17:50 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-22 17:57 - 2012-04-02 18:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-22 17:51 - 2014-07-22 18:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\koosk\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-22 17:51 - 2014-07-22 17:35 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\koosk\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-22 17:36 - 2010-10-16 15:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-22 17:20 - 2014-07-22 17:20 - 00151704 _____ () C:\Windows\Minidump\072214-16567-01.dmp
2014-07-22 06:29 - 2014-07-22 06:29 - 00131072 _____ () C:\Windows\Minidump\072214-17846-01.dmp
2014-07-22 02:35 - 2009-07-13 23:53 - 00032654 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-21 23:03 - 2014-07-21 23:03 - 00000000 ____D () C:\Windows\rescache
2014-07-21 21:49 - 2014-07-21 21:49 - 01016261 _____ (Thisisu) C:\Users\koosk\Downloads\JRT.exe
2014-07-21 21:44 - 2014-07-21 21:40 - 00000000 ____D () C:\AdwCleaner
2014-07-21 21:40 - 2014-07-21 21:40 - 01354223 _____ () C:\Users\koosk\Downloads\AdwCleaner.exe
2014-07-21 18:06 - 2014-07-21 18:06 - 00151096 _____ () C:\Windows\Minidump\072114-23431-01.dmp
2014-07-20 17:44 - 2010-08-17 13:43 - 00000000 ____D () C:\Users\koosk
2014-07-20 17:39 - 2010-08-17 13:52 - 00797890 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-20 12:57 - 2014-07-20 12:57 - 01080320 _____ (Farbar) C:\Users\koosk\Downloads\FRST.exe
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\Users\koosk\Downloads\FRST-OlderVersion
2014-07-20 12:39 - 2009-07-13 23:33 - 00377824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-19 21:37 - 2014-07-19 21:37 - 00000000 ____D () C:\Windows\CheckSur
2014-07-19 21:01 - 2014-07-19 20:43 - 00025396 _____ () C:\Users\koosk\Downloads\Addition.txt
2014-07-19 03:21 - 2014-05-06 03:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-19 03:21 - 2009-07-14 02:49 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-18 22:41 - 2011-12-23 00:50 - 00000000 ____D () C:\Bovada
2014-07-18 17:06 - 2014-07-18 17:06 - 00151496 _____ () C:\Windows\Minidump\071814-19624-01.dmp
2014-07-18 07:46 - 2014-07-18 07:46 - 00151096 _____ () C:\Windows\Minidump\071814-26161-01.dmp
2014-07-18 06:58 - 2014-07-18 06:58 - 00152736 _____ () C:\Windows\Minidump\071814-27658-01.dmp
2014-07-17 19:10 - 2014-07-17 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-17 19:10 - 2014-07-17 19:09 - 00000000 ____D () C:\Program Files\iPod
2014-07-17 19:10 - 2014-06-27 17:36 - 00000000 ____D () C:\Program Files\iTunes
2014-07-17 19:09 - 2014-07-17 19:09 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-07-17 19:09 - 2010-08-17 16:02 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-17 19:00 - 2014-07-17 19:00 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-17 18:52 - 2014-07-15 20:24 - 00000000 __SHD () C:\found.003
2014-07-17 18:52 - 2014-07-15 19:13 - 00000000 __SHD () C:\found.002
2014-07-17 18:52 - 2011-03-23 19:11 - 00000000 ____D () C:\Program Files\Steam
2014-07-17 18:46 - 2011-03-23 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-17 18:39 - 2014-07-17 18:39 - 00140096 _____ () C:\Windows\Minidump\071714-21606-01.dmp
2014-07-17 18:38 - 2014-07-17 18:37 - 00152056 _____ () C:\Windows\Minidump\071714-30139-01.dmp
2014-07-17 17:16 - 2014-07-17 17:16 - 04755832 _____ (AVG Technologies) C:\Users\koosk\Downloads\avg_free_stb_all_2014_4744_cnet.exe
2014-07-17 16:55 - 2014-07-17 16:55 - 00151096 _____ () C:\Windows\Minidump\071714-33384-01.dmp
2014-07-16 20:10 - 2010-08-19 14:35 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-07-16 20:06 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-07-16 19:54 - 2010-12-18 23:25 - 00000000 ____D () C:\Users\koosk\AppData\Local\Western_Digital
2014-07-16 19:54 - 2009-07-13 21:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-07-16 19:53 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\registration
2014-07-15 06:04 - 2014-07-15 06:04 - 00000000 __SHD () C:\found.001
2014-07-15 05:15 - 2014-07-15 04:37 - 00000000 __SHD () C:\found.000
2014-07-10 03:06 - 2013-08-08 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 09:57 - 2014-07-09 08:57 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-07-09 09:57 - 2012-04-02 18:06 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 09:57 - 2011-06-04 21:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-29 20:40 - 2014-07-18 19:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-29 20:36 - 2014-07-18 19:23 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-27 17:38 - 2014-06-27 17:38 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
Some content of TEMP:
====================
C:\Users\koosk\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-18 08:24
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:20-07-2014
Ran by koosk at 2014-07-23 00:56:09
Running from C:\Users\koosk\Downloads
Boot Mode: Safe Mode (minimal)
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.0.3.13070 - Adobe Systems Inc.)
Adobe AIR (Version: 2.0.3.13070 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader 9.5.4 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.4 - Adobe Systems Incorporated)
AML Free Registry Cleaner 4.7 (HKLM\...\{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1) (Version: - AML SOFT, Inc.)
Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BovadaPoker (HKLM\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E5}}_is1) (Version: - )
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{0718A90E-93AA-49AF-A4FE-0165ACD91DF0}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 13 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)
Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (Version: 8.0.50727.146 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver (Version: 275.33 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.70 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Control Panel 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Pro/ENGINEER Student Edition Release Wildfire 5.0 Datecode M040 (HKLM\...\Pro/ENGINEER Student Edition Release Wildfire 5.0 Datecode M040) (Version: Wildfire 5.0 - PTC)
Pro/ENGINEER Thumbnail Viewer 1.0 (HKLM\...\{D58D1297-B2FA-4C6F-B6D4-E1819368ED2E}) (Version: 28.10.100 - PTC)
ProductView Express 9.1 (HKLM\...\{EDEFC3A2-350F-45F1-AC8E-2B3A2D352235}) (Version: 9.1.40.14 - PTC)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
WD SmartWare (HKLM\...\{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}) (Version: 1.2.0.8 - Western Digital)
==================== Restore Points =========================
10-07-2014 08:00:29 Windows Update
16-07-2014 00:42:14 Windows Update
16-07-2014 01:01:57 Removed Steam
17-07-2014 00:33:06 Restore Operation
17-07-2014 23:46:14 Removed Steam
18-07-2014 00:00:13 AA11
18-07-2014 22:15:10 Restore Operation
19-07-2014 00:27:30 Windows Update
19-07-2014 08:00:31 Windows Update
20-07-2014 02:35:55 Windows Update
20-07-2014 12:55:47 Windows Update
21-07-2014 08:00:57 Windows Update
==================== Hosts content: ==========================
2009-07-13 21:04 - 2009-06-10 16:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {047C8A40-BDE8-47DE-B0CF-683A00074A43} - \TidyNetwork Update No Task File <==== ATTENTION
Task: {5AFF75CA-C372-4CA6-803F-790C13BBE756} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {64D6C05B-2971-47E9-A9D9-2DB123374EFF} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F7A4D761-1310-43C2-B52C-2CF27EFF3E59} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^koosk^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk => C:\Windows\pss\ERUNT AutoBackup.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AppleSyncNotifier =>
MSCONFIG\startupreg: InstallMon =>
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
==================== Faulty Device Manager Devices =============
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/22/2014 07:16:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79505
Faulting module name: DUI70.dll, version: 6.1.7600.16385, time stamp: 0x4a5bda05
Exception code: 0xc0000005
Fault offset: 0x00038630
Faulting process id: 0xf20
Faulting application start time: 0xLogonUI.exe0
Faulting application path: LogonUI.exe1
Faulting module path: LogonUI.exe2
Report Id: LogonUI.exe3
Error: (07/22/2014 07:15:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79505
Faulting module name: DUI70.dll, version: 6.1.7600.16385, time stamp: 0x4a5bda05
Exception code: 0xc0000005
Fault offset: 0x00038630
Faulting process id: 0xebc
Faulting application start time: 0xLogonUI.exe0
Faulting application path: LogonUI.exe1
Faulting module path: LogonUI.exe2
Report Id: LogonUI.exe3
Error: (07/22/2014 07:15:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79505
Faulting module name: DUI70.dll, version: 6.1.7600.16385, time stamp: 0x4a5bda05
Exception code: 0xc0000005
Fault offset: 0x00038630
Faulting process id: 0xe34
Faulting application start time: 0xLogonUI.exe0
Faulting application path: LogonUI.exe1
Faulting module path: LogonUI.exe2
Report Id: LogonUI.exe3
Error: (07/22/2014 07:14:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79505
Faulting module name: DUI70.dll, version: 6.1.7600.16385, time stamp: 0x4a5bda05
Exception code: 0xc0000005
Fault offset: 0x00038630
Faulting process id: 0xdc8
Faulting application start time: 0xLogonUI.exe0
Faulting application path: LogonUI.exe1
Faulting module path: LogonUI.exe2
Report Id: LogonUI.exe3
Error: (07/22/2014 07:14:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79505
Faulting module name: DUI70.dll, version: 6.1.7600.16385, time stamp: 0x4a5bda05
Exception code: 0xc0000005
Fault offset: 0x00038630
Faulting process id: 0xd4c
Faulting application start time: 0xLogonUI.exe0
Faulting application path: LogonUI.exe1
Faulting module path: LogonUI.exe2
Report Id: LogonUI.exe3
Error: (07/22/2014 07:13:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79505
Faulting module name: DUI70.dll, version: 6.1.7600.16385, time stamp: 0x4a5bda05
Exception code: 0xc0000005
Fault offset: 0x00038630
Faulting process id: 0xd00
Faulting application start time: 0xLogonUI.exe0
Faulting application path: LogonUI.exe1
Faulting module path: LogonUI.exe2
Report Id: LogonUI.exe3
Error: (07/22/2014 07:13:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79505
Faulting module name: DUI70.dll, version: 6.1.7600.16385, time stamp: 0x4a5bda05
Exception code: 0xc0000005
Fault offset: 0x00038630
Faulting process id: 0xc4c
Faulting application start time: 0xLogonUI.exe0
Faulting application path: LogonUI.exe1
Faulting module path: LogonUI.exe2
Report Id: LogonUI.exe3
Error: (07/22/2014 07:12:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79505
Faulting module name: DUI70.dll, version: 6.1.7600.16385, time stamp: 0x4a5bda05
Exception code: 0xc0000005
Fault offset: 0x00038630
Faulting process id: 0xbf4
Faulting application start time: 0xLogonUI.exe0
Faulting application path: LogonUI.exe1
Faulting module path: LogonUI.exe2
Report Id: LogonUI.exe3
Error: (07/22/2014 07:12:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79505
Faulting module name: DUI70.dll, version: 6.1.7600.16385, time stamp: 0x4a5bda05
Exception code: 0xc0000005
Fault offset: 0x00038630
Faulting process id: 0x8f8
Faulting application start time: 0xLogonUI.exe0
Faulting application path: LogonUI.exe1
Faulting module path: LogonUI.exe2
Report Id: LogonUI.exe3
Error: (07/22/2014 07:11:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79505
Faulting module name: DUI70.dll, version: 6.1.7600.16385, time stamp: 0x4a5bda05
Exception code: 0xc0000005
Fault offset: 0x00038630
Faulting process id: 0x86c
Faulting application start time: 0xLogonUI.exe0
Faulting application path: LogonUI.exe1
Faulting module path: LogonUI.exe2
Report Id: LogonUI.exe3
System errors:
=============
Error: (07/23/2014 00:53:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (07/23/2014 00:53:58 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}
Error: (07/23/2014 00:53:58 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
Error: (07/23/2014 00:53:49 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (07/23/2014 00:53:49 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (07/23/2014 00:53:49 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (07/23/2014 00:53:49 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (07/23/2014 00:53:49 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (07/23/2014 00:53:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (07/23/2014 00:53:47 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-07-16 19:34:35.131
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 19:34:34.819
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 19:34:34.601
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 19:34:34.148
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 19:34:33.290
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 19:33:58.767
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 19:30:44.141
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 19:30:43.923
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 19:30:43.705
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 19:30:43.486
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 43%
Total physical RAM: 1022.05 MB
Available physical RAM: 575.04 MB
Total Pagefile: 5117.05 MB
Available Pagefile: 4663.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1931.28 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:149.04 GB) (Free:26.06 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (SEAN_KINGSTON) (CDROM) (Total:0.45 GB) (Free:0 GB) CDFS
Drive i: (STORE N GO) (Removable) (Total:7.46 GB) (Free:7.45 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 5D6A7BAF)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================