talakargos

im not sure but basically what happens usually is, i'll restart my computer, or power it up. The volume thingy is in my volume mixer. I run rkill, or malwarebytes or combofix, and either one of these will end up stopping it or it'll disappear on it's own, and then that's it. Very mysterious indeed.,

just ran the program, looks like it didn't work, since the volume thing is still there for the unidentified name in my volume mixer...im posting the results regardless though. Rkill 2.6.4 by Lawrence Abrams (Grinler)http://www.bleepingcomputer.com/Copyright 2008-2014 BleepingComputer.comMore Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 01/09/2014 05:19:33 AM in x64 mode.Windows Version: Windows 7 Professional Service Pack 1 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Checking Windows Service Integrity: * No issues found. Searching for Missing Digital Signatures: * C:\Windows\System32\UxTheme.dll : 332,288 : 12/13/2010 05:40 AM : 8bf20c54ffb37cfb960f708ffa813fa7 [NoSig] +-> C:\Windows\SysWOW64\uxtheme.dll : 245,760 : 07/13/2009 05:11 PM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl] +-> C:\Windows\winsxs\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_01d98c7b2040a1b9\uxtheme.dll : 332,288 : 07/13/2009 05:41 PM : d29e998e8277666982b4f0303bf4e7af [Pos Repl] +-> C:\Windows\winsxs\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_0c2e36cd54a163b4\uxtheme.dll : 245,760 : 07/13/2009 05:11 PM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl] Checking HOSTS File: * HOSTS file entries found: 127.0.0.1 localhost Program finished at: 01/09/2014 05:21:41 AMExecution time: 0 hours(s), 2 minute(s), and 8 seconds(s)

should i restart my computer and then run it? or just run it right now, because i don't see the volume thingy

i downloaded a new copy of combofix and ran it. ComboFix 14-01-08.03 - Darwin 01/08/2014 19:10:02.6.4 - x64Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4095.2464 [GMT -8:00]Running from: c:\users\Darwin\Downloads\ComboFix.exeAV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((( Files Created from 2013-12-09 to 2014-01-09 )))))))))))))))))))))))))))))))..2014-01-09 03:23 . 2014-01-09 03:23 -------- d-----w- c:\users\Default\AppData\Local\temp2014-01-07 14:36 . 2013-11-14 11:55 955168 ----a-w- c:\windows\SysWow64\nvspcap.dll2014-01-07 14:36 . 2013-11-14 11:55 1064224 ----a-w- c:\windows\system32\nvspcap64.dll2014-01-07 10:36 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E17ADA24-B406-4AC8-B155-4C7DB1C9E9CB}\mpengine.dll2014-01-06 04:10 . 2014-01-06 04:11 -------- d-----w- c:\program files (x86)\GUM9732.tmp2014-01-06 04:01 . 2014-01-06 04:01 -------- d-----w- c:\users\Darwin\AppData\Roaming\VSRevoGroup2014-01-06 04:00 . 2014-01-06 04:00 -------- d-----w- c:\program files (x86)\VS Revo Group2014-01-05 10:20 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2014-01-03 14:36 . 2014-01-04 13:55 65600 ----a-w- c:\windows\system32\drivers\lsi_sas2.sys.bak2014-01-03 13:33 . 2014-01-03 13:33 -------- d-----w- c:\windows\Sun2014-01-03 13:19 . 2014-01-03 13:19 -------- d-----w- c:\windows\ERUNT2014-01-03 13:11 . 2014-01-07 15:50 -------- d-----w- C:\AdwCleaner2014-01-03 12:41 . 2014-01-04 01:30 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2014-01-01 13:07 . 2014-01-04 01:16 89304 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys2013-12-31 18:45 . 2013-12-31 18:45 -------- d-----w- c:\users\Darwin\AppData\Roaming\MPC-HC2013-12-16 02:17 . 2013-12-16 02:54 -------- d-----w- C:\BOSS2013-12-16 02:06 . 2011-12-07 18:37 148992 ----a-w- c:\windows\system32\lagarith.dll2013-12-16 02:06 . 2011-12-07 18:32 216064 ----a-w- c:\windows\SysWow64\lagarith.dll2013-12-16 02:06 . 2013-03-17 18:22 3554304 ----a-w- c:\windows\system32\x264vfw64.dll2013-12-16 02:06 . 2013-03-17 17:21 3649536 ----a-w- c:\windows\SysWow64\x264vfw.dll2013-12-16 02:06 . 2011-06-24 15:44 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll2013-12-16 02:06 . 2011-06-24 15:28 650752 ----a-w- c:\windows\SysWow64\xvidcore.dll2013-12-16 02:06 . 2012-07-21 11:55 180736 ----a-w- c:\windows\system32\ac3acm.acm2013-12-16 02:06 . 2012-07-21 11:54 122880 ----a-w- c:\windows\SysWow64\ac3acm.acm2013-12-16 02:06 . 2013-08-22 18:09 256088 ----a-w- c:\windows\system32\unrar64.dll2013-12-16 02:06 . 2013-11-14 18:00 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll2013-12-16 02:02 . 2013-12-16 14:01 -------- d-----w- c:\users\Darwin\AppData\Local\Fallout3...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-12-11 09:37 . 2012-04-18 23:59 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2013-12-11 09:37 . 2011-05-25 21:19 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-11-23 00:59 . 2013-11-23 00:59 57344 ----a-r- c:\users\Darwin\AppData\Roaming\Microsoft\Installer\{2E6FA5CA-1597-4219-AF62-D9B061E7C448}\NewShortcut11_98798AFA4B0B41FAA9B8FF8835A64952.exe2013-11-23 00:59 . 2013-11-23 00:59 57344 ----a-r- c:\users\Darwin\AppData\Roaming\Microsoft\Installer\{2E6FA5CA-1597-4219-AF62-D9B061E7C448}\NewShortcut1_3F3768693B314C7692F69858832BE52C.exe2013-11-23 00:59 . 2013-11-23 00:59 53248 ----a-r- c:\users\Darwin\AppData\Roaming\Microsoft\Installer\{2E6FA5CA-1597-4219-AF62-D9B061E7C448}\ARPPRODUCTICON.exe2013-11-19 10:21 . 2010-08-07 06:00 267936 ------w- c:\windows\system32\MpSigStub.exe2013-11-14 18:00 . 2011-06-22 23:10 127488 ----a-w- c:\windows\system32\ff_vfw.dll2013-11-14 11:55 . 2011-09-11 06:43 18293608 ----a-w- c:\windows\system32\nvwgf2umx.dll2013-11-14 11:55 . 2011-09-11 06:43 15218504 ----a-w- c:\windows\SysWow64\nvd3dum.dll2013-11-14 11:55 . 2012-10-11 05:22 2697248 ----a-w- c:\windows\SysWow64\nvapi.dll2013-11-14 11:55 . 2011-09-11 06:43 3069608 ----a-w- c:\windows\system32\nvapi64.dll2013-11-11 16:59 . 2013-11-11 16:59 590112 ----a-w- c:\windows\SysWow64\nvStreaming.exe2013-11-11 15:02 . 2011-09-11 06:50 3490080 ----a-w- c:\windows\system32\nvsvc64.dll2013-11-11 15:02 . 2011-09-11 06:50 6674208 ----a-w- c:\windows\system32\nvcpl.dll2013-11-11 15:01 . 2011-09-11 06:50 63776 ----a-w- c:\windows\system32\nvshext.dll2013-11-11 15:01 . 2011-09-11 06:50 922912 ----a-w- c:\windows\system32\nvvsvc.exe2013-11-11 15:01 . 2011-09-11 06:50 219424 ----a-w- c:\windows\system32\nvmctray.dll2013-10-18 07:46 . 2013-12-07 22:24 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71D252F9-9356-4B1E-B013-CD14DF0F9986}\gapaengine.dll2013-10-18 07:46 . 2011-03-26 18:09 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll2012-01-07 19:54 . 2012-01-09 07:54 44 ---h--w- c:\program files (x86)\29a79214.tmp..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]"Akamai NetSession Interface"="c:\users\Darwin\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]"F.lux"="c:\users\Darwin\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-15 1016712]"Spotify Web Helper"="c:\users\Darwin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-12-07 1168896].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-11-30 3806544].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"DinsCurse"="c:\users\Darwin\AppData\Local\VirtualStore\DinsCurse\hdmdclfoig.dll" [bU].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2010-10-10 117248]SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]@="Service".[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe""Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe""SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe""DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW.R1 MpKsl70cdd847;MpKsl70cdd847;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{09BB0864-90F7-4F5F-985D-07E76657DEFD}\MpKsl70cdd847.sys;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{09BB0864-90F7-4F5F-985D-07E76657DEFD}\MpKsl70cdd847.sys [x]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]R3 Gun;Gun;c:\windows\system32\Gun64.sys;c:\windows\SYSNATIVE\Gun64.sys [x]R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [x]R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]R3 RTCore64;RTCore64;c:\program files (x86)\EVGA Precision\RTCore64.sys;c:\program files (x86)\EVGA Precision\RTCore64.sys [x]R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R3 X6va005;X6va005;c:\users\Darwin\AppData\Local\Temp\00513F0.tmp;c:\users\Darwin\AppData\Local\Temp\00513F0.tmp [x]S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]S2 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe;c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]S2 Giraffic;Veoh Giraffic Video Accelerator;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [x]S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [x]S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]S2 Winstep Xtreme Service;Winstep Xtreme Service;c:\program files\Winstep\WsxService;c:\program files\Winstep\WsxService [x]S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]S3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [x]S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]Akamai REG_MULTI_SZ Akamai.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2014-01-07 23:15 1211672 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.72\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2014-01-08 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 09:37].2014-01-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05 19:35].2014-01-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05 19:35].2014-01-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911683554-3553286672-2363877611-1000Core.job- c:\users\Darwin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-07 23:11].2014-01-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911683554-3553286672-2363877611-1000UA.job- c:\users\Darwin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-07 23:11]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]"RivaTunerStartupDaemon"="c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe" [2009-08-22 24576]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-11-14 1064224].HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcsUxTuneUp.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = about:blankmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = <local>erride;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105Trusted Zone: clonewarsadventures.comTrusted Zone: freerealms.comTrusted Zone: soe.comTrusted Zone: sony.comTCP: DhcpNameServer = 192.168.1.1.- - - - ORPHANS REMOVED - - - -.SharedTaskScheduler-{1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)...[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll".[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Winstep Xtreme Service]"ImagePath"="c:\program files\Winstep\WsxService".[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]"ImagePath"="\??\c:\users\Darwin\AppData\Local\Temp\00513F0.tmp".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-3911683554-3553286672-2363877611-1000\Software\SecuROM\License information*]"datasecu"=hex:da,84,9d,ca,ad,a6,c5,1e,fe,99,96,92,85,1c,69,e3,ea,8f,17,76,cd, f9,ef,95,a1,d4,cb,29,fe,01,56,fa,99,e5,62,92,c3,5d,83,09,e2,20,1c,99,4a,6b,\"rkeysecu"=hex:47,00,cd,af,9b,cb,4f,ba,05,2d,8f,07,32,a7,59,46.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]@Denied: (A) (Everyone)"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}".[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]"Key"="ActionsPane3""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd".[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2014-01-08 19:33:33ComboFix-quarantined-files.txt 2014-01-09 03:33ComboFix2.txt 2014-01-06 02:12ComboFix3.txt 2014-01-04 16:55ComboFix4.txt 2014-01-04 16:01.Pre-Run: 19,959,595,008 bytes freePost-Run: 19,887,185,920 bytes free.- - End Of File - - 05EA1705530A75FF5766C73DEA50C0C9A36C5E4F47E84449FF07ED3517B43A31

Sorry for not replying sooner, but yeah so I uninstalled chrome and the ads still play, running any scans like malware or rkill just ends up killing or hiding the process which is temporarily fine, but everytime i restart the computer it comes back.

I reset google chrome, do you need me to uninstall it? Am I allowed to first back up my bookmarks?

okay so i restarted my computer and like usual the fake thing was back and running again. I ran combo fix and at the end, there was no un-indentified volume device however i'm not sure if it's actually gone or if it's merely hiding like when i ran the malware scan. Eitherway here's the combofix log. ComboFix 14-01-04.03 - Darwin 01/05/2014 17:48:31.5.4 - x64Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4095.2792 [GMT -8:00]Running from: c:\users\Darwin\Desktop\ComboFix.exeAV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((( Files Created from 2013-12-06 to 2014-01-06 )))))))))))))))))))))))))))))))..2014-01-06 02:03 . 2014-01-06 02:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp2014-01-06 02:03 . 2014-01-06 02:03 -------- d-----w- c:\users\Default\AppData\Local\temp2014-01-05 10:22 . 2014-01-05 10:22 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{09BB0864-90F7-4F5F-985D-07E76657DEFD}\offreg.dll2014-01-05 10:22 . 2014-01-05 10:22 46768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{09BB0864-90F7-4F5F-985D-07E76657DEFD}\MpKsl70cdd847.sys2014-01-05 10:20 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{09BB0864-90F7-4F5F-985D-07E76657DEFD}\mpengine.dll2014-01-04 17:18 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2014-01-03 14:36 . 2014-01-04 13:55 65600 ----a-w- c:\windows\system32\drivers\lsi_sas2.sys.bak2014-01-03 13:33 . 2014-01-03 13:33 -------- d-----w- c:\windows\Sun2014-01-03 13:19 . 2014-01-03 13:19 -------- d-----w- c:\windows\ERUNT2014-01-03 13:11 . 2014-01-04 17:01 -------- d-----w- C:\AdwCleaner2014-01-03 12:41 . 2014-01-04 01:30 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2014-01-01 13:07 . 2014-01-04 01:16 89304 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys2013-12-31 18:45 . 2013-12-31 18:45 -------- d-----w- c:\users\Darwin\AppData\Roaming\MPC-HC2013-12-16 02:17 . 2013-12-16 02:54 -------- d-----w- C:\BOSS2013-12-16 02:06 . 2011-12-07 18:37 148992 ----a-w- c:\windows\system32\lagarith.dll2013-12-16 02:06 . 2011-12-07 18:32 216064 ----a-w- c:\windows\SysWow64\lagarith.dll2013-12-16 02:06 . 2013-03-17 18:22 3554304 ----a-w- c:\windows\system32\x264vfw64.dll2013-12-16 02:06 . 2013-03-17 17:21 3649536 ----a-w- c:\windows\SysWow64\x264vfw.dll2013-12-16 02:06 . 2011-06-24 15:44 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll2013-12-16 02:06 . 2011-06-24 15:28 650752 ----a-w- c:\windows\SysWow64\xvidcore.dll2013-12-16 02:06 . 2012-07-21 11:55 180736 ----a-w- c:\windows\system32\ac3acm.acm2013-12-16 02:06 . 2012-07-21 11:54 122880 ----a-w- c:\windows\SysWow64\ac3acm.acm2013-12-16 02:06 . 2013-08-22 18:09 256088 ----a-w- c:\windows\system32\unrar64.dll2013-12-16 02:06 . 2013-11-14 18:00 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll2013-12-16 02:02 . 2013-12-16 14:01 -------- d-----w- c:\users\Darwin\AppData\Local\Fallout32013-12-07 22:24 . 2013-10-18 07:46 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71D252F9-9356-4B1E-B013-CD14DF0F9986}\gapaengine.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-12-11 09:37 . 2012-04-18 23:59 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2013-12-11 09:37 . 2011-05-25 21:19 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-11-23 00:59 . 2013-11-23 00:59 57344 ----a-r- c:\users\Darwin\AppData\Roaming\Microsoft\Installer\{2E6FA5CA-1597-4219-AF62-D9B061E7C448}\NewShortcut11_98798AFA4B0B41FAA9B8FF8835A64952.exe2013-11-23 00:59 . 2013-11-23 00:59 57344 ----a-r- c:\users\Darwin\AppData\Roaming\Microsoft\Installer\{2E6FA5CA-1597-4219-AF62-D9B061E7C448}\NewShortcut1_3F3768693B314C7692F69858832BE52C.exe2013-11-23 00:59 . 2013-11-23 00:59 53248 ----a-r- c:\users\Darwin\AppData\Roaming\Microsoft\Installer\{2E6FA5CA-1597-4219-AF62-D9B061E7C448}\ARPPRODUCTICON.exe2013-11-19 10:21 . 2010-08-07 06:00 267936 ------w- c:\windows\system32\MpSigStub.exe2013-11-14 18:00 . 2011-06-22 23:10 127488 ----a-w- c:\windows\system32\ff_vfw.dll2013-10-18 07:46 . 2011-03-26 18:09 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll2013-10-08 14:50 . 2013-10-22 11:11 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2012-01-07 19:54 . 2012-01-09 07:54 44 ---h--w- c:\program files (x86)\29a79214.tmp..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]"Akamai NetSession Interface"="c:\users\Darwin\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]"F.lux"="c:\users\Darwin\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-15 1016712]"DinsCurse"="c:\users\Darwin\AppData\Local\VirtualStore\DinsCurse\hdmdclfoig.dll" [bU].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-11-30 3806544].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"DinsCurse"="c:\users\Darwin\AppData\Local\VirtualStore\DinsCurse\hdmdclfoig.dll" [bU].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe [2010-9-2 255536]Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2010-10-10 117248]SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"aux5"=wdmaud.drv.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]@="Service".[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe""Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe""SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe""DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW.R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]R3 Gun;Gun;c:\windows\system32\Gun64.sys;c:\windows\SYSNATIVE\Gun64.sys [x]R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [x]R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]R3 RTCore64;RTCore64;c:\program files (x86)\EVGA Precision\RTCore64.sys;c:\program files (x86)\EVGA Precision\RTCore64.sys [x]R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R3 X6va005;X6va005;c:\users\Darwin\AppData\Local\Temp\00513F0.tmp;c:\users\Darwin\AppData\Local\Temp\00513F0.tmp [x]S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]S1 MpKsl70cdd847;MpKsl70cdd847;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{09BB0864-90F7-4F5F-985D-07E76657DEFD}\MpKsl70cdd847.sys;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{09BB0864-90F7-4F5F-985D-07E76657DEFD}\MpKsl70cdd847.sys [x]S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]S2 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe;c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]S2 Giraffic;Veoh Giraffic Video Accelerator;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [x]S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [x]S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]S2 Winstep Xtreme Service;Winstep Xtreme Service;c:\program files\Winstep\WsxService;c:\program files\Winstep\WsxService [x]S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]S3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [x]S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]Akamai REG_MULTI_SZ Akamai.Contents of the 'Scheduled Tasks' folder.2014-01-05 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 09:37].2014-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05 19:35].2014-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05 19:35].2014-01-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911683554-3553286672-2363877611-1000Core.job- c:\users\Darwin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-07 23:11].2014-01-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911683554-3553286672-2363877611-1000UA.job- c:\users\Darwin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-07 23:11]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]"RivaTunerStartupDaemon"="c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe" [2009-08-22 24576]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704].HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcsUxTuneUp.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = about:blankmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = <local>erride;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105Trusted Zone: clonewarsadventures.comTrusted Zone: freerealms.comTrusted Zone: soe.comTrusted Zone: sony.comTCP: DhcpNameServer = 192.168.1.1.- - - - ORPHANS REMOVED - - - -.SharedTaskScheduler-{1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)...[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll".[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Winstep Xtreme Service]"ImagePath"="c:\program files\Winstep\WsxService".[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]"ImagePath"="\??\c:\users\Darwin\AppData\Local\Temp\00513F0.tmp".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-3911683554-3553286672-2363877611-1000\Software\SecuROM\License information*]"datasecu"=hex:da,84,9d,ca,ad,a6,c5,1e,fe,99,96,92,85,1c,69,e3,ea,8f,17,76,cd, f9,ef,95,a1,d4,cb,29,fe,01,56,fa,99,e5,62,92,c3,5d,83,09,e2,20,1c,99,4a,6b,\"rkeysecu"=hex:47,00,cd,af,9b,cb,4f,ba,05,2d,8f,07,32,a7,59,46.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]@Denied: (A) (Everyone)"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}".[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]"Key"="ActionsPane3""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd".[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2014-01-05 18:12:37ComboFix-quarantined-files.txt 2014-01-06 02:12ComboFix2.txt 2014-01-04 16:55ComboFix3.txt 2014-01-04 16:01.Pre-Run: 20,490,358,784 bytes freePost-Run: 19,927,232,512 bytes free.- - End Of File - - 510BF2A3E892AB96D426FA2C2EF500F6A36C5E4F47E84449FF07ED3517B43A31

Okay so I think I know what is going on, when I started the scan for malwarebytes, the malware fake svchost as well as the audio ads "name unidentified" in the volume mixer both "hid" themselves. So essentially I don't know how but it's evading the malwarebytes scan by hiding themselves everytime I start a scan.

Just restarted the computer, and the audio ad is back in the volume mixer again.

okay I my full scan finished for malwarebytes and it says that there were no infected items, here's the report, and it seems like the audio ads have stopped, as there is nothing in the mixer. Hopefully everything is fixed, is there anything else left to do? Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2014.01.04.04 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 8.0.7601.17514Darwin :: COLDDUSTGIRL [administrator] 1/4/2014 9:06:22 AMmbam-log-2014-01-04 (09-06-22).txt Scan type: Full scan (C:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2PScan options disabled: Objects scanned: 877457Time elapsed: 2 hour(s), 21 minute(s), 41 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end)

here is the adwcleaner report # AdwCleaner v3.016 - Report created 04/01/2014 at 09:01:32# Updated 23/12/2013 by Xplode# Operating System : Windows 7 Professional Service Pack 1 (64 bits)# Username : Darwin - COLDDUSTGIRL# Running from : C:\Users\Darwin\Downloads\AdwCleaner (1).exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7601.17514 -\\ Mozilla Firefox v26.0 (en-US) [ File : C:\Users\Darwin\AppData\Roaming\Mozilla\Firefox\Profiles\191fu886.default-1377033217496\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Darwin\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [10542 octets] - [03/01/2014 05:14:11]AdwCleaner[R1].txt - [1027 octets] - [03/01/2014 06:39:44]AdwCleaner[R2].txt - [1152 octets] - [04/01/2014 09:00:43]AdwCleaner[s0].txt - [9625 octets] - [03/01/2014 05:15:40]AdwCleaner[s1].txt - [1089 octets] - [03/01/2014 06:40:42]AdwCleaner[s2].txt - [1074 octets] - [04/01/2014 09:01:32] ########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1134 octets] ##########

well i ran the combofix script on the combofix but when i checked the volume mixer it still came up with a "name unidentified" audio program. Here's the report though, i'll get to work on scanning and reporting the other programs. ComboFix 14-01-04.03 - Darwin 01/04/2014 8:28.4.4 - x64Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4095.2293 [GMT -8:00]Running from: c:\users\Darwin\Desktop\ComboFix.exeCommand switches used :: c:\users\Darwin\Desktop\CFScript.txtAV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))...--------------- FCopy ---------------.c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll --> c:\windows\system32\rpcss.dll.((((((((((((((((((((((((( Files Created from 2013-12-04 to 2014-01-04 )))))))))))))))))))))))))))))))..2014-01-04 16:44 . 2014-01-04 16:44 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp2014-01-04 16:44 . 2014-01-04 16:44 -------- d-----w- c:\users\Default\AppData\Local\temp2014-01-04 01:16 . 2014-01-04 01:16 117464 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys2014-01-03 14:36 . 2014-01-04 13:55 65600 ----a-w- c:\windows\system32\drivers\lsi_sas2.sys.bak2014-01-03 14:20 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{85E7A25A-62F8-49BA-8467-20C45A9AEC09}\mpengine.dll2014-01-03 13:33 . 2014-01-03 13:33 -------- d-----w- c:\windows\Sun2014-01-03 13:19 . 2014-01-03 13:19 -------- d-----w- c:\windows\ERUNT2014-01-03 13:11 . 2014-01-03 14:41 -------- d-----w- C:\AdwCleaner2014-01-03 12:41 . 2014-01-04 01:30 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2014-01-02 13:57 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2014-01-01 13:07 . 2014-01-04 01:16 89304 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys2013-12-31 18:45 . 2013-12-31 18:45 -------- d-----w- c:\users\Darwin\AppData\Roaming\MPC-HC2013-12-16 02:17 . 2013-12-16 02:54 -------- d-----w- C:\BOSS2013-12-16 02:06 . 2011-12-07 18:37 148992 ----a-w- c:\windows\system32\lagarith.dll2013-12-16 02:06 . 2011-12-07 18:32 216064 ----a-w- c:\windows\SysWow64\lagarith.dll2013-12-16 02:06 . 2013-03-17 18:22 3554304 ----a-w- c:\windows\system32\x264vfw64.dll2013-12-16 02:06 . 2013-03-17 17:21 3649536 ----a-w- c:\windows\SysWow64\x264vfw.dll2013-12-16 02:06 . 2011-06-24 15:44 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll2013-12-16 02:06 . 2011-06-24 15:28 650752 ----a-w- c:\windows\SysWow64\xvidcore.dll2013-12-16 02:06 . 2012-07-21 11:55 180736 ----a-w- c:\windows\system32\ac3acm.acm2013-12-16 02:06 . 2012-07-21 11:54 122880 ----a-w- c:\windows\SysWow64\ac3acm.acm2013-12-16 02:06 . 2013-08-22 18:09 256088 ----a-w- c:\windows\system32\unrar64.dll2013-12-16 02:06 . 2013-11-14 18:00 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll2013-12-16 02:02 . 2013-12-16 14:01 -------- d-----w- c:\users\Darwin\AppData\Local\Fallout32013-12-07 22:24 . 2013-10-18 07:46 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71D252F9-9356-4B1E-B013-CD14DF0F9986}\gapaengine.dll2013-12-06 22:08 . 2013-12-06 22:08 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-12-11 09:37 . 2012-04-18 23:59 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2013-12-11 09:37 . 2011-05-25 21:19 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-11-23 00:59 . 2013-11-23 00:59 57344 ----a-r- c:\users\Darwin\AppData\Roaming\Microsoft\Installer\{2E6FA5CA-1597-4219-AF62-D9B061E7C448}\NewShortcut11_98798AFA4B0B41FAA9B8FF8835A64952.exe2013-11-23 00:59 . 2013-11-23 00:59 57344 ----a-r- c:\users\Darwin\AppData\Roaming\Microsoft\Installer\{2E6FA5CA-1597-4219-AF62-D9B061E7C448}\NewShortcut1_3F3768693B314C7692F69858832BE52C.exe2013-11-23 00:59 . 2013-11-23 00:59 53248 ----a-r- c:\users\Darwin\AppData\Roaming\Microsoft\Installer\{2E6FA5CA-1597-4219-AF62-D9B061E7C448}\ARPPRODUCTICON.exe2013-11-19 10:21 . 2010-08-07 06:00 267936 ------w- c:\windows\system32\MpSigStub.exe2013-11-14 18:00 . 2011-06-22 23:10 127488 ----a-w- c:\windows\system32\ff_vfw.dll2013-10-18 07:46 . 2011-03-26 18:09 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll2013-10-08 14:50 . 2013-10-22 11:11 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2012-01-07 19:54 . 2012-01-09 07:54 44 ---h--w- c:\program files (x86)\29a79214.tmp..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]"Akamai NetSession Interface"="c:\users\Darwin\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]"F.lux"="c:\users\Darwin\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-15 1016712]"DinsCurse"="c:\users\Darwin\AppData\Local\VirtualStore\DinsCurse\hdmdclfoig.dll" [bU].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-11-30 3806544].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"DinsCurse"="c:\users\Darwin\AppData\Local\VirtualStore\DinsCurse\hdmdclfoig.dll" [bU].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe [2010-9-2 255536]Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2010-10-10 117248]SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"aux5"=wdmaud.drv.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]@="Service".[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe""Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe""SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe""DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW.R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]R3 Gun;Gun;c:\windows\system32\Gun64.sys;c:\windows\SYSNATIVE\Gun64.sys [x]R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [x]R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]R3 RTCore64;RTCore64;c:\program files (x86)\EVGA Precision\RTCore64.sys;c:\program files (x86)\EVGA Precision\RTCore64.sys [x]R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R3 X6va005;X6va005;c:\users\Darwin\AppData\Local\Temp\00513F0.tmp;c:\users\Darwin\AppData\Local\Temp\00513F0.tmp [x]S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]S2 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe;c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]S2 Giraffic;Veoh Giraffic Video Accelerator;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [x]S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [x]S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]S2 Winstep Xtreme Service;Winstep Xtreme Service;c:\program files\Winstep\WsxService;c:\program files\Winstep\WsxService [x]S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]S3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [x]S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]Akamai REG_MULTI_SZ Akamai.Contents of the 'Scheduled Tasks' folder.2014-01-04 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 09:37].2014-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05 19:35].2014-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05 19:35].2014-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911683554-3553286672-2363877611-1000Core.job- c:\users\Darwin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-07 23:11].2014-01-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911683554-3553286672-2363877611-1000UA.job- c:\users\Darwin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-07 23:11]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]"RivaTunerStartupDaemon"="c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe" [2009-08-22 24576]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704].HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcsUxTuneUp.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = about:blankmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = <local>erride;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105Trusted Zone: clonewarsadventures.comTrusted Zone: freerealms.comTrusted Zone: soe.comTrusted Zone: sony.comFF - ProfilePath - c:\users\Darwin\AppData\Roaming\Mozilla\Firefox\Profiles\191fu886.default-1377033217496\.- - - - ORPHANS REMOVED - - - -.SharedTaskScheduler-{1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)...[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll".[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Winstep Xtreme Service]"ImagePath"="c:\program files\Winstep\WsxService".[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]"ImagePath"="\??\c:\users\Darwin\AppData\Local\Temp\00513F0.tmp".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-3911683554-3553286672-2363877611-1000\Software\SecuROM\License information*]"datasecu"=hex:da,84,9d,ca,ad,a6,c5,1e,fe,99,96,92,85,1c,69,e3,ea,8f,17,76,cd, f9,ef,95,a1,d4,cb,29,fe,01,56,fa,99,e5,62,92,c3,5d,83,09,e2,20,1c,99,4a,6b,\"rkeysecu"=hex:47,00,cd,af,9b,cb,4f,ba,05,2d,8f,07,32,a7,59,46.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]@Denied: (A) (Everyone)"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}".[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]"Key"="ActionsPane3""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd".[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2014-01-04 08:54:55ComboFix-quarantined-files.txt 2014-01-04 16:54ComboFix2.txt 2014-01-04 16:01.Pre-Run: 22,360,072,192 bytes freePost-Run: 21,644,197,888 bytes free.- - End Of File - - EC146F214913795AC208D21046D795EBA36C5E4F47E84449FF07ED3517B43A31

Okay I had to run the combofix twice because the first time, it was preparing the log but it cut off half way through because my computer "randomly" had a plug and play critical thing crash and it was forced to restart. The second time around it finished in time. Also I'm also having malware problems of when I click on links in google it will redirect me to random sites. ComboFix 14-01-04.03 - Darwin 01/04/2014 7:45.3.4 - x64Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4095.2508 [GMT -8:00]Running from: c:\users\Darwin\Desktop\ComboFix.exeAV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..---- Previous Run -------.c:\users\Darwin\AppData\Local\VirtualStore\DinsCurse\hdmdclfoig.dllc:\users\Darwin\g2mdlhlpx.exe..((((((((((((((((((((((((( Files Created from 2013-12-04 to 2014-01-04 )))))))))))))))))))))))))))))))..2014-01-04 15:57 . 2014-01-04 15:57 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp2014-01-04 15:57 . 2014-01-04 15:57 -------- d-----w- c:\users\Default\AppData\Local\temp2014-01-04 01:16 . 2014-01-04 01:16 117464 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys2014-01-03 14:36 . 2014-01-04 13:55 65600 ----a-w- c:\windows\system32\drivers\lsi_sas2.sys.bak2014-01-03 14:20 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{85E7A25A-62F8-49BA-8467-20C45A9AEC09}\mpengine.dll2014-01-03 13:33 . 2014-01-03 13:33 -------- d-----w- c:\windows\Sun2014-01-03 13:19 . 2014-01-03 13:19 -------- d-----w- c:\windows\ERUNT2014-01-03 13:11 . 2014-01-03 14:41 -------- d-----w- C:\AdwCleaner2014-01-03 12:41 . 2014-01-04 01:30 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2014-01-02 13:57 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2014-01-01 13:07 . 2014-01-04 01:16 89304 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys2013-12-31 18:45 . 2013-12-31 18:45 -------- d-----w- c:\users\Darwin\AppData\Roaming\MPC-HC2013-12-16 02:17 . 2013-12-16 02:54 -------- d-----w- C:\BOSS2013-12-16 02:06 . 2011-12-07 18:37 148992 ----a-w- c:\windows\system32\lagarith.dll2013-12-16 02:06 . 2011-12-07 18:32 216064 ----a-w- c:\windows\SysWow64\lagarith.dll2013-12-16 02:06 . 2013-03-17 18:22 3554304 ----a-w- c:\windows\system32\x264vfw64.dll2013-12-16 02:06 . 2013-03-17 17:21 3649536 ----a-w- c:\windows\SysWow64\x264vfw.dll2013-12-16 02:06 . 2011-06-24 15:44 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll2013-12-16 02:06 . 2011-06-24 15:28 650752 ----a-w- c:\windows\SysWow64\xvidcore.dll2013-12-16 02:06 . 2012-07-21 11:55 180736 ----a-w- c:\windows\system32\ac3acm.acm2013-12-16 02:06 . 2012-07-21 11:54 122880 ----a-w- c:\windows\SysWow64\ac3acm.acm2013-12-16 02:06 . 2013-08-22 18:09 256088 ----a-w- c:\windows\system32\unrar64.dll2013-12-16 02:06 . 2013-11-14 18:00 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll2013-12-16 02:02 . 2013-12-16 14:01 -------- d-----w- c:\users\Darwin\AppData\Local\Fallout32013-12-07 22:24 . 2013-10-18 07:46 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71D252F9-9356-4B1E-B013-CD14DF0F9986}\gapaengine.dll2013-12-06 22:08 . 2013-12-06 22:08 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-12-11 09:37 . 2012-04-18 23:59 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2013-12-11 09:37 . 2011-05-25 21:19 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-11-23 00:59 . 2013-11-23 00:59 57344 ----a-r- c:\users\Darwin\AppData\Roaming\Microsoft\Installer\{2E6FA5CA-1597-4219-AF62-D9B061E7C448}\NewShortcut11_98798AFA4B0B41FAA9B8FF8835A64952.exe2013-11-23 00:59 . 2013-11-23 00:59 57344 ----a-r- c:\users\Darwin\AppData\Roaming\Microsoft\Installer\{2E6FA5CA-1597-4219-AF62-D9B061E7C448}\NewShortcut1_3F3768693B314C7692F69858832BE52C.exe2013-11-23 00:59 . 2013-11-23 00:59 53248 ----a-r- c:\users\Darwin\AppData\Roaming\Microsoft\Installer\{2E6FA5CA-1597-4219-AF62-D9B061E7C448}\ARPPRODUCTICON.exe2013-11-19 10:21 . 2010-08-07 06:00 267936 ------w- c:\windows\system32\MpSigStub.exe2013-11-14 18:00 . 2011-06-22 23:10 127488 ----a-w- c:\windows\system32\ff_vfw.dll2013-10-18 07:46 . 2011-03-26 18:09 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll2013-10-08 14:50 . 2013-10-22 11:11 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2012-01-07 19:54 . 2012-01-09 07:54 44 ---h--w- c:\program files (x86)\29a79214.tmp..------- Sigcheck -------Note: Unsigned files aren't necessarily malware..[7] 2010-11-20 . 5C627D1B1138676C0A7AB2C2C190D123 . 512000 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll[7] 2009-07-14 . 7266972E86890E2B30C0C322E906B027 . 509440 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll[-] 2010-11-20 . 35F9B98F6C0FF4AB7EF3665536BE025F . 509952 . . [6.1.7600.16385] .. c:\windows\system32\rpcss.dll.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]"Akamai NetSession Interface"="c:\users\Darwin\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]"F.lux"="c:\users\Darwin\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-15 1016712]"DinsCurse"="c:\users\Darwin\AppData\Local\VirtualStore\DinsCurse\hdmdclfoig.dll" [bU].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-11-30 3806544].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"DinsCurse"="c:\users\Darwin\AppData\Local\VirtualStore\DinsCurse\hdmdclfoig.dll" [bU].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe [2010-9-2 255536]Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2010-10-10 117248]SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"aux5"=wdmaud.drv.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]@="Service".[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe""Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe""SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe""DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW.R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]R3 Gun;Gun;c:\windows\system32\Gun64.sys;c:\windows\SYSNATIVE\Gun64.sys [x]R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [x]R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]R3 RTCore64;RTCore64;c:\program files (x86)\EVGA Precision\RTCore64.sys;c:\program files (x86)\EVGA Precision\RTCore64.sys [x]R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R3 X6va005;X6va005;c:\users\Darwin\AppData\Local\Temp\00513F0.tmp;c:\users\Darwin\AppData\Local\Temp\00513F0.tmp [x]S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]S2 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe;c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]S2 Giraffic;Veoh Giraffic Video Accelerator;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [x]S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [x]S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]S2 Winstep Xtreme Service;Winstep Xtreme Service;c:\program files\Winstep\WsxService;c:\program files\Winstep\WsxService [x]S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]S3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [x]S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]Akamai REG_MULTI_SZ Akamai.Contents of the 'Scheduled Tasks' folder.2014-01-04 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 09:37].2014-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05 19:35].2014-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05 19:35].2014-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911683554-3553286672-2363877611-1000Core.job- c:\users\Darwin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-07 23:11].2014-01-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911683554-3553286672-2363877611-1000UA.job- c:\users\Darwin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-07 23:11]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Darwin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]"RivaTunerStartupDaemon"="c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe" [2009-08-22 24576]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704].HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcsUxTuneUp.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = about:blankmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = <local>erride;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105Trusted Zone: clonewarsadventures.comTrusted Zone: freerealms.comTrusted Zone: soe.comTrusted Zone: sony.comFF - ProfilePath - c:\users\Darwin\AppData\Roaming\Mozilla\Firefox\Profiles\191fu886.default-1377033217496\.- - - - ORPHANS REMOVED - - - -.SharedTaskScheduler-{1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)...[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll".[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Winstep Xtreme Service]"ImagePath"="c:\program files\Winstep\WsxService".[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]"ImagePath"="\??\c:\users\Darwin\AppData\Local\Temp\00513F0.tmp".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-3911683554-3553286672-2363877611-1000\Software\SecuROM\License information*]"datasecu"=hex:da,84,9d,ca,ad,a6,c5,1e,fe,99,96,92,85,1c,69,e3,ea,8f,17,76,cd, f9,ef,95,a1,d4,cb,29,fe,01,56,fa,99,e5,62,92,c3,5d,83,09,e2,20,1c,99,4a,6b,\"rkeysecu"=hex:47,00,cd,af,9b,cb,4f,ba,05,2d,8f,07,32,a7,59,46.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]@Denied: (A) (Everyone)"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}".[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]"Key"="ActionsPane3""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd".[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2014-01-04 08:01:11ComboFix-quarantined-files.txt 2014-01-04 16:01.Pre-Run: 22,686,228,480 bytes freePost-Run: 22,330,552,320 bytes free.- - End Of File - - F4ED5D363388DFFDA479636A3640ED7EA36C5E4F47E84449FF07ED3517B43A31

Okay I ran the scan and copy and pasted the log below, if it also helps, my computer randomly will log off and restart because a certain plug and play or process randomly stops, usually the dcom service. And in my volume mixer there's actually two "name unidentified" ad song things. Also I'm running windows 7 64 bit. RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Darwin [Admin rights]Mode : Scan -- Date : 01/04/2014 05:56:07| ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤[HJNAME] notepad.exe -- C:\Windows\Temp\notepad.exe [-] -> KILLED [Tree] ¤¤¤ Registry Entries : 3 ¤¤¤[RUN][sUSP PATH] HKCU\[...]\Run : DinsCurse (rundll32 "C:\Users\Darwin\AppData\Local\VirtualStore\DinsCurse\hdmdclfoig.dll",DllRegisterServer [x][-][x]) -> FOUND[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) WDC WD50 00AAKS-00V1A SCSI Disk Device +++++--- User ---[MBR] 11bd505583332d1c7206fc4be1dc9cfb[bSP] 54937b3ba4c4c4259cebb4e8c729a664 : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MoUser = LL1 ... OK!Error reading LL2 MBR! ([0x1] Incorrect function. ) Finished : << RKreport[0]_S_01042014_055607.txt >>RKreport[0]_S_01042014_055419.txt

I see a "no name available" sound in my volume mixer, my svchost's memory usage goes through the roof after awhile and the audio ads play randomly. I've looked through some similar cases on here and I think that's what it is, although I can't be sure obviously. I would hope to get some help as soon as possible as it's been in my system for a couple of days now. ​ I've copy and pasted the dds and attach txt files below. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.45.2Run by Darwin at 18:39:08 on 2014-01-03Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4095.861 [GMT -8:00].AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\SysWOW64\svchost.exe -k AkamaiC:\Program Files\SoftPerfect Bandwidth Manager\bwmsvc.exec:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exeC:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exeC:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exeC:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Windows\SysWOW64\PnkBstrA.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exeC:\Program Files\Winstep\WsxService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exeC:\Program Files (x86)\Giraffic\Veoh_Giraffic.exeC:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exeC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files (x86)\DAEMON Tools Lite\daemon.exeC:\Users\Darwin\AppData\Local\Akamai\netsession_win.exeC:\Users\Darwin\AppData\Local\FluxSoftware\Flux\flux.exeC:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exeC:\Program Files\Rainmeter\Rainmeter.exeC:\Users\Darwin\AppData\Local\Akamai\netsession_win.exeC:\Program Files\Logitech\SetPoint II\SetPointII.exeC:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXEC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exeC:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exeC:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\Steam\Steam.exeC:\Program Files (x86)\Common Files\Steam\SteamService.exeC:\Windows\system32\taskhost.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\system32\taskeng.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Darwin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = about:blankBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dllBHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dlluRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorunuRun: [Akamai NetSession Interface] "C:\Users\Darwin\AppData\Local\Akamai\netsession_win.exe"uRun: [F.lux] "C:\Users\Darwin\AppData\Local\FluxSoftware\Flux\flux.exe" /noshowmRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /smRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-startStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SETPOI~1.LNK - C:\Program Files\Logitech\SetPoint II\SetPointII.exeuPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001025-0002-0025-ABCDEFFEDCBC} - <orphaned>IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option...INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..TCP: NameServer = 192.168.1.1TCP: Interfaces\{314C4549-FE9F-428F-93E2-9919CA7DED20} : DHCPNameServer = 192.168.0.1TCP: Interfaces\{314C4549-FE9F-428F-93E2-9919CA7DED20}\4586560A45561686F6573756 : DHCPNameServer = 192.168.2.1TCP: Interfaces\{314C4549-FE9F-428F-93E2-9919CA7DED20}\54D2A5D2132333 : DHCPNameServer = 10.0.0.1TCP: Interfaces\{4F2ACE78-272E-46F8-A283-8FCD1E831AD5} : DHCPNameServer = 192.168.1.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllx64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXEx64-Run: [RivaTunerStartupDaemon] "C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe" /Sx64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll.INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>x64-STS: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - <orphaned>x64-STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dllx64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Darwin\AppData\Roaming\Mozilla\Firefox\Profiles\191fu886.default-1377033217496\FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLLFF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dllFF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dllFF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dllFF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dllFF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dllFF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dllFF - plugin: C:\Users\Darwin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Users\Darwin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dllFF - plugin: C:\Users\Darwin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dllFF - plugin: C:\Users\Darwin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dllFF - plugin: C:\Users\Darwin\AppData\Roaming\Mozilla\plugins\npo1d.dllFF - plugin: C:\Windows\System32\Wat\npWatWeb.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]R2 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe [2011-3-28 25832]R2 Giraffic;Veoh Giraffic Video Accelerator;C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service --> C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service [?]R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-11-29 2210640]R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-7-15 8704]R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 377104]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-31 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-31 701512]R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-8-6 1153368]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-7-20 2027840]R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848]R2 Winstep Xtreme Service;Winstep Xtreme Service;C:\Program Files\Winstep\WsxService --> C:\Program Files\Winstep\WsxService [?]R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-8-19 351136]R3 LVUVC64;Logitech HD Webcam C310(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-8-19 4869024]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-1-19 25928]R3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2009-8-22 19952]R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2011-6-5 31232]R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-5-18 11856]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-8-13 105144]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-8-13 124088]S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2013-5-27 131912]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-8-20 103576]S3 Gun;Gun;C:\Windows\System32\Gun64.sys [2011-3-7 30840]S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-9-2 227232]S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 128456]S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]S3 RTCore64;RTCore64;C:\Program Files (x86)\EVGA Precision\RTCore64.sys [2010-9-7 14440]S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-8-20 204568]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-11-11 59392]S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2011-6-5 736104]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-7 1255736].=============== Created Last 30 ================.2014-01-04 01:16:11 117464 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys2014-01-03 14:36:59 65600 ----a-w- C:\Windows\System32\drivers\lsi_sas2.sys.bak2014-01-03 14:20:39 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{85E7A25A-62F8-49BA-8467-20C45A9AEC09}\mpengine.dll2014-01-03 14:08:07 -------- d-----w- C:\$RECYCLE.BIN2014-01-03 13:19:16 -------- d-----w- C:\Windows\ERUNT2014-01-03 13:11:57 -------- d-----w- C:\AdwCleaner2014-01-03 12:41:22 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-01-02 13:57:00 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2014-01-01 13:07:07 89304 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys2013-12-31 18:45:03 -------- d-----w- C:\Users\Darwin\AppData\Roaming\MPC-HC2013-12-16 02:17:39 -------- d-----w- C:\BOSS2013-12-16 02:06:28 216064 ----a-w- C:\Windows\SysWow64\lagarith.dll2013-12-16 02:06:28 148992 ----a-w- C:\Windows\System32\lagarith.dll2013-12-16 02:06:27 650752 ----a-w- C:\Windows\SysWow64\xvidcore.dll2013-12-16 02:06:27 3649536 ----a-w- C:\Windows\SysWow64\x264vfw.dll2013-12-16 02:06:27 3554304 ----a-w- C:\Windows\System32\x264vfw64.dll2013-12-16 02:06:27 243200 ----a-w- C:\Windows\SysWow64\xvidvfw.dll2013-12-16 02:06:26 180736 ----a-w- C:\Windows\System32\ac3acm.acm2013-12-16 02:06:26 122880 ----a-w- C:\Windows\SysWow64\ac3acm.acm2013-12-16 02:06:24 256088 ----a-w- C:\Windows\System32\unrar64.dll2013-12-16 02:06:22 112640 ----a-w- C:\Windows\SysWow64\ff_vfw.dll2013-12-16 02:02:28 -------- d-----w- C:\Users\Darwin\AppData\Local\Fallout32013-12-07 22:24:33 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{71D252F9-9356-4B1E-B013-CD14DF0F9986}\gapaengine.dll2013-12-06 22:08:08 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi.==================== Find3M ====================.2013-12-11 09:37:42 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-12-11 09:37:42 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe2013-11-14 18:00:00 127488 ----a-w- C:\Windows\System32\ff_vfw.dll2013-10-08 14:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2012-01-07 19:54:52 44 ---h--w- C:\Program Files (x86)\29a79214.tmp.============= FINISH: 18:40:22.14 =============== attach txt .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1Install Date: 8/6/2010 10:52:21 PMSystem Uptime: 1/3/2014 5:47:33 PM (1 hours ago).Motherboard: ASUSTeK Computer INC. | | P5N-DProcessor: Intel® Core2 Quad CPU Q9550 @ 2.83GHz | Socket 775 | 2833/333mhz.==== Disk Partitions =========================.A: is RemovableC: is FIXED (NTFS) - 466 GiB total, 17.52 GiB free.D: is CDROM (CDFS)E: is CDROM ()F: is CDROM ()H: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP934: 1/1/2014 5:04:44 AM - Windows UpdateRP935: 1/1/2014 5:54:46 AM - Malwarebytes Anti-Rootkit Restore PointRP936: 1/3/2014 5:38:29 AM - ComboFix created restore pointRP937: 1/3/2014 5:36:29 PM - Installed Microsoft Fix it 50267.==== Installed Programs ======================.µTorrent7-Zip 9.25 (x64 edition)Adobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader 9.5.2AIM 7Akamai NetSession InterfaceAkamai NetSession Interface Servicealien_crossfirealpha_centauriAmazon MP3 Downloader 1.0.15Amazon Unbox VideoAny Video Converter 3.3.2Apple Application SupportApple Mobile Device SupportapplicationupdaterArmA II LauncherAvernum: Escape From the PitBaldur's Gate 2 CompleteBaldur's Gate Enhanced EditionBattle for Wesnoth 1.10.6Belarc Advisor 8.1BonjourBOSSBulletStormCameraHelperMsiCD Art Display 2.0.1CDisplay 1.8Comcast High-Speed Internet Install WizardCompany of HeroesContagionCry of FearD3DX10Dear EstherDefinition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDelverDeponiaDesktop DungeonsDesuraDivX SetupDon't StarveDota 2Dreamfall: The Longest JourneyDriver DetectiveDropboxDungeon DashersDungeon of the EndlessDungeons of DredmorEndless SpaceerLTEVGA Precision 2.0.0Expeditions - Conquistadorf.luxFallen EnchantressFallen Enchantress: Legendary HeroesFallout 3 - Game of the Year EditionFallout 3 Patch v1.5Fallout Mod Manager 0.12.6FO2 Restoration Project 2.2focus boosterFraps (remove only)Free Mouse Auto Clicker 3.1Free MP3 Cutter and Editor 2.6Frozen SynapseFTL: Faster Than LightGameRangerGameSpy ArcadeGeneforge 1Geneforge 2Geneforge 3Geneforge 4Geneforge 5GOG.com Downloader version 3.2.14Google ChromeGoogle EarthGoogle Talk (remove only)Google Talk PluginGoogle Update HelperGoToMeeting 5.1.0.880GPL MPEG-1/2 DirectShow Decoder FilterGrey 1.1.0Grim DawnHeroes of Might and Magic® III CompleteHex Workshop v6.7Hi-Rez Studios Authenticate and Update ServiceImgBurnInfantry OnlineInfested PlanetIrfanView (remove only)Jagged Alliance 2 GoldJava 7 Update 17Java 7 Update 45Java Auto UpdaterJava 6 Update 12 (64-bit)K-Lite Mega Codec Pack 10.1.5Katawa ShoujoKnights of Pen and PaperLeague of LegendsLogitech SetPoint 5.20Logitech Vid HDLogitech Webcam SoftwareLogMeIn HamachiLong Live The Queen Full Retail 1.0.3LWS FacebookLWS GalleryLWS Help_mainLWS LauncherLWS Motion DetectionLWS Pictures And VideoLWS TwitterLWS Video Mask MakerLWS VideoEffectsLWS Webcam SoftwareLWS WLM PluginLWS YouTube PluginMacro Express 3Magic ISO Maker v5.5 (build 0281)Malwarebytes Anti-Malware version 1.75.0.1300McAfee Security Scan PlusMediaMonkey 3.2Microsoft .NET Framework 4.5.1 RCMicrosoft Application Error ReportingMicrosoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)Microsoft Game Studios Common Redistributables Pack 1Microsoft Games for Windows - LIVE RedistributableMicrosoft Games for Windows MarketplaceMicrosoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005Microsoft Xbox 360 Accessories 1.2Microsoft XML ParserMicrosoft XNA Framework Redistributable 3.1Microsoft XNA Framework Redistributable 4.0 RefreshMight & Magic ® Heroes ® VIMISERY for S.T.A.L.K.E.R - Call of PripyatMount & Blade: WarbandMount & Blade: With Fire and SwordMozilla Firefox 26.0 (x86 en-US)Mozilla Maintenance ServiceMP3 Clipper and Joiner 1.0MSVCRTMumble 1.2.3My Game Long NameNEO ScavengerNetherNeverwinter Nights 2: PlatinumNexon Game ManagerNotepad++Nuclear ThroneNVIDIA 3D Vision Controller DriverNVIDIA 3D Vision Controller Driver 296.10NVIDIA 3D Vision Driver 306.97NVIDIA Control Panel 306.97NVIDIA Graphics Driver 306.97NVIDIA Install ApplicationNVIDIA PhysXNVIDIA Stereoscopic 3D DriverNVIDIA Update 1.10.8NVIDIA Update ComponentsOpenALOutlastoZone3D.Net FurMark v1.6.5Pando Media BoosterParanormalPAYDAY 2PAYDAY 2 BetaPicasa 3PingPlotter Standard 3.30.4sPixel PiracyQuickTimeRainmeter (remove only)Rapture3D 2.3.22 GameRealm of the Mad GodRisk of RainRivaTuner v2.24 MSI Master Overclocking Arena 2009 editionRunning with rifles version 0.89.1Samsung KiesSamsung Mobile phone USB driver Drive SoftwareSAMSUNG USB Driver for Mobile PhonesSang-Froid - Tales of WerewolvesScrollsSecurity Update for CAPICOM (KB931906)Sid Meier's Alpha CentauriSid Meier's Civilization V SDKSilent HillSix UpdaterSkype™ 5.8Sofonica MP3 Cutter 1.1SoftPerfect Bandwidth Manager Lite 2.9.10Songbird 1.10.1 (Build 2160)Source SDK Base 2006Source SDK Base 2007Spacebase DF-9SpeedFan (remove only)SplitCamSpotifySpybot - Search & DestroyStarboundSteamSUABnRSword of Damocles: Warlords 3.92Sword of the Stars: The PitSystem Requirements Lab CYRITeleglitch: Die More EditionTeraCopy 2.27The Binding Of IsaacThe Incredible Adventures of Van HelsingThe Longest JourneyThe Walking Dead: Season TwoThe Wolf Among UsTuneUp Utilities 2011TuneUp Utilities Language Pack (en-US)Tunngle betaUbisoft Game LauncherUnity Web PlayerUpdate for Microsoft Office 2010 (KB2494150)Update for Microsoft Office 2010 (KB2553092)UplayUser's GuidesUxStyle Core BetaVC80CRTRedist - 8.0.50727.6195Ventrilo Client for Windows x64Veoh Giraffic Video AcceleratorVeoh Web PlayerVerizon Wireless Software Upgrade Assistant - Samsung(ar)Verizon Wireless Software Utility Application for Android - SamsungVirtualCloneDriveVLC media player 1.1.2WarframeWarhammer® 40,000®: Dawn of War® II – Retribution™Wasteland 2Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWinPcap 4.1.2WinRAR archiverWinstep Xtreme 10.9XCOM: Enemy UnknownXenonautsXSplitZafehouse: Diaries version 1.1.2.==== Event Viewer Messages From Past Week ========.1/3/2014 7:14:13 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.1/3/2014 7:14:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}1/3/2014 7:14:11 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}1/3/2014 7:14:07 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}1/3/2014 7:14:07 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}1/3/2014 7:14:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}1/3/2014 7:13:40 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}1/3/2014 7:13:33 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache ElbyCDIO MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx vwififlt Wanarpv6 WfpLwf ws2ifsl1/3/2014 7:13:33 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.1/3/2014 7:13:33 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.1/3/2014 7:13:33 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.1/3/2014 7:13:33 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.1/3/2014 7:13:33 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.1/3/2014 7:13:33 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.1/3/2014 7:13:33 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.1/3/2014 7:13:33 AM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.1/3/2014 7:13:33 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.1/3/2014 7:13:33 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.1/3/2014 7:13:33 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.1/3/2014 7:12:46 AM, Error: sptd [4] - Driver detected an internal error in its data structures for .1/3/2014 7:10:45 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Plug and Play service, but this action failed with the following error: A system shutdown has already been scheduled.1/3/2014 5:50:13 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).1/3/2014 5:50:13 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.1/3/2014 5:48:22 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.1/3/2014 5:48:08 PM, Error: Service Control Manager [7023] - The Power service terminated with the following error: The WMI request could not be completed and should be retried.1/3/2014 5:47:44 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.1/3/2014 5:46:47 PM, Error: Service Control Manager [7023] - The WMI Performance Adapter service terminated with the following error: %%-21470248091/3/2014 5:45:42 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the DCOM Server Process Launcher service, but this action failed with the following error: A system shutdown has already been scheduled.1/3/2014 5:45:42 PM, Error: Service Control Manager [7031] - The Plug and Play service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.1/3/2014 5:45:42 PM, Error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine..==== End Of File ===========================