Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help, got a malware problem. popups, redirects.. lots of bad stuff


  • This topic is locked This topic is locked
25 replies to this topic

#1 scuzzo

scuzzo

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 16 May 2014 - 03:11 PM

i think i got a taste of a bad download.. something from a video player site.. has sunk it hooks in to my system and now it redirects me to a site and ask me to down load a bogus version of java.. i have an add blocker on firefox and it shows adsdelivery1 being blocked.. i have been to this bleeping computer .com a few times over the years and it has helped greatly.. but it cant keep this monkey from hitting the wrong key once in a while... and here we are again.... and now the bios warning signal is poping off so.... i think there is somthing about to really run south on this machine.... please assist... help... willing to run all the testing procedures... but i cannot remember what they are or their order.... and perhaps things have changed since my last attack of cyber crud.... bit lost here need assistance.. again! help! ;(

BC AdBot (Login to Remove)

 


#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:15 AM

Posted 16 May 2014 - 03:21 PM

Hello and Welcome on board scuzzo :welcome:,

my Name is Machiavelli and I will assist you with your problem.
If you booted into safe mode on your computer then print my instructions!
I'm in the 'Malware Staff Team' and will provide you with advice:

To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.

Below are a few tips:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
 

Let's do a FRST Scan.

Please download FRST (by Farbar) from the link below and save it to your Desktop.
 

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 scuzzo

scuzzo
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 16 May 2014 - 05:54 PM

Ctrl+C and Ctrl+V is not working i can do a cut and past but the format is horrid... i will put this up there but its un readable.. Additional scan result of Farbar Recovery Scan Tool (x86) Version:15-05-2014 Ran by Christopher L Karr at 2014-05-16 17:36:00 Running from C:\Users\Christopher L Karr\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.) 7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - ) Acoustica Effects Pack (HKLM\...\Acoustica Effects Pack) (Version: 3.0 - Acoustica, Inc) Acoustica Mixcraft 5 (HKLM\...\Acoustica Mixcraft 5) (Version: - Acoustica) Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated) Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) AOL Uninstaller (Choose which Products to Remove) (HKLM\...\AOL Uninstaller) (Version: - AOL Inc.) Apple Application Support (HKLM\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bonjour (HKLM\...\{2A981294-F14C-4F0F-9627-D793270922F8}) (Version: 2.0.4.0 - Apple Inc.) Chrome Remote Desktop Host (HKLM\...\{7027908B-573C-4C77-84D4-C488679BCD6F}) (Version: 35.0.1916.52 - Google Inc.) Cisco Connect (HKLM\...\Cisco Connect) (Version: 1.4.11245.0 - Cisco Consumer Products LLC) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd) ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - ) Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.) Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden Hard Disk Sentinel (HKLM\...\Hard Disk Sentinel_is1) (Version: - HDS) IK Multimedia Authorization Manager version 1.0.8 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.8 - IK Multimedia) Kaspersky Security Scan (HKLM\...\InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}) (Version: 12.0.1.340 - Kaspersky Lab) Kaspersky Security Scan (Version: 12.0.1.340 - Kaspersky Lab) Hidden Line 6 Uninstaller (HKLM\...\Line 6 Uninstaller) (Version: - Line 6) Logitech Unifying Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech) Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL Inc.) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) Mozilla Firefox 28.0 (x86 en-US) (HKLM\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) MySQL Installer (HKLM\...\{15286120-DA10-4005-881C-EF9AAFFF586A}) (Version: 1.3.6.0 - Oracle Corporation) MySQL Server 5.6 (HKLM\...\{75DD19E9-BB93-4B9F-9077-FFA73306FC1B}) (Version: 5.6.17 - Oracle Corporation) Native Instruments Controller Editor (HKLM\...\Native Instruments Controller Editor) (Version: - Native Instruments) Native Instruments Controller Editor (Version: 1.5.1.1124 - Native Instruments) Hidden Native Instruments Guitar Rig 5 (HKLM\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments) Native Instruments Guitar Rig 5 (Version: 5.1.1.2673 - Native Instruments) Hidden Native Instruments Guitar Rig Mobile I/O (HKLM\...\Native Instruments Guitar Rig Mobile I/O) (Version: - Native Instruments) Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625 - Native Instruments) Hidden Native Instruments Guitar Rig Session I/O (HKLM\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments) Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625 - Native Instruments) Hidden Native Instruments Rig Kontrol 3 (HKLM\...\Native Instruments Rig Kontrol 3) (Version: - Native Instruments) Native Instruments Rig Kontrol 3 (Version: 3.0.0.625 - Native Instruments) Hidden Native Instruments Service Center (HKLM\...\Native Instruments Service Center) (Version: - Native Instruments) Native Instruments Service Center (Version: 2.3.2.926 - Native Instruments) Hidden NVIDIA 3D Vision Controller Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation) NVIDIA Control Panel 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - ) NVIDIA GeForce Experience 1.5.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5.1 - NVIDIA Corporation) NVIDIA Graphics Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.125.816 - NVIDIA Corporation) Hidden NVIDIA PhysX (Version: 9.13.0604 - NVIDIA Corporation) Hidden NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA Update 6.4.23 (Version: 6.4.23 - NVIDIA Corporation) Hidden NVIDIA Update Components (Version: 6.4.23 - NVIDIA Corporation) Hidden OpenOffice 4.0.0 (HKLM\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation) Opera Stable 21.0.1432.67 (HKLM\...\Opera 21.0.1432.67) (Version: 21.0.1432.67 - Opera Software ASA) PlayOn (HKLM\...\{0D18E5BD-EC13-41B3-B311-A74E4656174F}) (Version: 3.8.0 - MediaMall Technologies, Inc.) Plex (HKCU\...\Plex) (Version: 0.9.504 - Plex, Inc) Plex Media Server (HKLM\...\{e9921c42-812d-4b39-9c02-612724349e82}) (Version: 0.9.907 - Plex, Inc.) Plex Media Server (Version: 0.9.907 - Plex, Inc.) Hidden PS3 Media Server (HKLM\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server) PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden QuickTime (HKLM\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.) Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) SixaxisPairTool 0.2.5 (HKLM\...\SixaxisPairTool_is1) (Version: 0.2.5 - Dancing Pixel Studios) Splashtop Software Updater (HKLM\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.) Splashtop Streamer (HKLM\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.5.5.4 - Splashtop Inc.) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com) System Update kb77600 (HKLM\...\{79BB0733-58A2-486C-AA02-F9BAB929EFF8}) (Version: 1.0.0 - MSR) Universal Adb Driver (HKLM\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation) Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.2.0.0 - Azureus Software, Inc.) WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Restore Points ========================= 02-04-2014 21:02:25 Windows Update 03-04-2014 08:00:10 Windows Update 06-04-2014 14:06:02 Windows Update 10-04-2014 08:00:13 Windows Update 11-04-2014 19:54:29 Revo Uninstaller's restore point - Caramava 11-04-2014 20:00:36 Revo Uninstaller's restore point - McAfee Security Scan Plus 11-04-2014 20:02:18 Revo Uninstaller's restore point - Yahoo! Toolbar 13-04-2014 13:20:15 Windows Update 15-04-2014 15:27:41 Revo Uninstaller's restore point - The Extractor 15-04-2014 15:32:27 Revo Uninstaller's restore point - Viewpoint Media Player 17-04-2014 16:52:18 Windows Update 22-04-2014 01:23:59 Windows Update 26-04-2014 01:22:19 Windows Update 28-04-2014 20:07:38 Installed MySQL Installer 28-04-2014 22:24:29 Installed MySQL Installer 28-04-2014 22:45:00 Installed MySQL Installer 28-04-2014 22:53:56 Installed MySQL Installer 28-04-2014 23:07:58 Installed MySQL Installer 28-04-2014 23:08:59 Installed MySQL Installer 30-04-2014 01:22:34 Windows Update 02-05-2014 08:00:11 Windows Update 05-05-2014 13:15:54 Windows Update 09-05-2014 12:25:11 Device Driver Package Install: Google, Inc. Android Device 09-05-2014 13:16:46 Windows Update 09-05-2014 13:28:52 Installed Akamai NetSession Interface 13-05-2014 13:15:13 Windows Update 14-05-2014 08:00:12 Windows Update ==================== Hosts content: ========================== 2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {1B8820D6-E87A-43BE-B6B0-F85A02FEA1AE} - System32\Tasks\TopArcadeHits => C:\Users\Christopher L Karr\AppData\Local\TopArcadeHits\updater.exe Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {25797ED0-4DBF-44B4-A875-516075AC97D5} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-18] (Microsoft Corporation) Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation) Task: {4C12C22E-694F-4DE9-8E90-AB14DC936902} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-06] (Google Inc.) Task: {641192D9-8381-4A6C-9077-35A0F2809A7E} - System32\Tasks\FF Watcher {920CD43E-4CAA-4514-8994-72C34151B9FE} => C:\Program Files\V-bates\PrefHelper.exe Task: {80E43DBC-E768-4EE9-B44B-891FEA2C6560} - System32\Tasks\FF Watcher {5D09139E-4EDA-4100-88D0-BC2C5F7AE3B0} => C:\Program Files\V-bates\PrefHelper.exe Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries Task: {A845D690-657E-412E-B474-BCF482B35068} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Christopher_20L_20Karr => C:\Program Files\Hard Disk Sentinel\HDSentinel.exe [2013-07-11] (H.D.S. Hungary) Task: {B0445914-F6CF-4A28-BCCF-B462B91FF668} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) Task: {BE90D456-B752-49D2-B714-5385073B2918} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {CA69C6A4-F860-4334-8E36-2EF301EA9096} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated) Task: {D2E29D2A-3171-4551-A8D3-D294020271FF} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {D67D8556-5B3A-4B41-A955-4165E2199E23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-06] (Google Inc.) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2013-07-22] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FF Watcher {5D09139E-4EDA-4100-88D0-BC2C5F7AE3B0}.job => C:\Program Files\V-bates\PrefHelper.exe Task: C:\Windows\Tasks\FF Watcher {920CD43E-4CAA-4514-8994-72C34151B9FE}.job => C:\Program Files\V-bates\PrefHelper.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-07-22 16:09 - 2012-09-18 15:26 - 00169472 _____ () C:\Windows\System32\zlhp1020.dll 2013-07-22 16:09 - 2012-09-18 15:26 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll 2013-03-05 20:25 - 2013-03-05 20:25 - 00335872 _____ () C:\Program Files\MediaMall\lua51a.dll 2013-10-30 10:15 - 2012-08-01 00:03 - 00017408 _____ () C:\Program Files\MediaMall\plugins\ParseUtilities.dll 2014-03-14 20:56 - 2014-03-14 20:56 - 10959360 _____ () C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe 2014-03-27 13:29 - 2014-03-19 16:04 - 00017920 _____ () C:\Windows\Microsoft\System Update kb77600\WindowsUpdater.exe 2014-03-27 13:29 - 2014-03-19 16:04 - 00026112 _____ () C:\Windows\Microsoft\System Update kb77600\Installer.dll 2014-03-27 13:29 - 2014-05-16 17:24 - 00086528 _____ () C:\Program Files\MSR\Privoxy\mgwz.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 02126264 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 07422392 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 02453944 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 01270200 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 00192952 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 00795064 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll 2014-03-12 19:57 - 2014-03-12 19:57 - 00073352 _____ () C:\Program Files\Plex\Plex Media Server\zlib.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00195720 _____ () C:\Program Files\Plex\Plex Media Server\libidn.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00840840 _____ () C:\Program Files\Plex\Plex Media Server\libxml2.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00051848 _____ () C:\Program Files\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00089224 _____ () C:\Program Files\Plex\Plex Media Server\soci_core-vc80-3_0.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 07605400 _____ () C:\Program Files\Plex\Plex Media Server\avcodec-54.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00202392 _____ () C:\Program Files\Plex\Plex Media Server\avutil-52.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 01453720 _____ () C:\Program Files\Plex\Plex Media Server\avformat-54.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00352920 _____ () C:\Program Files\Plex\Plex Media Server\swscale-2.dll 2014-03-12 19:57 - 2014-03-12 19:57 - 00507528 _____ () C:\Program Files\Plex\Plex Media Server\tag.dll 2014-03-12 19:57 - 2014-03-12 19:57 - 08495240 _____ () C:\Program Files\Plex\Plex Media Server\WebKit.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00952968 _____ () C:\Program Files\Plex\Plex Media Server\CFLite.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 01291400 _____ () C:\Program Files\Plex\Plex Media Server\JavaScriptCore.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 01038984 _____ () C:\Program Files\Plex\Plex Media Server\cairo.dll 2014-03-12 19:57 - 2014-03-12 19:57 - 00073352 _____ () C:\Program Files\Plex\Plex Media Server\zlib1.dll 2014-03-19 20:53 - 2014-03-19 20:53 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2013-04-18 13:04 - 2013-04-18 13:04 - 00048640 _____ () C:\Program Files\AOL Desktop 9.7\zlib.dll 2013-04-18 13:04 - 2013-04-18 13:04 - 22152704 _____ () C:\Program Files\AOL Desktop 9.7\libcef.dll 2013-04-18 13:04 - 2013-04-18 13:04 - 01195022 _____ () C:\Program Files\AOL Desktop 9.7\avcodec-54.dll 2013-04-18 13:04 - 2013-04-18 13:04 - 00138766 _____ () C:\Program Files\AOL Desktop 9.7\avutil-51.dll 2013-04-18 13:04 - 2013-04-18 13:04 - 00217614 _____ () C:\Program Files\AOL Desktop 9.7\avformat-54.dll 2013-04-18 13:04 - 2013-04-18 13:04 - 00648704 _____ () C:\Program Files\AOL Desktop 9.7\libglesv2.dll 2013-04-18 13:04 - 2013-04-18 13:04 - 00122880 _____ () C:\Program Files\AOL Desktop 9.7\libegl.dll 2014-03-12 19:57 - 2014-03-12 19:57 - 00045192 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\_socket.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00028808 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\_ssl.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00019080 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\_hashlib.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00032392 _____ () C:\Program Files\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00836744 _____ () C:\Program Files\Plex\Plex Media Server\Exts\lxml\etree.pyd 2014-03-12 19:56 - 2014-03-12 19:56 - 00062600 _____ () C:\Program Files\Plex\Plex Media Server\libexslt.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00166024 _____ () C:\Program Files\Plex\Plex Media Server\libxslt.dll 2014-03-12 19:57 - 2014-03-12 19:57 - 00192648 _____ () C:\Program Files\Plex\Plex Media Server\Exts\lxml\objectify.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00016520 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\select.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00056456 _____ () C:\Program Files\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00018056 _____ () C:\Program Files\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00044680 _____ () C:\Program Files\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00083080 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\_ctypes.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00111752 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\pyexpat.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00692360 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\unicodedata.pyd 2014-05-14 15:01 - 2014-05-14 15:01 - 16361136 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: SM Bus Controller Description: SM Bus Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Texas Instruments OHCI Compliant IEEE 1394 Host Controller Description: Texas Instruments OHCI Compliant IEEE 1394 Host Controller Class Guid: {6bdd1fc1-810f-11d0-bec7-08002be2092f} Manufacturer: Texas Instruments Service: ohci1394 Problem: : This device cannot find enough free resources that it can use. If you want to use this device, you will need to disable one of the other devices on this system. (Code12) Resolution: Two devices have been assigned the same input/output (I/O) ports, the same interrupt, or the same Direct Memory Access channel (either by the BIOS, the operating system, or a combination of the two). This error message can also appear if the BIOS did not allocate enough resources to the device (for example, if a universal serial bus (USB) controller does not get an interrupt from the BIOS because of a corrupt Multiprocessor System (MPS) table). You can use Device Manager to determine where the conflict is and disable the conflicting device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (05/16/2014 05:37:31 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program HDSentinel.exe version 4.40.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 960 Start Time: 01cf715595efb3e3 Termination Time: 4 Error: (05/14/2014 00:20:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program waol.exe version 9.7.1.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: e10 Start Time: 01cf6f6f6cad5ab3 Termination Time: 32 Error: (05/09/2014 07:18:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application aolbrowser.exe, version 0.3.10.1, time stamp 0x513ff47a, faulting module Flash32_13_0_0_206.ocx, version 13.0.0.206, time stamp 0x53519a13, exception code 0xc0000005, fault offset 0x005be910, process id 0x9c0, application start time 0xaolbrowser.exe0. Error: (05/09/2014 07:18:54 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4 Error: (05/09/2014 07:18:51 AM) (Source: Perflib) (EventID: 1010) (User: ) Description: EmdCacheC:\Windows\system32\emdmgmt.dll4 Error: (04/30/2014 10:17:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: The entry in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Aborting Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Unknown/unsupported storage engine: INNODB Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Plugin 'InnoDB' registration as a STORAGE ENGINE failed. Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Plugin 'InnoDB' init function returned error. System errors: ============= Error: (05/16/2014 05:33:24 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY) Description: 0x80070032 Error: (05/16/2014 05:29:21 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: ) Description: WMPNetworkSvc0x80070006 Error: (05/16/2014 05:25:21 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: ) Description: WMPNetworkSvc0x80070006 Error: (05/16/2014 05:23:30 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 5:22:14 PM on 5/16/2014 was unexpected. Error: (05/14/2014 07:23:40 AM) (Source: WMPNetworkSvc) (EventID: 14329) (User: ) Description: WMPNetworkSvc0x80070006 Error: (05/14/2014 03:29:38 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY) Description: 0x80070032 Error: (05/14/2014 03:28:39 AM) (Source: WMPNetworkSvc) (EventID: 14329) (User: ) Description: WMPNetworkSvc0x80070006 Error: (05/04/2014 08:08:39 AM) (Source: WMPNetworkSvc) (EventID: 14329) (User: ) Description: WMPNetworkSvc0x80070006 Error: (05/04/2014 08:07:35 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY) Description: 0x80070032 Error: (05/04/2014 08:07:04 AM) (Source: WMPNetworkSvc) (EventID: 14329) (User: ) Description: WMPNetworkSvc0x80070006 Microsoft Office Sessions: ========================= Error: (05/16/2014 05:37:31 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: HDSentinel.exe4.40.0.096001cf715595efb3e34 Error: (05/14/2014 00:20:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: waol.exe9.7.1.1e1001cf6f6f6cad5ab332 Error: (05/09/2014 07:18:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: aolbrowser.exe0.3.10.1513ff47aFlash32_13_0_0_206.ocx13.0.0.20653519a13c0000005005be9109c001cf6be499983b80 Error: (05/09/2014 07:18:54 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4 Error: (05/09/2014 07:18:51 AM) (Source: Perflib) (EventID: 1010) (User: ) Description: EmdCacheC:\Windows\system32\emdmgmt.dll4 Error: (04/30/2014 10:17:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) C:\USERS\CHRISTOPHER L KARR\APPDATA\LOCAL\PLEX MEDIA SERVER\PLUG-IN SUPPORT\DATA\COM.PLEXAPP.SYSTEM\DATAITEMS\DEACTIVATED\COM.PLEXAPP.PLUGINS.WEBCLIENT\WEBCLIENT.BUNDLE Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Aborting Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Unknown/unsupported storage engine: INNODB Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Plugin 'InnoDB' registration as a STORAGE ENGINE failed. Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Plugin 'InnoDB' init function returned error. CodeIntegrity Errors: =================================== Date: 2014-04-20 14:04:03.471 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:03.323 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:03.178 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:03.029 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:02.887 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:02.741 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:02.516 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:02.375 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:02.230 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:02.086 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 66% Total physical RAM: 3069.82 MB Available physical RAM: 1036.36 MB Total Pagefile: 6371.68 MB Available Pagefile: 3617.55 MB Total Virtual: 2047.88 MB Available Virtual: 1913.31 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.88 GB) (Free:93.38 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive e: (NIGR502PRO) (CDROM) (Total:0.6 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 773DC552) Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version:15-05-2014 Ran by Christopher L Karr at 2014-05-16 17:36:00 Running from C:\Users\Christopher L Karr\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.) 7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - ) Acoustica Effects Pack (HKLM\...\Acoustica Effects Pack) (Version: 3.0 - Acoustica, Inc) Acoustica Mixcraft 5 (HKLM\...\Acoustica Mixcraft 5) (Version: - Acoustica) Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated) Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) AOL Uninstaller (Choose which Products to Remove) (HKLM\...\AOL Uninstaller) (Version: - AOL Inc.) Apple Application Support (HKLM\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bonjour (HKLM\...\{2A981294-F14C-4F0F-9627-D793270922F8}) (Version: 2.0.4.0 - Apple Inc.) Chrome Remote Desktop Host (HKLM\...\{7027908B-573C-4C77-84D4-C488679BCD6F}) (Version: 35.0.1916.52 - Google Inc.) Cisco Connect (HKLM\...\Cisco Connect) (Version: 1.4.11245.0 - Cisco Consumer Products LLC) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd) ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - ) Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.) Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden Hard Disk Sentinel (HKLM\...\Hard Disk Sentinel_is1) (Version: - HDS) IK Multimedia Authorization Manager version 1.0.8 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.8 - IK Multimedia) Kaspersky Security Scan (HKLM\...\InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}) (Version: 12.0.1.340 - Kaspersky Lab) Kaspersky Security Scan (Version: 12.0.1.340 - Kaspersky Lab) Hidden Line 6 Uninstaller (HKLM\...\Line 6 Uninstaller) (Version: - Line 6) Logitech Unifying Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech) Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL Inc.) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) Mozilla Firefox 28.0 (x86 en-US) (HKLM\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) MySQL Installer (HKLM\...\{15286120-DA10-4005-881C-EF9AAFFF586A}) (Version: 1.3.6.0 - Oracle Corporation) MySQL Server 5.6 (HKLM\...\{75DD19E9-BB93-4B9F-9077-FFA73306FC1B}) (Version: 5.6.17 - Oracle Corporation) Native Instruments Controller Editor (HKLM\...\Native Instruments Controller Editor) (Version: - Native Instruments) Native Instruments Controller Editor (Version: 1.5.1.1124 - Native Instruments) Hidden Native Instruments Guitar Rig 5 (HKLM\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments) Native Instruments Guitar Rig 5 (Version: 5.1.1.2673 - Native Instruments) Hidden Native Instruments Guitar Rig Mobile I/O (HKLM\...\Native Instruments Guitar Rig Mobile I/O) (Version: - Native Instruments) Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625 - Native Instruments) Hidden Native Instruments Guitar Rig Session I/O (HKLM\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments) Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625 - Native Instruments) Hidden Native Instruments Rig Kontrol 3 (HKLM\...\Native Instruments Rig Kontrol 3) (Version: - Native Instruments) Native Instruments Rig Kontrol 3 (Version: 3.0.0.625 - Native Instruments) Hidden Native Instruments Service Center (HKLM\...\Native Instruments Service Center) (Version: - Native Instruments) Native Instruments Service Center (Version: 2.3.2.926 - Native Instruments) Hidden NVIDIA 3D Vision Controller Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation) NVIDIA Control Panel 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - ) NVIDIA GeForce Experience 1.5.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5.1 - NVIDIA Corporation) NVIDIA Graphics Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.125.816 - NVIDIA Corporation) Hidden NVIDIA PhysX (Version: 9.13.0604 - NVIDIA Corporation) Hidden NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA Update 6.4.23 (Version: 6.4.23 - NVIDIA Corporation) Hidden NVIDIA Update Components (Version: 6.4.23 - NVIDIA Corporation) Hidden OpenOffice 4.0.0 (HKLM\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation) Opera Stable 21.0.1432.67 (HKLM\...\Opera 21.0.1432.67) (Version: 21.0.1432.67 - Opera Software ASA) PlayOn (HKLM\...\{0D18E5BD-EC13-41B3-B311-A74E4656174F}) (Version: 3.8.0 - MediaMall Technologies, Inc.) Plex (HKCU\...\Plex) (Version: 0.9.504 - Plex, Inc) Plex Media Server (HKLM\...\{e9921c42-812d-4b39-9c02-612724349e82}) (Version: 0.9.907 - Plex, Inc.) Plex Media Server (Version: 0.9.907 - Plex, Inc.) Hidden PS3 Media Server (HKLM\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server) PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden QuickTime (HKLM\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.) Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) SixaxisPairTool 0.2.5 (HKLM\...\SixaxisPairTool_is1) (Version: 0.2.5 - Dancing Pixel Studios) Splashtop Software Updater (HKLM\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.) Splashtop Streamer (HKLM\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.5.5.4 - Splashtop Inc.) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com) System Update kb77600 (HKLM\...\{79BB0733-58A2-486C-AA02-F9BAB929EFF8}) (Version: 1.0.0 - MSR) Universal Adb Driver (HKLM\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation) Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.2.0.0 - Azureus Software, Inc.) WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Restore Points ========================= 02-04-2014 21:02:25 Windows Update 03-04-2014 08:00:10 Windows Update 06-04-2014 14:06:02 Windows Update 10-04-2014 08:00:13 Windows Update 11-04-2014 19:54:29 Revo Uninstaller's restore point - Caramava 11-04-2014 20:00:36 Revo Uninstaller's restore point - McAfee Security Scan Plus 11-04-2014 20:02:18 Revo Uninstaller's restore point - Yahoo! Toolbar 13-04-2014 13:20:15 Windows Update 15-04-2014 15:27:41 Revo Uninstaller's restore point - The Extractor 15-04-2014 15:32:27 Revo Uninstaller's restore point - Viewpoint Media Player 17-04-2014 16:52:18 Windows Update 22-04-2014 01:23:59 Windows Update 26-04-2014 01:22:19 Windows Update 28-04-2014 20:07:38 Installed MySQL Installer 28-04-2014 22:24:29 Installed MySQL Installer 28-04-2014 22:45:00 Installed MySQL Installer 28-04-2014 22:53:56 Installed MySQL Installer 28-04-2014 23:07:58 Installed MySQL Installer 28-04-2014 23:08:59 Installed MySQL Installer 30-04-2014 01:22:34 Windows Update 02-05-2014 08:00:11 Windows Update 05-05-2014 13:15:54 Windows Update 09-05-2014 12:25:11 Device Driver Package Install: Google, Inc. Android Device 09-05-2014 13:16:46 Windows Update 09-05-2014 13:28:52 Installed Akamai NetSession Interface 13-05-2014 13:15:13 Windows Update 14-05-2014 08:00:12 Windows Update ==================== Hosts content: ========================== 2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {1B8820D6-E87A-43BE-B6B0-F85A02FEA1AE} - System32\Tasks\TopArcadeHits => C:\Users\Christopher L Karr\AppData\Local\TopArcadeHits\updater.exe Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {25797ED0-4DBF-44B4-A875-516075AC97D5} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-18] (Microsoft Corporation) Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation) Task: {4C12C22E-694F-4DE9-8E90-AB14DC936902} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-06] (Google Inc.) Task: {641192D9-8381-4A6C-9077-35A0F2809A7E} - System32\Tasks\FF Watcher {920CD43E-4CAA-4514-8994-72C34151B9FE} => C:\Program Files\V-bates\PrefHelper.exe Task: {80E43DBC-E768-4EE9-B44B-891FEA2C6560} - System32\Tasks\FF Watcher {5D09139E-4EDA-4100-88D0-BC2C5F7AE3B0} => C:\Program Files\V-bates\PrefHelper.exe Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries Task: {A845D690-657E-412E-B474-BCF482B35068} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Christopher_20L_20Karr => C:\Program Files\Hard Disk Sentinel\HDSentinel.exe [2013-07-11] (H.D.S. Hungary) Task: {B0445914-F6CF-4A28-BCCF-B462B91FF668} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) Task: {BE90D456-B752-49D2-B714-5385073B2918} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {CA69C6A4-F860-4334-8E36-2EF301EA9096} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated) Task: {D2E29D2A-3171-4551-A8D3-D294020271FF} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {D67D8556-5B3A-4B41-A955-4165E2199E23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-06] (Google Inc.) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2013-07-22] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FF Watcher {5D09139E-4EDA-4100-88D0-BC2C5F7AE3B0}.job => C:\Program Files\V-bates\PrefHelper.exe Task: C:\Windows\Tasks\FF Watcher {920CD43E-4CAA-4514-8994-72C34151B9FE}.job => C:\Program Files\V-bates\PrefHelper.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-07-22 16:09 - 2012-09-18 15:26 - 00169472 _____ () C:\Windows\System32\zlhp1020.dll 2013-07-22 16:09 - 2012-09-18 15:26 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll 2013-03-05 20:25 - 2013-03-05 20:25 - 00335872 _____ () C:\Program Files\MediaMall\lua51a.dll 2013-10-30 10:15 - 2012-08-01 00:03 - 00017408 _____ () C:\Program Files\MediaMall\plugins\ParseUtilities.dll 2014-03-14 20:56 - 2014-03-14 20:56 - 10959360 _____ () C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe 2014-03-27 13:29 - 2014-03-19 16:04 - 00017920 _____ () C:\Windows\Microsoft\System Update kb77600\WindowsUpdater.exe 2014-03-27 13:29 - 2014-03-19 16:04 - 00026112 _____ () C:\Windows\Microsoft\System Update kb77600\Installer.dll 2014-03-27 13:29 - 2014-05-16 17:24 - 00086528 _____ () C:\Program Files\MSR\Privoxy\mgwz.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 02126264 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 07422392 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 02453944 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 01270200 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 00192952 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 00795064 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll 2014-03-12 19:57 - 2014-03-12 19:57 - 00073352 _____ () C:\Program Files\Plex\Plex Media Server\zlib.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00195720 _____ () C:\Program Files\Plex\Plex Media Server\libidn.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00840840 _____ () C:\Program Files\Plex\Plex Media Server\libxml2.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00051848 _____ () C:\Program Files\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00089224 _____ () C:\Program Files\Plex\Plex Media Server\soci_core-vc80-3_0.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 07605400 _____ () C:\Program Files\Plex\Plex Media Server\avcodec-54.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00202392 _____ () C:\Program Files\Plex\Plex Media Server\avutil-52.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 01453720 _____ () C:\Program Files\Plex\Plex Media Server\avformat-54.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00352920 _____ () C:\Program Files\Plex\Plex Media Server\swscale-2.dll 2014-03-12 19:57 - 2014-03-12 19:57 - 00507528 _____ () C:\Program Files\Plex\Plex Media Server\tag.dll 2014-03-12 19:57 - 2014-03-12 19:57 - 08495240 _____ () C:\Program Files\Plex\Plex Media Server\WebKit.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00952968 _____ () C:\Program Files\Plex\Plex Media Server\CFLite.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 01291400 _____ () C:\Program Files\Plex\Plex Media Server\JavaScriptCore.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 01038984 _____ () C:\Program Files\Plex\Plex Media Server\cairo.dll 2014-03-12 19:57 - 2014-03-12 19:57 - 00073352 _____ () C:\Program Files\Plex\Plex Media Server\zlib1.dll 2014-03-19 20:53 - 2014-03-19 20:53 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2013-04-18 13:04 - 2013-04-18 13:04 - 00048640 _____ () C:\Program Files\AOL Desktop 9.7\zlib.dll 2013-04-18 13:04 - 2013-04-18 13:04 - 22152704 _____ () C:\Program Files\AOL Desktop 9.7\libcef.dll 2013-04-18 13:04 - 2013-04-18 13:04 - 01195022 _____ () C:\Program Files\AOL Desktop 9.7\avcodec-54.dll 2013-04-18 13:04 - 2013-04-18 13:04 - 00138766 _____ () C:\Program Files\AOL Desktop 9.7\avutil-51.dll 2013-04-18 13:04 - 2013-04-18 13:04 - 00217614 _____ () C:\Program Files\AOL Desktop 9.7\avformat-54.dll 2013-04-18 13:04 - 2013-04-18 13:04 - 00648704 _____ () C:\Program Files\AOL Desktop 9.7\libglesv2.dll 2013-04-18 13:04 - 2013-04-18 13:04 - 00122880 _____ () C:\Program Files\AOL Desktop 9.7\libegl.dll 2014-03-12 19:57 - 2014-03-12 19:57 - 00045192 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\_socket.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00028808 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\_ssl.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00019080 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\_hashlib.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00032392 _____ () C:\Program Files\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00836744 _____ () C:\Program Files\Plex\Plex Media Server\Exts\lxml\etree.pyd 2014-03-12 19:56 - 2014-03-12 19:56 - 00062600 _____ () C:\Program Files\Plex\Plex Media Server\libexslt.dll 2014-03-12 19:56 - 2014-03-12 19:56 - 00166024 _____ () C:\Program Files\Plex\Plex Media Server\libxslt.dll 2014-03-12 19:57 - 2014-03-12 19:57 - 00192648 _____ () C:\Program Files\Plex\Plex Media Server\Exts\lxml\objectify.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00016520 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\select.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00056456 _____ () C:\Program Files\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00018056 _____ () C:\Program Files\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00044680 _____ () C:\Program Files\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00083080 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\_ctypes.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00111752 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\pyexpat.pyd 2014-03-12 19:57 - 2014-03-12 19:57 - 00692360 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\unicodedata.pyd 2014-05-14 15:01 - 2014-05-14 15:01 - 16361136 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: SM Bus Controller Description: SM Bus Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Texas Instruments OHCI Compliant IEEE 1394 Host Controller Description: Texas Instruments OHCI Compliant IEEE 1394 Host Controller Class Guid: {6bdd1fc1-810f-11d0-bec7-08002be2092f} Manufacturer: Texas Instruments Service: ohci1394 Problem: : This device cannot find enough free resources that it can use. If you want to use this device, you will need to disable one of the other devices on this system. (Code12) Resolution: Two devices have been assigned the same input/output (I/O) ports, the same interrupt, or the same Direct Memory Access channel (either by the BIOS, the operating system, or a combination of the two). This error message can also appear if the BIOS did not allocate enough resources to the device (for example, if a universal serial bus (USB) controller does not get an interrupt from the BIOS because of a corrupt Multiprocessor System (MPS) table). You can use Device Manager to determine where the conflict is and disable the conflicting device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (05/16/2014 05:37:31 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program HDSentinel.exe version 4.40.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 960 Start Time: 01cf715595efb3e3 Termination Time: 4 Error: (05/14/2014 00:20:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program waol.exe version 9.7.1.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: e10 Start Time: 01cf6f6f6cad5ab3 Termination Time: 32 Error: (05/09/2014 07:18:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application aolbrowser.exe, version 0.3.10.1, time stamp 0x513ff47a, faulting module Flash32_13_0_0_206.ocx, version 13.0.0.206, time stamp 0x53519a13, exception code 0xc0000005, fault offset 0x005be910, process id 0x9c0, application start time 0xaolbrowser.exe0. Error: (05/09/2014 07:18:54 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4 Error: (05/09/2014 07:18:51 AM) (Source: Perflib) (EventID: 1010) (User: ) Description: EmdCacheC:\Windows\system32\emdmgmt.dll4 Error: (04/30/2014 10:17:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: The entry in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Aborting Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Unknown/unsupported storage engine: INNODB Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Plugin 'InnoDB' registration as a STORAGE ENGINE failed. Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Plugin 'InnoDB' init function returned error. System errors: ============= Error: (05/16/2014 05:33:24 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY) Description: 0x80070032 Error: (05/16/2014 05:29:21 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: ) Description: WMPNetworkSvc0x80070006 Error: (05/16/2014 05:25:21 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: ) Description: WMPNetworkSvc0x80070006 Error: (05/16/2014 05:23:30 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 5:22:14 PM on 5/16/2014 was unexpected. Error: (05/14/2014 07:23:40 AM) (Source: WMPNetworkSvc) (EventID: 14329) (User: ) Description: WMPNetworkSvc0x80070006 Error: (05/14/2014 03:29:38 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY) Description: 0x80070032 Error: (05/14/2014 03:28:39 AM) (Source: WMPNetworkSvc) (EventID: 14329) (User: ) Description: WMPNetworkSvc0x80070006 Error: (05/04/2014 08:08:39 AM) (Source: WMPNetworkSvc) (EventID: 14329) (User: ) Description: WMPNetworkSvc0x80070006 Error: (05/04/2014 08:07:35 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY) Description: 0x80070032 Error: (05/04/2014 08:07:04 AM) (Source: WMPNetworkSvc) (EventID: 14329) (User: ) Description: WMPNetworkSvc0x80070006 Microsoft Office Sessions: ========================= Error: (05/16/2014 05:37:31 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: HDSentinel.exe4.40.0.096001cf715595efb3e34 Error: (05/14/2014 00:20:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: waol.exe9.7.1.1e1001cf6f6f6cad5ab332 Error: (05/09/2014 07:18:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: aolbrowser.exe0.3.10.1513ff47aFlash32_13_0_0_206.ocx13.0.0.20653519a13c0000005005be9109c001cf6be499983b80 Error: (05/09/2014 07:18:54 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4 Error: (05/09/2014 07:18:51 AM) (Source: Perflib) (EventID: 1010) (User: ) Description: EmdCacheC:\Windows\system32\emdmgmt.dll4 Error: (04/30/2014 10:17:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) C:\USERS\CHRISTOPHER L KARR\APPDATA\LOCAL\PLEX MEDIA SERVER\PLUG-IN SUPPORT\DATA\COM.PLEXAPP.SYSTEM\DATAITEMS\DEACTIVATED\COM.PLEXAPP.PLUGINS.WEBCLIENT\WEBCLIENT.BUNDLE Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Aborting Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Unknown/unsupported storage engine: INNODB Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Plugin 'InnoDB' registration as a STORAGE ENGINE failed. Error: (04/28/2014 05:59:37 PM) (Source: MySQL) (EventID: 100) (User: ) Description: Plugin 'InnoDB' init function returned error. CodeIntegrity Errors: =================================== Date: 2014-04-20 14:04:03.471 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:03.323 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:03.178 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:03.029 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:02.887 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:02.741 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:02.516 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:02.375 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:02.230 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-20 14:04:02.086 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 66% Total physical RAM: 3069.82 MB Available physical RAM: 1036.36 MB Total Pagefile: 6371.68 MB Available Pagefile: 3617.55 MB Total Virtual: 2047.88 MB Available Virtual: 1913.31 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.88 GB) (Free:93.38 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive e: (NIGR502PRO) (CDROM) (Total:0.6 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 773DC552) Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS) ==================== End Of Log ============================

#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:15 AM

Posted 17 May 2014 - 04:34 AM

Look at the style of your post. Do you think I'm able to read this? Look at other threads and tell me what the difference is between your FRST Log and the other's FRST Log. :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 scuzzo

scuzzo
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 17 May 2014 - 08:59 AM

for some reason the cut and past functions are not working proper so i deceded to use Pastbin.... here is a link to the FRST file... the addition on is blank so im not sure what is going on there.. Frst.txt http://xbmclogs.com/show.php?id=203595

#6 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:15 AM

Posted 17 May 2014 - 09:55 AM

No, please attach the log.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#7 scuzzo

scuzzo
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 17 May 2014 - 10:07 AM

log attached the addition.txt is blank so... i did not attach that one..

#8 scuzzo

scuzzo
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 17 May 2014 - 10:10 AM

ok,, log attached the addition.txt is blank so i did not attach it.... now if i can just figure a way to delete the above post with the cut and past foul up and that missing log attachment post just afore this one..... man its a day.. owell... thanks for the assistance..

Attached Files

  • Attached File  FRST.txt   33.18KB   1 downloads


#9 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:15 AM

Posted 17 May 2014 - 10:40 AM

Then do a new FRST Scan and post the Addition. I need this log ...

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#10 scuzzo

scuzzo
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 17 May 2014 - 12:50 PM

ok sorry about this being like pulling teeth... im usually a better at getting all the logs together... here is the Addition log...

Attached Files



#11 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:15 AM

Posted 17 May 2014 - 01:53 PM

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#12 scuzzo

scuzzo
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 17 May 2014 - 02:36 PM

ok here is the attached Adwarecleaner.txt log... im still not able to cut and past the text with any thing near a legible format so.. here is the attachment..

Attached Files



#13 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:15 AM

Posted 17 May 2014 - 04:34 PM

OK, I'm waiting for the other logs.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#14 scuzzo

scuzzo
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 17 May 2014 - 05:39 PM

here is the malware bytes log...

Attached Files



#15 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:15 AM

Posted 18 May 2014 - 04:49 AM

Now step 3 and step 4 are missing.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users