Jump to content

bursticool

Members
 View Profile  See their activity

  • Posts

    12

  • Joined

  • Last visited

 Content Type 

Everything posted by bursticool

  1. bursticool
    This is MiniToolbox MiniToolBox by Farbar Version: 23-01-2014Ran by User (administrator) on 02-06-2014 at 20:03:30Running from "F:\"Microsoft Windows 7 Home Premium Service Pack 1 (X64)Boot Mode: Normal*************************************************************************** ========================= Flush DNS: =================================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========================= IE Proxy Settings: ============================== Proxy is enabled.ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118 "Reset IE Proxy Settings": IE Proxy Settings were reset.========================= Hosts content: ================================= 127.0.0.1 localhost ========================= IP Configuration: ================================ Atheros AR5B97 Wireless Network Adapter = Wireless Network Connection (Connected)Broadcom NetLink Gigabit Ethernet = Local Area Connection (Media disconnected) # ----------------------------------# IPv4 Configuration# ----------------------------------pushd interface ipv4 resetset global icmpredirects=enabled popd# End of IPv4 configuration Windows IP Configuration Host Name . . . . . . . . . . . . : User-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Atheros AR5B97 Wireless Network Adapter Physical Address. . . . . . . . . : 88-9F-FA-5F-82-F2 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::97d:9224:5569:f907%11(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.0.12(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Monday, 2 June 2014 4:51:06 PM Lease Expires . . . . . . . . . . : Monday, 2 June 2014 8:53:11 PM Default Gateway . . . . . . . . . : 192.168.0.1 DHCP Server . . . . . . . . . . . : 192.168.0.1 DHCPv6 IAID . . . . . . . . . . . : 193503226 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-30-00-11-1C-75-08-E9-12-CE DNS Servers . . . . . . . . . . . : 198.142.0.51 211.29.132.12 198.142.235.14 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : BigPond Description . . . . . . . . . . . : Broadcom NetLink Gigabit Ethernet Physical Address. . . . . . . . . : 1C-75-08-E9-12-CE DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : YesServer: dns.mel.optusnet.com.auAddress: 198.142.0.51 Name: google.comAddresses: 2404:6800:4006:806::1009 74.125.237.130 74.125.237.128 74.125.237.131 74.125.237.136 74.125.237.135 74.125.237.133 74.125.237.132 74.125.237.137 74.125.237.134 74.125.237.129 74.125.237.142 Pinging google.com [74.125.237.197] with 32 bytes of data:Reply from 74.125.237.197: bytes=32 time=28ms TTL=52Reply from 74.125.237.197: bytes=32 time=34ms TTL=52 Ping statistics for 74.125.237.197: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 28ms, Maximum = 34ms, Average = 31msServer: dns.mel.optusnet.com.auAddress: 198.142.0.51 Name: yahoo.comAddresses: 98.138.253.109 98.139.183.24 206.190.36.45 Pinging yahoo.com [98.139.183.24] with 32 bytes of data:Reply from 98.139.183.24: bytes=32 time=298ms TTL=45Reply from 98.139.183.24: bytes=32 time=292ms TTL=45 Ping statistics for 98.139.183.24: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 292ms, Maximum = 298ms, Average = 295ms Pinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================Interface List 11...88 9f fa 5f 82 f2 ......Atheros AR5B97 Wireless Network Adapter 10...1c 75 08 e9 12 ce ......Broadcom NetLink Gigabit Ethernet 1...........................Software Loopback Interface 1=========================================================================== IPv4 Route Table===========================================================================Active Routes:Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.12 25 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.0.0 255.255.255.0 On-link 192.168.0.12 281 192.168.0.12 255.255.255.255 On-link 192.168.0.12 281 192.168.0.255 255.255.255.255 On-link 192.168.0.12 281 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.0.12 281 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.0.12 281===========================================================================Persistent Routes: None IPv6 Route Table===========================================================================Active Routes: If Metric Network Destination Gateway 1 306 ::1/128 On-link 11 281 fe80::/64 On-link 11 281 fe80::97d:9224:5569:f907/128 On-link 1 306 ff00::/8 On-link 11 281 ff00::/8 On-link===========================================================================Persistent Routes: If Metric Network Destination Gateway 0 4294967295 2620:9b::/96 On-link 0 9000 ::/0 2620:9b::1900:1==================================================================================================== Winsock entries ===================================== Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)x64-Catalog5 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors:==================Error: (06/02/2014 06:43:53 PM) (Source: SideBySide) (User: )Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error: (06/02/2014 05:11:52 PM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (06/02/2014 00:02:23 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 12183 Error: (06/02/2014 00:02:23 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 12183 Error: (06/02/2014 00:02:23 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/02/2014 00:02:22 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 11169 Error: (06/02/2014 00:02:22 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 11169 Error: (06/02/2014 00:02:22 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/02/2014 00:02:21 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 10155 Error: (06/02/2014 00:02:21 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 10155 System errors:=============Error: (06/02/2014 05:45:35 PM) (Source: volsnap) (User: )Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:. Error: (06/01/2014 10:18:38 PM) (Source: DCOM) (User: )Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Microsoft Office Sessions:=========================Error: (06/02/2014 06:43:53 PM) (Source: SideBySide)(User: )Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3 Error: (06/02/2014 05:11:52 PM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestF:\esetsmartinstaller_enu.exe Error: (06/02/2014 00:02:23 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 12183 Error: (06/02/2014 00:02:23 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 12183 Error: (06/02/2014 00:02:23 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/02/2014 00:02:22 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 11169 Error: (06/02/2014 00:02:22 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 11169 Error: (06/02/2014 00:02:22 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/02/2014 00:02:21 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 10155 Error: (06/02/2014 00:02:21 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 10155 CodeIntegrity Errors:=================================== Date: 2014-05-31 14:53:40.069 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-05-31 14:53:39.979 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. =========================== Installed Programs ============================ 7-Zip 9.20Acer Backup Manager (Version: 3.0.0.69)Acer Crystal Eye Webcam (Version: 1.0.1306)Acer ePower Management (Version: 6.00.3002)Acer eRecovery Management (Version: 5.00.3002)Acer GameZone Console (Version: 6.1.0.9)Acer Registration (Version: 1.03.3003)Acer ScreenSaver (Version: 1.1.1130.2010)Acer Updater (Version: 1.02.3001)Acrobat.com (Version: 1.6.65)Addon Sync 2009 (Version: 1.0.67)Adobe AIR (Version: 1.5.0.7220)Adobe Flash Player 13 ActiveX (Version: 13.0.0.214)Adobe Flash Player 13 Plugin (Version: 13.0.0.214)Adobe Reader 9.1 MUI (Version: 9.1.0)Adobe Shockwave Player 12.0 (Version: 12.0.7.148)Apple Application Support (Version: 2.3.6)Apple Mobile Device Support (Version: 7.0.0.117)Apple Software Update (Version: 2.1.3.127)Arma 2: Operation Arrowhead BetaArma 3 Alphaavast! Free Antivirus (Version: 8.0.1489.0)Backup Manager V3 (Version: 3.0.0.69)Battlefield 3ô (Version: 1.6.0.0)Battlefield 4ô Beta (Version: 1.0.0.0)Battleground EuropeBattlelog Web Plugins (Version: 2.3.2)BattlEye for OA UninstallBattlEye UninstallBlacklight: RetributionBluetooth Win7 Suite (64) (Version: 7.2.0.56)Bonjour (Version: 3.0.0.10)Broadcom Card Reader Driver Installer (Version: 14.6.1.2)Broadcom Gigabit NetLink Controller (Version: 14.6.1.2)Burnout Paradise: The Ultimate BoxCall of Duty: Black Ops II - MultiplayerCall of Duty: Modern Warfare 2 - MultiplayerChivalry: Medieval WarfareChivalry: Medieval Warfare Betaclear.fi (Version: 1.0.1229.00)clear.fi (Version: 9.0.7209)clear.fi Client (Version: 1.00.3008)Counter-Strike: Global OffensiveCounter-Strike: SourceCrysis 2 Maximum EditionD3DX10 (Version: 15.4.2368.0902)DayZDayZ Commander (Version: 0.92.83)DivX Setup (Version: 2.6.1.44)Dota 2Dream Day First HomeESN Sonar (Version: 0.70.4)eSobi v2 (Version: 2.0.4.000274)ETDWare PS/2-X64 8.0.6.0_WHQL (Version: 8.0.6.0)Fistful of FragsFree to PlayFrhed 1.6.0 (Version: 1.6.0)GalapagoGarry's ModGeForce Experience NvStream Client Components (Version: 1.6.28)Google Chrome (Version: 35.0.1916.114)Google Update Helper (Version: 1.3.24.7)Grand Theft Auto IVGrand Theft Auto: Episodes from Liberty CityHeroes & Generals (Version: 1.0.6.1)Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)Identity Card (Version: 1.00.3003)InsurgencyIntel® Control Center (Version: 1.2.1.1007)Intel® Management Engine Components (Version: 7.0.0.1144)Intel® Processor Graphics (Version: 8.15.10.2291)Intel® Rapid Storage Technology (Version: 10.0.0.1046)Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.0.82.0)iTunes (Version: 11.1.3.8)Java 7 Update 25 (Version: 7.0.250)Java Auto Updater (Version: 2.1.9.5)Junk Mail filter update (Version: 15.4.3502.0922)Just Cause 2: Multiplayer ModLaunch Manager (Version: 5.1.3)Left 4 Dead 2Malwarebytes Anti-Malware version 2.0.2.1012 (Version: 2.0.2.1012)Media Watch (Version: 1.1)MediaEspresso (Version: 1.0.1210_33255)Merriam Websters Spell JamMesh Runtime (Version: 15.4.5722.2)Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)Microsoft Application Error Reporting (Version: 12.0.6015.5000)Microsoft Chart Controls for Microsoft .NET Framework 3.5 (Version: 3.5.30730.0)Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)Microsoft Games for Windows Marketplace (Version: 3.5.50.0)Microsoft Office 2010 (Version: 14.0.4763.1000)Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)Microsoft PowerPoint Viewer (Version: 14.0.7015.1000)Microsoft Silverlight (Version: 5.1.30214.0)Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (Version: 11.0.60610.1)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (Version: 11.0.60610.1)Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610)Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)Mirror's EdgeMSVCRT (Version: 15.4.2862.0708)MSVCRT_amd64 (Version: 15.4.2862.0708)Mumble 1.2.4 (Version: 1.2.4)MyWinLocker (Version: 4.0.14.11)MyWinLocker 4 (Version: 4.0.14.11)MyWinLocker Suite (Version: 4.0.14.11)Nexon Game ManagerNTI Media Maker 9 (Version: 9.0.2.8939)NVIDIA Control Panel 334.89 (Version: 334.89)NVIDIA GeForce Experience 1.8.2.1 (Version: 1.8.2.1)NVIDIA Graphics Driver 334.89 (Version: 334.89)NVIDIA Install Application (Version: 2.1002.147.1067)NVIDIA LED Visualizer 1.0 (Version: 1.0)NVIDIA Network Service (Version: 1.0)NVIDIA Optimus Update 11.10.13 (Version: 11.10.13)NVIDIA PhysX (Version: 9.13.1220)NVIDIA PhysX System Software 9.13.1220 (Version: 9.13.1220)NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13)NVIDIA Update 11.10.13 (Version: 11.10.13)NVIDIA Update Core (Version: 11.10.13)NVIDIA Virtual Audio 1.2.20 (Version: 1.2.20)OpenALOrigin (Version: 9.1.15.109)PFPortChecker 1.0.39 (Version: 1.0.39)PlanetSide 2PunkBuster Services (Version: 0.993)RAMDisk (Version: 4.4.0.31)Realtek High Definition Audio Driver (Version: 6.0.1.6276)Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.26.0)Rising Storm/Red Orchestra 2 MultiplayerROBLOX Player for UserRustSHIELD Streaming (Version: 1.7.321)Shredder (Version: 2.0.8.7)Skype Click to Call (Version: 7.2.15747.10003)Skypeô 6.16 (Version: 6.16.105)Sleeping DogsôSniper Elite V2Sniper Elite: Nazi Zombie ArmySource SDKSource SDK Base 2006Steam (Version: 1.0.0.0)swMSM (Version: 12.0.0.1)System Update kb70007 (Version: 1.0.0)Tactical InterventionTeam Fortress 2TeamSpeak 3 Client (Version: 3.0.11)Tom Clancy's Ghost Recon Phantoms - NATribes: AscendUnity Web Player (Version: )VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)Video Player (Version: 1.1)War ThunderWar Thunder Launcher 1.0.1.199WarframeWelcome Center (Version: 1.02.3007)Windows Live Communications Platform (Version: 15.4.3502.0922)Windows Live Essentials (Version: 15.4.3502.0922)Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)Windows Live Installer (Version: 15.4.3502.0922)Windows Live Language Selector (Version: 15.4.3502.0922)Windows Live Mail (Version: 15.4.3502.0922)Windows Live Mesh (Version: 15.4.3502.0922)Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)Windows Live Messenger (Version: 15.4.3502.0922)Windows Live MIME IFilter (Version: 15.4.3502.0922)Windows Live Movie Maker (Version: 15.4.3502.0922)Windows Live Photo Common (Version: 15.4.3502.0922)Windows Live Photo Gallery (Version: 15.4.3502.0922)Windows Live PIMT Platform (Version: 15.4.3502.0922)Windows Live Remote Client (Version: 15.4.5722.2)Windows Live Remote Client Resources (Version: 15.4.5722.2)Windows Live Remote Service (Version: 15.4.5722.2)Windows Live Remote Service Resources (Version: 15.4.5722.2)Windows Live SOXE (Version: 15.4.3502.0922)Windows Live SOXE Definitions (Version: 15.4.3502.0922)Windows Live UX Platform (Version: 15.4.3502.0922)Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)Windows Live Writer (Version: 15.4.3502.0922)Windows Live Writer Resources (Version: 15.4.3502.0922)WinRAR 4.20 (32-bit) (Version: 4.20.0)World of Tanks ========================= Devices: ================================ Name: Teredo Tunneling Pseudo-InterfaceDescription: Microsoft Teredo Tunneling AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ========================= Memory info: =================================== Percentage of memory in use: 79%Total physical RAM: 8043.86 MBAvailable physical RAM: 1658.93 MBTotal Pagefile: 16085.9 MBAvailable Pagefile: 9754.38 MBTotal Virtual: 4095.88 MBAvailable Virtual: 3978.22 MB ========================= Partitions: ===================================== 1 Drive c: (Acer) (Fixed) (Total:683.54 GB) (Free:187.42 GB) NTFS3 Drive e: (CMW) (Fixed) (Total:3.99 GB) (Free:3.99 GB) FAT324 Drive f: () (Removable) (Total:15.1 GB) (Free:13.62 GB) FAT32 ========================= Users: ======================================== User accounts for \\USER-PC Administrator Guest User ========================= Minidump Files ================================== No minidump file found ========================= Restore Points ================================== 02-06-2014 08:47:06 Scheduled Checkpoint **** End of log **** this is Farbar Service Scanner ============= Firewall Disabled Policy: ==================[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall"=DWORD:0 System Restore:============ System Restore Disabled Policy: ======================== Action Center:============ Windows Update:============ Windows Autoupdate Disabled Policy: ============================ Windows Defender:============== Other Services:============== File Check:========C:\Windows\System32\nsisvc.dll => MD5 is legitC:\Windows\System32\drivers\nsiproxy.sys => MD5 is legitC:\Windows\System32\dhcpcore.dll => MD5 is legitC:\Windows\System32\drivers\afd.sys => MD5 is legitC:\Windows\System32\drivers\tdx.sys => MD5 is legitC:\Windows\System32\Drivers\tcpip.sys => MD5 is legitC:\Windows\System32\dnsrslvr.dll => MD5 is legitC:\Windows\System32\mpssvc.dll => MD5 is legitC:\Windows\System32\bfe.dll => MD5 is legitC:\Windows\System32\drivers\mpsdrv.sys => MD5 is legitC:\Windows\System32\SDRSVC.dll => MD5 is legitC:\Windows\System32\vssvc.exe => MD5 is legitC:\Windows\System32\wscsvc.dll => MD5 is legitC:\Windows\System32\wbem\WMIsvc.dll => MD5 is legitC:\Windows\System32\wuaueng.dll => MD5 is legitC:\Windows\System32\qmgr.dll => MD5 is legitC:\Windows\System32\es.dll => MD5 is legitC:\Windows\System32\cryptsvc.dll => MD5 is legitC:\Program Files\Windows Defender\MpSvc.dll => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legit **** End of log **** Im really confused Kevin, after all these programs and scans, i still can't access internet Websites or can't update games, Do you know what is happening???
  2. bursticool
    Ran the Rogue Killer And I'm pretty sure i deleted all the Registry files you told me to delete, Maybe a bit more but no improvement, Still can't access Internet Sites. I tried to download the ESET thing but the only thing i could download was SmartScanner and even after i moved that over to my computer, i was unable to run it due to another Proxy Error. Anyway here is the RogueKiller Logs RogueKiller V9.0.0.0 (x64) [May 29 2014] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : User [Admin rights]Mode : Remove -- Date : 06/02/2014 17:07:20 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 48 ¤¤¤[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> REPLACED (0)[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> REPLACED (0)[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> ERROR [2][PUM.Proxy] (X86) HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> ERROR [2][PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> REPLACED (0)[PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> REPLACED (0)[PUM.Proxy] (X64) HKEY_USERS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> ERROR [2][PUM.Proxy] (X86) HKEY_USERS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> ERROR [2][PUM.Proxy] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> REPLACED (0)[PUM.Proxy] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> REPLACED (0)[PUM.Proxy] (X64) HKEY_USERS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> ERROR [2][PUM.Proxy] (X86) HKEY_USERS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> ERROR [2][PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> REPLACED (0)[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> REPLACED (0)[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> ERROR [2][PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> ERROR [2][PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1120-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> ERROR [2][PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1120-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> ERROR [2][PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> REPLACED (0)[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> REPLACED (0)[PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> DELETED[PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> ERROR [2][PUM.Proxy] (X64) HKEY_USERS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> ERROR [2][PUM.Proxy] (X86) HKEY_USERS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> ERROR [2][PUM.Proxy] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> DELETED[PUM.Proxy] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> ERROR [2][PUM.Proxy] (X64) HKEY_USERS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> ERROR [2][PUM.Proxy] (X86) HKEY_USERS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> ERROR [2][PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> DELETED[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> ERROR [2][PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> ERROR [2][PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> ERROR [2][PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1120-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> ERROR [2][PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1120-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> ERROR [2][PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> DELETED[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> DELETED[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> ERROR [2][PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> ERROR [2][PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> ERROR [2][PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NOT SELECTED[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NOT SELECTED[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NOT SELECTED[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NOT SELECTED[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NOT SELECTED[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ HOSTS File : 1 ¤¤¤[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost ¤¤¤ Antirootkit : 126 ¤¤¤[EAT:Addr] (explorer.exe) COMDLG32.dll - AsyncGetClassBits : C:\Windows\system32\urlmon.dll @ 0x7fefe9270b0[EAT:Addr] (explorer.exe) COMDLG32.dll - AsyncInstallDistributionUnit : C:\Windows\system32\urlmon.dll @ 0x7fefe927210[EAT:Addr] (explorer.exe) COMDLG32.dll - BindAsyncMoniker : C:\Windows\system32\urlmon.dll @ 0x7fefe911f90[EAT:Addr] (explorer.exe) COMDLG32.dll - CDLGetLongPathNameA : C:\Windows\system32\urlmon.dll @ 0x7fefe9278d0[EAT:Addr] (explorer.exe) COMDLG32.dll - CDLGetLongPathNameW : C:\Windows\system32\urlmon.dll @ 0x7fefe9278e8[EAT:Addr] (explorer.exe) COMDLG32.dll - CORPolicyProvider : C:\Windows\system32\urlmon.dll @ 0x7fefe911674[EAT:Addr] (explorer.exe) COMDLG32.dll - CoGetClassObjectFromURL : C:\Windows\system32\urlmon.dll @ 0x7fefe9273fc[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInstall : C:\Windows\system32\urlmon.dll @ 0x7fefe927460[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetCanonicalizeIUri : C:\Windows\system32\urlmon.dll @ 0x7fefe8d5660[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetCombineIUri : C:\Windows\system32\urlmon.dll @ 0x7fefe8d80a0[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetCombineUrl : C:\Windows\system32\urlmon.dll @ 0x7fefe8c46a4[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetCombineUrlEx : C:\Windows\system32\urlmon.dll @ 0x7fefe8c43c0[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetCompareUrl : C:\Windows\system32\urlmon.dll @ 0x7fefe915280[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetCreateSecurityManager : C:\Windows\system32\urlmon.dll @ 0x7fefe891ee0[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetCreateZoneManager : C:\Windows\system32\urlmon.dll @ 0x7fefe8a0810[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetFeatureSettingsChanged : C:\Windows\system32\urlmon.dll @ 0x7fefe950284[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetGetProtocolFlags : C:\Windows\system32\urlmon.dll @ 0x7fefe91537c[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetGetSecurityUrl : C:\Windows\system32\urlmon.dll @ 0x7fefe9153d0[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetGetSecurityUrlEx : C:\Windows\system32\urlmon.dll @ 0x7fefe8d9cd0[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetGetSession : C:\Windows\system32\urlmon.dll @ 0x7fefe892460[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetIsFeatureEnabled : C:\Windows\system32\urlmon.dll @ 0x7fefe8d8dc0[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetIsFeatureEnabledForIUri : C:\Windows\system32\urlmon.dll @ 0x7fefe8d51b8[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetIsFeatureEnabledForUrl : C:\Windows\system32\urlmon.dll @ 0x7fefe8d1820[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetIsFeatureZoneElevationEnabled : C:\Windows\system32\urlmon.dll @ 0x7fefe91586c[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetParseIUri : C:\Windows\system32\urlmon.dll @ 0x7fefe8c56a8[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetParseUrl : C:\Windows\system32\urlmon.dll @ 0x7fefe8a1490[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetQueryInfo : C:\Windows\system32\urlmon.dll @ 0x7fefe8d7c50[EAT:Addr] (explorer.exe) COMDLG32.dll - CoInternetSetFeatureEnabled : C:\Windows\system32\urlmon.dll @ 0x7fefe915af4[EAT:Addr] (explorer.exe) COMDLG32.dll - CompareSecurityIds : C:\Windows\system32\urlmon.dll @ 0x7fefe8ad1a4[EAT:Addr] (explorer.exe) COMDLG32.dll - CompatFlagsFromClsid : C:\Windows\system32\urlmon.dll @ 0x7fefe8d4044[EAT:Addr] (explorer.exe) COMDLG32.dll - CopyBindInfo : C:\Windows\system32\urlmon.dll @ 0x7fefe923020[EAT:Addr] (explorer.exe) COMDLG32.dll - CopyStgMedium : C:\Windows\system32\urlmon.dll @ 0x7fefe89ba0c[EAT:Addr] (explorer.exe) COMDLG32.dll - CreateAsyncBindCtx : C:\Windows\system32\urlmon.dll @ 0x7fefe8e86c0[EAT:Addr] (explorer.exe) COMDLG32.dll - CreateAsyncBindCtxEx : C:\Windows\system32\urlmon.dll @ 0x7fefe8d3d14[EAT:Addr] (explorer.exe) COMDLG32.dll - CreateFormatEnumerator : C:\Windows\system32\urlmon.dll @ 0x7fefe8b68e0[EAT:Addr] (explorer.exe) COMDLG32.dll - CreateIUriBuilder : C:\Windows\system32\urlmon.dll @ 0x7fefe893660[EAT:Addr] (explorer.exe) COMDLG32.dll - CreateURLMoniker : C:\Windows\system32\urlmon.dll @ 0x7fefe8eccf4[EAT:Addr] (explorer.exe) COMDLG32.dll - CreateURLMonikerEx : C:\Windows\system32\urlmon.dll @ 0x7fefe8978d0[EAT:Addr] (explorer.exe) COMDLG32.dll - CreateURLMonikerEx2 : C:\Windows\system32\urlmon.dll @ 0x7fefe8d40f0[EAT:Addr] (explorer.exe) COMDLG32.dll - CreateUri : C:\Windows\system32\urlmon.dll @ 0x7fefe8916f0[EAT:Addr] (explorer.exe) COMDLG32.dll - CreateUriFromMultiByteString : C:\Windows\system32\urlmon.dll @ 0x7fefe911ee4[EAT:Addr] (explorer.exe) COMDLG32.dll - CreateUriPriv : C:\Windows\system32\urlmon.dll @ 0x7fefe911ef8[EAT:Addr] (explorer.exe) COMDLG32.dll - CreateUriWithFragment : C:\Windows\system32\urlmon.dll @ 0x7fefe911f40[EAT:Addr] (explorer.exe) COMDLG32.dll - DllCanUnloadNow : C:\Windows\system32\urlmon.dll @ 0x7fefe891600[EAT:Addr] (explorer.exe) COMDLG32.dll - DllGetClassObject : C:\Windows\system32\urlmon.dll @ 0x7fefe8dab3c[EAT:Addr] (explorer.exe) COMDLG32.dll - DllInstall : C:\Windows\system32\urlmon.dll @ 0x7fefe912458[EAT:Addr] (explorer.exe) COMDLG32.dll - DllRegisterServer : C:\Windows\system32\urlmon.dll @ 0x7fefe912464[EAT:Addr] (explorer.exe) COMDLG32.dll - DllRegisterServerEx : C:\Windows\system32\urlmon.dll @ 0x7fefe8ee070[EAT:Addr] (explorer.exe) COMDLG32.dll - DllUnregisterServer : C:\Windows\system32\urlmon.dll @ 0x7fefe912470[EAT:Addr] (explorer.exe) COMDLG32.dll - Extract : C:\Windows\system32\urlmon.dll @ 0x7fefe927f74[EAT:Addr] (explorer.exe) COMDLG32.dll - FaultInIEFeature : C:\Windows\system32\urlmon.dll @ 0x7fefe928fe8[EAT:Addr] (explorer.exe) COMDLG32.dll - FileBearsMarkOfTheWeb : C:\Windows\system32\urlmon.dll @ 0x7fefe8c6b60[EAT:Addr] (explorer.exe) COMDLG32.dll - FindMediaType : C:\Windows\system32\urlmon.dll @ 0x7fefe912e9c[EAT:Addr] (explorer.exe) COMDLG32.dll - FindMediaTypeClass : C:\Windows\system32\urlmon.dll @ 0x7fefe8b6080[EAT:Addr] (explorer.exe) COMDLG32.dll - FindMimeFromData : C:\Windows\system32\urlmon.dll @ 0x7fefe8d50bc[EAT:Addr] (explorer.exe) COMDLG32.dll - GetAddSitesFileUrl : C:\Windows\system32\urlmon.dll @ 0x7fefe9502b0[EAT:Addr] (explorer.exe) COMDLG32.dll - GetClassFileOrMime : C:\Windows\system32\urlmon.dll @ 0x7fefe8eb8ec[EAT:Addr] (explorer.exe) COMDLG32.dll - GetClassURL : C:\Windows\system32\urlmon.dll @ 0x7fefe912074[EAT:Addr] (explorer.exe) COMDLG32.dll - GetComponentIDFromCLSSPEC : C:\Windows\system32\urlmon.dll @ 0x7fefe9292e8[EAT:Addr] (explorer.exe) COMDLG32.dll - GetIDNFlagsForUri : C:\Windows\system32\urlmon.dll @ 0x7fefe8ac7f0[EAT:Addr] (explorer.exe) COMDLG32.dll - GetIUriPriv : C:\Windows\system32\urlmon.dll @ 0x7fefe911f60[EAT:Addr] (explorer.exe) COMDLG32.dll - GetIUriPriv2 : C:\Windows\system32\urlmon.dll @ 0x7fefe911f50[EAT:Addr] (explorer.exe) COMDLG32.dll - GetLabelsFromNamedHost : C:\Windows\system32\urlmon.dll @ 0x7fefe958b54[EAT:Addr] (explorer.exe) COMDLG32.dll - GetMarkOfTheWeb : C:\Windows\system32\urlmon.dll @ 0x7fefe949390[EAT:Addr] (explorer.exe) COMDLG32.dll - GetPortFromUrlScheme : C:\Windows\system32\urlmon.dll @ 0x7fefe911e94[EAT:Addr] (explorer.exe) COMDLG32.dll - GetPropertyFromName : C:\Windows\system32\urlmon.dll @ 0x7fefe911ea4[EAT:Addr] (explorer.exe) COMDLG32.dll - GetPropertyName : C:\Windows\system32\urlmon.dll @ 0x7fefe911eb4[EAT:Addr] (explorer.exe) COMDLG32.dll - GetSoftwareUpdateInfo : C:\Windows\system32\urlmon.dll @ 0x7fefe8ee070[EAT:Addr] (explorer.exe) COMDLG32.dll - GetUrlmonThreadNotificationHwnd : C:\Windows\system32\urlmon.dll @ 0x7fefe8edeb4[EAT:Addr] (explorer.exe) COMDLG32.dll - GetZoneFromAlternateDataStreamEx : C:\Windows\system32\urlmon.dll @ 0x7fefe896d90[EAT:Addr] (explorer.exe) COMDLG32.dll - HlinkGoBack : C:\Windows\system32\urlmon.dll @ 0x7fefe946e78[EAT:Addr] (explorer.exe) COMDLG32.dll - HlinkGoForward : C:\Windows\system32\urlmon.dll @ 0x7fefe946f24[EAT:Addr] (explorer.exe) COMDLG32.dll - HlinkNavigateMoniker : C:\Windows\system32\urlmon.dll @ 0x7fefe946fd0[EAT:Addr] (explorer.exe) COMDLG32.dll - HlinkNavigateString : C:\Windows\system32\urlmon.dll @ 0x7fefe947004[EAT:Addr] (explorer.exe) COMDLG32.dll - HlinkSimpleNavigateToMoniker : C:\Windows\system32\urlmon.dll @ 0x7fefe947038[EAT:Addr] (explorer.exe) COMDLG32.dll - HlinkSimpleNavigateToString : C:\Windows\system32\urlmon.dll @ 0x7fefe9475e8[EAT:Addr] (explorer.exe) COMDLG32.dll - IECompatLogCSSFix : C:\Windows\system32\urlmon.dll @ 0x7fefe9212fc[EAT:Addr] (explorer.exe) COMDLG32.dll - IEDllLoader : C:\Windows\system32\urlmon.dll @ 0x7fefe9126f0[EAT:Addr] (explorer.exe) COMDLG32.dll - IEGetUserPrivateNamespaceName : C:\Windows\system32\urlmon.dll @ 0x7fefe923244[EAT:Addr] (explorer.exe) COMDLG32.dll - IEInstallScope : C:\Windows\system32\urlmon.dll @ 0x7fefe927554[EAT:Addr] (explorer.exe) COMDLG32.dll - IntlPercentEncodeNormalize : C:\Windows\system32\urlmon.dll @ 0x7fefe911f70[EAT:Addr] (explorer.exe) COMDLG32.dll - IsAsyncMoniker : C:\Windows\system32\urlmon.dll @ 0x7fefe8d21fc[EAT:Addr] (explorer.exe) COMDLG32.dll - IsDWORDProperty : C:\Windows\system32\urlmon.dll @ 0x7fefe911ec4[EAT:Addr] (explorer.exe) COMDLG32.dll - IsIntranetAvailable : C:\Windows\system32\urlmon.dll @ 0x7fefe950668[EAT:Addr] (explorer.exe) COMDLG32.dll - IsJITInProgress : C:\Windows\system32\urlmon.dll @ 0x7fefe8ab328[EAT:Addr] (explorer.exe) COMDLG32.dll - IsLoggingEnabledA : C:\Windows\system32\urlmon.dll @ 0x7fefe94855c[EAT:Addr] (explorer.exe) COMDLG32.dll - IsLoggingEnabledW : C:\Windows\system32\urlmon.dll @ 0x7fefe948688[EAT:Addr] (explorer.exe) COMDLG32.dll - IsStringProperty : C:\Windows\system32\urlmon.dll @ 0x7fefe911ed4[EAT:Addr] (explorer.exe) COMDLG32.dll - IsValidURL : C:\Windows\system32\urlmon.dll @ 0x7fefe8c7610[EAT:Addr] (explorer.exe) COMDLG32.dll - MkParseDisplayNameEx : C:\Windows\system32\urlmon.dll @ 0x7fefe8e92f0[EAT:Addr] (explorer.exe) COMDLG32.dll - ObtainUserAgentString : C:\Windows\system32\urlmon.dll @ 0x7fefe91dce0[EAT:Addr] (explorer.exe) COMDLG32.dll - PrivateCoInstall : C:\Windows\system32\urlmon.dll @ 0x7fefe927560[EAT:Addr] (explorer.exe) COMDLG32.dll - QueryAssociations : C:\Windows\system32\urlmon.dll @ 0x7fefe8ae9c0[EAT:Addr] (explorer.exe) COMDLG32.dll - QueryClsidAssociation : C:\Windows\system32\urlmon.dll @ 0x7fefe920a8c[EAT:Addr] (explorer.exe) COMDLG32.dll - RegisterBindStatusCallback : C:\Windows\system32\urlmon.dll @ 0x7fefe8cf600[EAT:Addr] (explorer.exe) COMDLG32.dll - RegisterFormatEnumerator : C:\Windows\system32\urlmon.dll @ 0x7fefe8d1c6c[EAT:Addr] (explorer.exe) COMDLG32.dll - RegisterMediaTypeClass : C:\Windows\system32\urlmon.dll @ 0x7fefe9120c0[EAT:Addr] (explorer.exe) COMDLG32.dll - RegisterMediaTypes : C:\Windows\system32\urlmon.dll @ 0x7fefe912210[EAT:Addr] (explorer.exe) COMDLG32.dll - RegisterWebPlatformPermanentSecurityManager : C:\Windows\system32\urlmon.dll @ 0x7fefe8c8c54[EAT:Addr] (explorer.exe) COMDLG32.dll - ReleaseBindInfo : C:\Windows\system32\urlmon.dll @ 0x7fefe897d40[EAT:Addr] (explorer.exe) COMDLG32.dll - RevokeBindStatusCallback : C:\Windows\system32\urlmon.dll @ 0x7fefe8cfbf0[EAT:Addr] (explorer.exe) COMDLG32.dll - RevokeFormatEnumerator : C:\Windows\system32\urlmon.dll @ 0x7fefe9122cc[EAT:Addr] (explorer.exe) COMDLG32.dll - SetAccessForIEAppContainer : C:\Windows\system32\urlmon.dll @ 0x7fefe923258[EAT:Addr] (explorer.exe) COMDLG32.dll - SetSoftwareUpdateAdvertisementState : C:\Windows\system32\urlmon.dll @ 0x7fefe8ee070[EAT:Addr] (explorer.exe) COMDLG32.dll - ShouldDisplayPunycodeForUri : C:\Windows\system32\urlmon.dll @ 0x7fefe91de50[EAT:Addr] (explorer.exe) COMDLG32.dll - ShouldShowIntranetWarningSecband : C:\Windows\system32\urlmon.dll @ 0x7fefe8d3a3c[EAT:Addr] (explorer.exe) COMDLG32.dll - ShowTrustAlertDialog : C:\Windows\system32\urlmon.dll @ 0x7fefe950820[EAT:Addr] (explorer.exe) COMDLG32.dll - URLDownloadA : C:\Windows\system32\urlmon.dll @ 0x7fefe915cc4[EAT:Addr] (explorer.exe) COMDLG32.dll - URLDownloadToCacheFileA : C:\Windows\system32\urlmon.dll @ 0x7fefe947d9c[EAT:Addr] (explorer.exe) COMDLG32.dll - URLDownloadToCacheFileW : C:\Windows\system32\urlmon.dll @ 0x7fefe8ba0c4[EAT:Addr] (explorer.exe) COMDLG32.dll - URLDownloadToFileA : C:\Windows\system32\urlmon.dll @ 0x7fefe947f10[EAT:Addr] (explorer.exe) COMDLG32.dll - URLDownloadToFileW : C:\Windows\system32\urlmon.dll @ 0x7fefe8befd0[EAT:Addr] (explorer.exe) COMDLG32.dll - URLDownloadW : C:\Windows\system32\urlmon.dll @ 0x7fefe915d78[EAT:Addr] (explorer.exe) COMDLG32.dll - URLOpenBlockingStreamA : C:\Windows\system32\urlmon.dll @ 0x7fefe948058[EAT:Addr] (explorer.exe) COMDLG32.dll - URLOpenBlockingStreamW : C:\Windows\system32\urlmon.dll @ 0x7fefe948138[EAT:Addr] (explorer.exe) COMDLG32.dll - URLOpenPullStreamA : C:\Windows\system32\urlmon.dll @ 0x7fefe94821c[EAT:Addr] (explorer.exe) COMDLG32.dll - URLOpenPullStreamW : C:\Windows\system32\urlmon.dll @ 0x7fefe9482e0[EAT:Addr] (explorer.exe) COMDLG32.dll - URLOpenStreamA : C:\Windows\system32\urlmon.dll @ 0x7fefe948408[EAT:Addr] (explorer.exe) COMDLG32.dll - URLOpenStreamW : C:\Windows\system32\urlmon.dll @ 0x7fefe9484d0[EAT:Addr] (explorer.exe) COMDLG32.dll - UnregisterWebPlatformPermanentSecurityManager : C:\Windows\system32\urlmon.dll @ 0x7fefe8ec9b4[EAT:Addr] (explorer.exe) COMDLG32.dll - UrlMkBuildVersion : C:\Windows\system32\urlmon.dll @ 0x7fefe912804[EAT:Addr] (explorer.exe) COMDLG32.dll - UrlMkGetSessionOption : C:\Windows\system32\urlmon.dll @ 0x7fefe8a3e60[EAT:Addr] (explorer.exe) COMDLG32.dll - UrlMkSetSessionOption : C:\Windows\system32\urlmon.dll @ 0x7fefe8cd0e4[EAT:Addr] (explorer.exe) COMDLG32.dll - UrlmonCleanupCurrentThread : C:\Windows\system32\urlmon.dll @ 0x7fefe8ba27c[EAT:Addr] (explorer.exe) COMDLG32.dll - WriteHitLogging : C:\Windows\system32\urlmon.dll @ 0x7fefe9485d0[EAT:Addr] (explorer.exe) COMDLG32.dll - ZonesReInit : C:\Windows\system32\urlmon.dll @ 0x7fefe949c30 ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤+++++ PhysicalDrive0: +++++--- User ---[MBR] be4c91603da601c79490ed07cee8bce6[bSP] 8959d8120d88dd96332e99c0f7508d0a : Unknown MBR CodePartition table:0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 32 | Size: 4091 MBError reading LL1 MBR! ([1] Incorrect function. )Error reading LL2 MBR! ([1] Incorrect function. ) +++++ PhysicalDrive1: TOSHIBA MK7559GSXP +++++--- User ---[MBR] 54fcac12789d03f1198099835339d8b1[bSP] 2868f8b70c57eaf3d5b45bb628d8e0e8 : Windows Vista/7/8 MBR CodePartition table:0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 MB1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 MB2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 699942 MBUser = LL1 ... OKUser = LL2 ... OK ============================================RKreport_SCN_06012014_222108.log - RKreport_SCN_06012014_234456.log - RKreport_DEL_06012014_234609.log - RKreport_SCN_06022014_170035.log Im hoping this doesn't have to go to a Factory Default. Do your best Kevin
  3. bursticool
    Before i do the following steps, After RogueKiller, Will i be able to access the internet? Because the next steps requires being able to get onto the website eset. Slightly Confused
  4. bursticool
    I only have the options Scan, Delete and Report on the side, it does say Adlice Software
  5. bursticool
    Rogue Killer* i can't seem to find proxyFix on it
  6. bursticool
    This is for Rogue Fix correct?
  7. bursticool
    # AdwCleaner v3.211 - Report created 01/06/2014 at 21:49:40 # Updated 26/05/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : User - USER-PC # Running from : C:\Users\User\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\apn Folder Deleted : C:\ProgramData\WPM Folder Deleted : C:\Program Files (x86)\Mobogenie Folder Deleted : C:\Program Files (x86)\MSR Folder Deleted : C:\Program Files (x86)\SecretSauce Folder Deleted : C:\Program Files (x86)\VideoPlayerV3 Folder Deleted : C:\Program Files\003 Folder Deleted : C:\Program Files\Uninstaller Folder Deleted : C:\Users\User\AppData\Local\genienext Folder Deleted : C:\Users\User\AppData\Local\Mobogenie Folder Deleted : C:\Users\User\AppData\Local\SwvUpdater Folder Deleted : C:\Users\User\AppData\Roaming\SupTab Folder Deleted : C:\Users\User\AppData\Roaming\v9 Folder Deleted : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com Folder Deleted : C:\Users\User\Documents\Mobogenie File Deleted : C:\Users\User\daemonprocess.txt File Deleted : C:\Users\User\Desktop\TornTV.lnk ***** [ Shortcuts ] ***** Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1 Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKCU\Software\AppDataLow\Software Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C} Key Deleted : HKLM\Software\MediaViewV1 Key Deleted : HKLM\Software\MediaWatchV1 Key Deleted : HKLM\Software\SupTab Key Deleted : HKLM\Software\supWPM Key Deleted : HKLM\Software\Uniblue Key Deleted : HKLM\Software\V9Software Key Deleted : HKLM\Software\Wpm Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\v9 uninstaller Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar Key Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcher ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17041 Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] -\\ Google Chrome v35.0.1916.114 [ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma ************************* AdwCleaner[R0].txt - [7873 octets] - [01/06/2014 21:48:49] AdwCleaner[s0].txt - [7075 octets] - [01/06/2014 21:49:40] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [7135 octets] ########## Thats the ADWARE This is JRT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Home Premium x64 Ran by User on Sun 01/06/2014 at 21:58:21.09 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files Successfully deleted: [File] C:\Windows\syswow64\sho6113.tmp Successfully deleted: [File] C:\Windows\syswow64\sho9A64.tmp Successfully deleted: [File] C:\Windows\syswow64\shoA84F.tmp Successfully deleted: [File] C:\Windows\syswow64\shoDB57.tmp Successfully deleted: [File] C:\Windows\syswow64\shoDD55.tmp ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess" Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\boost_interprocess" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 01/06/2014 at 22:05:05.19 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ And this is Rogue RogueKiller V9.0.0.0 (x64) [May 29 2014] by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : User [Admin rights] Mode : Scan -- Date : 06/01/2014 22:21:08 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 26 ¤¤¤ [PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> FOUND [PUM.Proxy] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> FOUND [PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> FOUND [PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND [PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND [PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND [PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2127809028-18669728-1403974004-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ HOSTS File : 1 ¤¤¤ [C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost ¤¤¤ Antirootkit : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] be4c91603da601c79490ed07cee8bce6 [bSP] 8959d8120d88dd96332e99c0f7508d0a : Unknown MBR Code Partition table: 0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 32 | Size: 4091 MB Error reading LL1 MBR! ([1] Incorrect function. ) Error reading LL2 MBR! ([1] Incorrect function. ) +++++ PhysicalDrive1: TOSHIBA MK7559GSXP +++++ --- User --- [MBR] 54fcac12789d03f1198099835339d8b1 [bSP] 2868f8b70c57eaf3d5b45bb628d8e0e8 : Windows Vista/7/8 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 MB 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 MB 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 699942 MB User = LL1 ... OK User = LL2 ... OK There u go Kevin
  8. bursticool
    file://localhost/Volumes/LUCIA%20USB/AdwCleaner%5BS0%5D.txtfile://localhost/Volumes/LUCIA%20USB/RKreport_SCN_06012014_222108.logfile://localhost/Volumes/LUCIA%20USB/RKreport_SCN_06012014_222108.logfile://localhost/Volumes/LUCIA%20USB/JRT.txtfile://localhost/Volumes/LUCIA%20USB/JRT.txt There you go kevin
  9. bursticool
    Alright, here is the fix log Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-05-2014Ran by User at 2014-06-01 12:11:25 Run:1Running from C:\Users\User\DesktopBoot Mode: Normal============================================== Content of fixlist:*****************StartGroupPolicy: Group Policy on Chrome detected <======= ATTENTIONProxyEnable: Internet Explorer proxy is enabled.ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No FileBHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll No FileToolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No FileToolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll No FileS2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]C:\Program Files\AVAST SoftwareS2 aswFsBlk; No ImagePathS0 aswRvrt; No ImagePathS1 aswSnx; No ImagePathS1 aswSP; No ImagePathS1 aswTdi; No ImagePathS0 aswVmm; No ImagePathS2 aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [X]S1 aswRdr; \SystemRoot\System32\Drivers\aswrdr2.sys [X]U3 catchme; \??\C:\ComboFix\catchme.sys [X]S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]Task: {40296B7F-3651-4D7B-9215-6258E924EDB2} - \avast! Emergency Update No Task File <==== ATTENTIONAlternateDataStreams: C:\ProgramData\Temp:373E1720AlternateDataStreams: C:\ProgramData\Temp:4D066AD2End***************** C:\Windows\system32\GroupPolicy\Machine => Moved successfully.C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Key deleted successfully.HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Key deleted successfully.HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} => Key deleted successfully.HKCR\Wow6432Node\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Value deleted successfully.HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Key not found.HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} => Value deleted successfully.HKCR\Wow6432Node\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} => Key not found.avast! Antivirus => Service deleted successfully.C:\Program Files\AVAST Software => Moved successfully.aswFsBlk => Service deleted successfully.aswRvrt => Service deleted successfully.aswSnx => Service deleted successfully.aswSP => Service deleted successfully.aswTdi => Service deleted successfully.aswVmm => Service deleted successfully.aswMonFlt => Service deleted successfully.aswRdr => Service deleted successfully.catchme => Service deleted successfully.EagleX64 => Service deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40296B7F-3651-4D7B-9215-6258E924EDB2} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40296B7F-3651-4D7B-9215-6258E924EDB2} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avast! Emergency Update => Key deleted successfully.C:\ProgramData\Temp => ":373E1720" ADS removed successfully.C:\ProgramData\Temp => ":4D066AD2" ADS removed successfully. The system needed a reboot. ==== End of Fixlog ==== And this is the Application Log Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 1/06/2014Scan Time: 12:24:29 PMLogfile: Administrator: Yes Version: 2.00.2.1012Malware Database: v2014.06.01.01Rootkit Database: v2014.05.21.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: User Scan Type: Threat ScanResult: CompletedObjects Scanned: 308958Time Elapsed: 9 min, 52 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 3PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bjgglmlkdploojalfbafjcjekegbhnnp, Quarantined, [0441c4af08734bebcba21e707d85cd33], PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\cjghblamigilmnljeglhdjiclkdkkioh, Quarantined, [6ed72f442259a2949ad43a54de241ae6], PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pmjmkdehijlakmlfpknbaigdpigeblom, Quarantined, [23229dd6ec8f6bcb98d72c6259a915eb], Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 3PUP.Optional.V9.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "search_url": "http://search.v9.com/web/?type=dspp&ts=1400911864&from=irs&uid=3219913727_132775_4098815B&i=psd&t=343022fb4&q={searchTerms}",), Replaced,[2f16fe757407fd392858bcd0bd47837d] PUP.Optional.V9.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "http://www.v9.com/?type=hp&ts=1400664578&from=irs&uid=3219913727_132775_4098815B&i=psd&t=342dc7415",), Replaced,[261fec87c5b64fe77042ef9ebc48867a] PUP.Optional.V9.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://www.v9.com/?type=hp&ts=1400664578&from=irs&uid=3219913727_132775_4098815B&i=psd&t=342dc7415" ],), Replaced,[d66f5e156219ac8a5a8b74197a8a37c9] Physical Sectors: 0(No malicious items detected) (end) Hopefully you figure it out
  10. bursticool
    I recognise the proxy server i use, its my Uncles router and i have been over to his house many times. I uninstalled avast! because it has been nothing but trouble in the past and my personal opinion is that its not worth it compared to the other free anti-virus
  11. bursticool
    Alright Kevin, this is the FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014Ran by User (administrator) on USER-PC on 31-05-2014 21:03:53Running from F:\Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\Windows\SysWOW64\PnkBstrA.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe(Intel Corporation) C:\Windows\System32\igfxext.exe(Intel Corporation) C:\Windows\System32\igfxsrvc.exe(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe() C:\Windows\SysWOW64\PnkBstrB.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11725928 2010-12-23] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2010-12-10] (Realtek Semiconductor)HKLM\...\Run: [intelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-21] (Atheros Commnucations)HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-01-21] (Atheros Commnucations)HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860040 2011-01-07] (Acer Incorporated)HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)HKLM-x32\...\Run: [suiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-28] (Egis Technology Inc.)HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)HKLM-x32\...\Run: [backupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296768 2010-11-12] (NTI Corporation)HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1078352 2011-02-24] (Dritek System Inc.)HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2010-12-10] (CyberLink Corp.)HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-01] (Apple Inc.)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKU\.DEFAULT\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}HKU\S-1-5-21-2127809028-18669728-1403974004-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1754816 2014-05-30] (Valve Corporation)HKU\S-1-5-21-2127809028-18669728-1403974004-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)HKU\S-1-5-21-2127809028-18669728-1403974004-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)HKU\S-1-5-21-2127809028-18669728-1403974004-1001\...\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-05-14] (Google Inc.)AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174296 2014-02-09] (NVIDIA Corporation)AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [148528 2014-02-09] (NVIDIA Corporation)GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== ProxyEnable: Internet Explorer proxy is enabled.ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com/web/?type=ds&ts=1400664578&from=irs&uid=3219913727_132775_4098815B&i=psd&t=342dc7415&q={searchTerms}StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No FileBHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll No FileBHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No FileToolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll No FileHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 FireFox:========FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @live.heroesandgenerals.com/npretox - C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll (Reto-Moto ApS)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\User\AppData\Local\Roblox\Versions\version-77cb13cdf4414374\\NPRobloxProxy.dll ( ROBLOX Corporation)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-06-26] Chrome: =======CHR HomePage: hxxp://www.v9.com/?type=hp&ts=1400664578&from=irs&uid=3219913727_132775_4098815B&i=psd&t=342dc7415CHR StartupUrls: "hxxp://www.v9.com/?type=hp&ts=1400664578&from=irs&uid=3219913727_132775_4098815B&i=psd&t=342dc7415"CHR DefaultSearchKeyword: v9CHR DefaultSearchProvider: v9CHR DefaultSearchURL: http://search.v9.com/web/?type=dspp&ts=1400911864&from=irs&uid=3219913727_132775_4098815B&i=psd&t=343022fb4&q={searchTerms}CHR DefaultNewTabURL: CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No FileCHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No FileCHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-27]CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-27]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-27]CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-27]CHR Extension: (Skype Click to Call) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-20]CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-27]CHR HKLM-x32\...\Chrome\Extension: [bjgglmlkdploojalfbafjcjekegbhnnp] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta383\ch\VideoPlayerV3beta383.crx [2013-05-27]CHR HKLM-x32\...\Chrome\Extension: [cjghblamigilmnljeglhdjiclkdkkioh] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha195\ch\MediaViewV1alpha195.crx [2013-05-27]CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]CHR HKLM-x32\...\Chrome\Extension: [pmjmkdehijlakmlfpknbaigdpigeblom] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home263\ch\MediaWatchV1home263.crx [2013-05-06] ==================== Services (Whitelisted) ================= S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-04-24] ()R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2010-11-12] (NTI Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-17] ()R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [281032 2014-05-31] ()S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X] ==================== Drivers (Whitelisted) ==================== U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)S2 aswFsBlk; No ImagePathS0 aswRvrt; No ImagePathS1 aswSnx; No ImagePathS1 aswSP; No ImagePathS1 aswTdi; No ImagePathS0 aswVmm; No ImagePathR3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-31] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-28] (NVIDIA Corporation)R0 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [86768 2014-04-24] (Dataram, Inc.)R1 {345422e3-72fa-447a-9550-97803edfacf3}Gw64; C:\Windows\System32\drivers\{345422e3-72fa-447a-9550-97803edfacf3}Gw64.sys [61120 2014-04-24] (StdLib)S2 aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [X]S1 aswRdr; \SystemRoot\System32\Drivers\aswrdr2.sys [X]U3 catchme; \??\C:\ComboFix\catchme.sys [X]S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-31 21:01 - 2014-05-31 21:03 - 00000000 ____D () C:\FRST2014-05-31 17:34 - 2014-05-31 17:34 - 00030430 _____ () C:\ComboFix.txt2014-05-31 17:34 - 2014-05-31 17:34 - 00000000 ____D () C:\Users\SOC DOTA\AppData\Local\temp2014-05-31 17:34 - 2014-05-31 17:34 - 00000000 ____D () C:\Users\Public\AppData\Local\temp2014-05-31 17:34 - 2014-05-31 17:34 - 00000000 ____D () C:\Users\Default\AppData\Local\temp2014-05-31 17:34 - 2014-05-31 17:34 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp2014-05-31 16:50 - 2014-05-31 17:34 - 00000000 ____D () C:\ComboFix2014-05-31 14:36 - 2014-05-31 17:34 - 00000000 ____D () C:\Qoobox2014-05-31 14:36 - 2011-06-26 16:45 - 00256000 _____ () C:\Windows\PEV.exe2014-05-31 14:36 - 2010-11-08 03:20 - 00208896 _____ () C:\Windows\MBR.exe2014-05-31 14:36 - 2009-04-20 14:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe2014-05-31 14:36 - 2000-08-31 10:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe2014-05-31 14:36 - 2000-08-31 10:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe2014-05-31 14:36 - 2000-08-31 10:00 - 00098816 _____ () C:\Windows\sed.exe2014-05-31 14:36 - 2000-08-31 10:00 - 00080412 _____ () C:\Windows\grep.exe2014-05-31 14:36 - 2000-08-31 10:00 - 00068096 _____ () C:\Windows\zip.exe2014-05-31 14:35 - 2014-05-31 14:57 - 00000000 ____D () C:\Windows\erdnt2014-05-31 14:33 - 2014-05-29 19:18 - 05203398 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe2014-05-31 13:43 - 2014-05-31 13:43 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-05-31 13:43 - 2014-05-31 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-05-31 10:05 - 2014-05-31 10:05 - 00000000 _____ () C:\Windows\SysWOW64\shoDD55.tmp2014-05-30 19:33 - 2014-05-30 19:33 - 00000222 _____ () C:\Users\User\Desktop\Fistful of Frags.url2014-05-30 16:18 - 2014-05-31 18:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-05-30 16:18 - 2014-05-31 13:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-05-30 16:18 - 2014-05-31 13:38 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-05-30 16:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-05-30 16:18 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-05-30 16:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-05-30 16:16 - 2014-05-30 16:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe2014-05-21 19:31 - 2014-05-30 18:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\SupTab2014-05-21 19:30 - 2014-05-30 18:26 - 00000000 ____D () C:\ProgramData\WPM2014-05-21 19:30 - 2014-05-21 19:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\v92014-05-18 12:11 - 2014-05-18 12:12 - 30803176 _____ () C:\Users\User\Downloads\bioshock_anim.swf2014-05-18 12:08 - 2014-05-18 12:08 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList2014-05-18 12:08 - 2014-05-18 12:08 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList2014-05-18 12:06 - 2014-05-18 12:07 - 38388241 _____ () C:\Users\User\Downloads\bioshock_anim1.1.0.swf2014-05-18 12:04 - 2014-05-18 12:05 - 02271768 _____ () C:\Users\User\Downloads\Zone Archive - Update #6.1- Elizabeth (Bioshock Infinite) (1).exe2014-05-18 12:00 - 2014-05-31 10:03 - 00000000 ____D () C:\Program Files (x86)\MSR2014-05-18 11:58 - 2014-05-18 11:58 - 00000000 ____D () C:\Users\User\AppData\Roaming\wi_upd2014-05-18 11:57 - 2014-05-18 11:58 - 02271768 _____ () C:\Users\User\Downloads\Zone Archive - Update #6.1- Elizabeth (Bioshock Infinite).exe2014-05-18 11:42 - 2014-05-18 11:43 - 31129989 ____R () C:\Users\User\Downloads\[ZONE]Biocock Intimate.7z2014-05-18 11:42 - 2014-05-18 11:42 - 00019255 _____ () C:\Users\User\Downloads\[ZONE]Biocock Intimate.torrent2014-05-18 11:28 - 2014-05-31 10:03 - 00000000 ____D () C:\temp2014-05-18 11:27 - 2014-05-26 16:24 - 00000000 ____D () C:\Program Files\0032014-05-17 03:08 - 2014-05-06 14:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-17 03:08 - 2014-05-06 14:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-17 03:08 - 2014-05-06 13:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-05-17 03:08 - 2014-05-06 13:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-05-17 03:08 - 2014-05-06 13:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-05-17 03:08 - 2014-05-06 12:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-05-15 18:35 - 2014-05-15 18:35 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe2014-05-15 18:08 - 2014-05-09 16:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-05-15 18:08 - 2014-05-09 16:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-05-15 18:08 - 2014-03-25 12:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll2014-05-15 18:08 - 2014-03-25 12:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll2014-05-15 18:07 - 2014-04-12 12:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2014-05-15 18:07 - 2014-03-04 19:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2014-05-15 18:07 - 2014-03-04 19:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2014-05-15 18:07 - 2014-03-04 19:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll2014-05-15 18:07 - 2014-03-04 19:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2014-05-15 18:07 - 2014-03-04 19:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe2014-05-15 18:07 - 2014-03-04 19:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2014-05-15 18:07 - 2014-03-04 19:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2014-05-15 18:07 - 2014-03-04 19:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2014-05-15 18:07 - 2014-03-04 19:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2014-05-15 18:06 - 2014-04-12 12:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2014-05-15 18:06 - 2014-04-12 12:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2014-05-15 18:06 - 2014-04-12 12:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2014-05-15 18:06 - 2014-04-12 12:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2014-05-15 18:06 - 2014-04-12 12:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2014-05-15 18:06 - 2014-04-12 12:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2014-05-15 18:06 - 2014-04-12 12:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2014-05-15 18:06 - 2014-04-12 12:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2014-05-15 18:06 - 2014-03-04 19:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2014-05-15 18:06 - 2014-03-04 19:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2014-05-15 18:06 - 2014-03-04 19:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2014-05-15 18:06 - 2014-03-04 19:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2014-05-15 18:06 - 2014-03-04 19:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll2014-05-15 18:06 - 2014-03-04 19:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll2014-05-15 18:06 - 2014-03-04 19:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll2014-05-15 18:06 - 2014-03-04 19:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll2014-05-15 18:06 - 2014-03-04 19:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll2014-05-15 18:06 - 2014-03-04 19:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll2014-05-15 18:06 - 2014-03-04 19:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2014-05-15 18:06 - 2014-03-04 19:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll2014-05-15 18:06 - 2014-03-04 19:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2014-05-15 18:06 - 2014-03-04 19:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2014-05-15 18:06 - 2014-03-04 19:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2014-05-15 18:06 - 2014-03-04 19:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll2014-05-15 18:06 - 2014-03-04 19:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll2014-05-15 18:06 - 2014-03-04 19:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll2014-05-15 18:06 - 2014-03-04 19:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll2014-05-15 18:06 - 2014-03-04 19:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll2014-05-15 18:06 - 2014-03-04 19:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll2014-05-15 18:06 - 2014-03-04 19:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2014-05-15 18:06 - 2014-03-04 19:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2014-05-14 22:44 - 2014-05-14 22:45 - 00262144 _____ () C:\Windows\Minidump\051414-29796-01.dmp2014-05-14 22:44 - 2014-05-14 22:44 - 420484430 _____ () C:\Windows\MEMORY.DMP2014-05-04 14:32 - 2014-05-04 14:47 - 00000000 ____D () C:\Textures Backup2014-05-04 14:31 - 2014-05-04 14:48 - 00000000 ____D () C:\Users\User\Documents\compressor2014-05-04 14:24 - 2014-05-04 14:24 - 00421824 _____ () C:\Users\User\Downloads\Optimizer Texures 083-12801-0-8-3.rar2014-05-01 11:44 - 2014-05-17 03:25 - 00000000 ___SD () C:\Windows\system32\CompatTel ==================== One Month Modified Files and Folders ======= 2014-05-31 21:03 - 2014-05-31 21:01 - 00000000 ____D () C:\FRST2014-05-31 21:03 - 2014-01-24 14:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\uTorrent2014-05-31 21:03 - 2013-05-23 11:01 - 00000000 ____D () C:\Users\User\AppData\Local\Temp2014-05-31 21:02 - 2013-05-27 14:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype2014-05-31 20:51 - 2013-05-24 02:46 - 01466878 _____ () C:\Windows\WindowsUpdate.log2014-05-31 20:48 - 2013-05-30 16:53 - 00281032 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr2014-05-31 20:48 - 2013-05-28 18:32 - 00281032 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2014-05-31 20:48 - 2013-05-27 15:02 - 00000000 ____D () C:\Program Files (x86)\Steam2014-05-31 20:37 - 2009-07-14 14:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-05-31 20:37 - 2009-07-14 14:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-05-31 20:36 - 2013-05-27 17:44 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-05-31 20:35 - 2013-08-13 17:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-05-31 18:23 - 2014-05-30 16:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-05-31 18:10 - 2009-07-14 14:51 - 00167662 _____ () C:\Windows\setupact.log2014-05-31 17:34 - 2014-05-31 17:34 - 00030430 _____ () C:\ComboFix.txt2014-05-31 17:34 - 2014-05-31 17:34 - 00000000 ____D () C:\Users\SOC DOTA\AppData\Local\temp2014-05-31 17:34 - 2014-05-31 17:34 - 00000000 ____D () C:\Users\Public\AppData\Local\temp2014-05-31 17:34 - 2014-05-31 17:34 - 00000000 ____D () C:\Users\Default\AppData\Local\temp2014-05-31 17:34 - 2014-05-31 17:34 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp2014-05-31 17:34 - 2014-05-31 16:50 - 00000000 ____D () C:\ComboFix2014-05-31 17:34 - 2014-05-31 14:36 - 00000000 ____D () C:\Qoobox2014-05-31 17:31 - 2009-07-14 12:34 - 00000215 _____ () C:\Windows\system.ini2014-05-31 15:00 - 2009-07-14 13:20 - 00000000 __RHD () C:\Users\Default2014-05-31 14:57 - 2014-05-31 14:35 - 00000000 ____D () C:\Windows\erdnt2014-05-31 14:35 - 2009-07-14 15:13 - 00783360 _____ () C:\Windows\system32\PerfStringBackup.INI2014-05-31 14:33 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\NDF2014-05-31 13:58 - 2013-05-28 08:09 - 00000000 ____D () C:\ProgramData\Origin2014-05-31 13:43 - 2014-05-31 13:43 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-05-31 13:43 - 2014-05-31 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-05-31 13:43 - 2014-05-30 16:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-05-31 13:43 - 2013-05-23 11:07 - 00000000 ____D () C:\ProgramData\clear.fi2014-05-31 13:40 - 2013-05-27 17:44 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-05-31 13:40 - 2013-05-24 03:06 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini2014-05-31 13:40 - 2013-05-24 03:06 - 00000000 ____D () C:\ProgramData\boost_interprocess2014-05-31 13:39 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-05-31 13:38 - 2014-05-30 16:18 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-05-31 13:38 - 2014-03-31 09:11 - 00000000 ____D () C:\Users\SOC DOTA2014-05-31 13:38 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\registration2014-05-31 12:59 - 2013-08-31 22:44 - 00000000 ____D () C:\ProgramData\AVAST Software2014-05-31 10:28 - 2013-05-24 02:43 - 00476130 _____ () C:\Windows\PFRO.log2014-05-31 10:05 - 2014-05-31 10:05 - 00000000 _____ () C:\Windows\SysWOW64\shoDD55.tmp2014-05-31 10:03 - 2014-05-18 12:00 - 00000000 ____D () C:\Program Files (x86)\MSR2014-05-31 10:03 - 2014-05-18 11:28 - 00000000 ____D () C:\temp2014-05-31 01:03 - 2013-10-11 22:07 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mumble2014-05-30 22:43 - 2013-05-27 15:08 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps2014-05-30 19:33 - 2014-05-30 19:33 - 00000222 _____ () C:\Users\User\Desktop\Fistful of Frags.url2014-05-30 18:56 - 2013-05-28 08:09 - 00000000 ____D () C:\Program Files (x86)\Origin2014-05-30 18:26 - 2014-05-21 19:30 - 00000000 ____D () C:\ProgramData\WPM2014-05-30 18:26 - 2009-07-14 15:37 - 00000000 ____D () C:\Windows\DigitalLocker2014-05-30 18:22 - 2014-05-21 19:31 - 00000000 ____D () C:\Users\User\AppData\Roaming\SupTab2014-05-30 18:22 - 2014-01-10 19:55 - 00000000 ____D () C:\Program Files (x86)\VideoPlayerV32014-05-30 16:17 - 2014-05-30 16:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe2014-05-30 00:10 - 2013-05-28 18:32 - 00281032 _____ () C:\Windows\SysWOW64\PnkBstrB.ex02014-05-29 23:51 - 2013-05-27 14:44 - 00000000 ___RD () C:\Program Files (x86)\Skype2014-05-29 23:51 - 2013-05-27 14:43 - 00000000 ____D () C:\ProgramData\Skype2014-05-29 19:18 - 2014-05-31 14:33 - 05203398 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe2014-05-26 23:17 - 2013-08-14 17:31 - 00000000 ____D () C:\Users\User\AppData\Local\Warframe2014-05-26 16:24 - 2014-05-18 11:27 - 00000000 ____D () C:\Program Files\0032014-05-26 16:24 - 2013-12-15 21:58 - 00000000 ____D () C:\Users\User\AppData\Local\genienext2014-05-26 16:24 - 2013-12-15 21:58 - 00000000 ____D () C:\Program Files (x86)\Mobogenie2014-05-23 23:34 - 2013-05-27 18:46 - 00000000 ____D () C:\Users\User\AppData\Local\ArmA 2 OA2014-05-23 16:59 - 2013-05-27 17:45 - 00002385 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-05-21 19:30 - 2014-05-21 19:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\v92014-05-21 19:29 - 2013-05-23 11:03 - 00001627 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-05-18 14:36 - 2011-02-22 23:19 - 00000000 ____D () C:\Program Files (x86)\Acer GameZone2014-05-18 14:35 - 2011-02-22 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone2014-05-18 14:35 - 2009-07-14 15:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games2014-05-18 12:12 - 2014-05-18 12:11 - 30803176 _____ () C:\Users\User\Downloads\bioshock_anim.swf2014-05-18 12:08 - 2014-05-18 12:08 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList2014-05-18 12:08 - 2014-05-18 12:08 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList2014-05-18 12:07 - 2014-05-18 12:06 - 38388241 _____ () C:\Users\User\Downloads\bioshock_anim1.1.0.swf2014-05-18 12:05 - 2014-05-18 12:04 - 02271768 _____ () C:\Users\User\Downloads\Zone Archive - Update #6.1- Elizabeth (Bioshock Infinite) (1).exe2014-05-18 11:58 - 2014-05-18 11:58 - 00000000 ____D () C:\Users\User\AppData\Roaming\wi_upd2014-05-18 11:58 - 2014-05-18 11:57 - 02271768 _____ () C:\Users\User\Downloads\Zone Archive - Update #6.1- Elizabeth (Bioshock Infinite).exe2014-05-18 11:43 - 2014-05-18 11:42 - 31129989 ____R () C:\Users\User\Downloads\[ZONE]Biocock Intimate.7z2014-05-18 11:42 - 2014-05-18 11:42 - 00019255 _____ () C:\Users\User\Downloads\[ZONE]Biocock Intimate.torrent2014-05-18 11:32 - 2013-05-24 03:11 - 00000000 ____D () C:\ProgramData\Temp2014-05-17 14:29 - 2013-05-28 18:32 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2014-05-17 03:30 - 2013-05-23 11:03 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-05-17 03:30 - 2013-05-23 11:03 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-05-17 03:25 - 2014-05-01 11:44 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-05-17 03:07 - 2013-08-16 00:03 - 00000000 ____D () C:\Windows\system32\MRT2014-05-17 03:03 - 2013-05-23 15:00 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-05-15 18:35 - 2014-05-15 18:35 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe2014-05-15 18:35 - 2013-08-13 17:27 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-05-15 18:35 - 2013-08-13 17:27 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-05-15 18:35 - 2013-08-13 17:27 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-05-14 22:45 - 2014-05-14 22:44 - 00262144 _____ () C:\Windows\Minidump\051414-29796-01.dmp2014-05-14 22:44 - 2014-05-14 22:44 - 420484430 _____ () C:\Windows\MEMORY.DMP2014-05-14 22:44 - 2013-11-03 12:16 - 00000000 ____D () C:\Windows\Minidump2014-05-12 07:26 - 2014-05-30 16:18 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-05-12 07:26 - 2014-05-30 16:18 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-05-12 07:25 - 2014-05-30 16:18 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-05-11 13:01 - 2009-07-14 15:08 - 00032560 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2014-05-09 16:14 - 2014-05-15 18:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-05-09 16:11 - 2014-05-15 18:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-05-08 21:31 - 2013-05-27 17:44 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-05-08 21:31 - 2013-05-27 17:44 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-05-06 14:40 - 2014-05-17 03:08 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-06 14:17 - 2014-05-17 03:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-06 13:25 - 2014-05-17 03:08 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-05-06 13:07 - 2014-05-17 03:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-05-06 13:00 - 2014-05-17 03:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-05-06 12:10 - 2014-05-17 03:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-05-04 14:48 - 2014-05-04 14:31 - 00000000 ____D () C:\Users\User\Documents\compressor2014-05-04 14:47 - 2014-05-04 14:32 - 00000000 ____D () C:\Textures Backup2014-05-04 14:41 - 2014-04-24 23:22 - 3145824048 ____C () C:\RAMDisk.img2014-05-04 14:24 - 2014-05-04 14:24 - 00421824 _____ () C:\Users\User\Downloads\Optimizer Texures 083-12801-0-8-3.rar2014-05-03 15:00 - 2014-02-22 09:16 - 00000000 ____D () C:\Users\User\AppData\Local\DayZ2014-05-03 12:03 - 2014-04-30 15:38 - 00000258 __RSH () C:\ProgramData\ntuser.pol2014-05-03 03:03 - 2014-04-24 23:22 - 3145824048 ____C () C:\RAMDisk.img.bak2014-05-02 01:02 - 2013-05-24 03:08 - 00556997 _____ () C:\Windows\DirectX.log ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-31 20:28 ==================== End Of Log ============================ This is the Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2014Ran by User at 2014-05-31 21:01:51Running from F:\Boot Mode: Normal========================================================== ==================== Security Center ======================== AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.69 - NTI Corporation)Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1306 - CyberLink Corp.)Acer Crystal Eye Webcam (x32 Version: 1.0.1306 - CyberLink Corp.) HiddenAcer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3002 - Acer Incorporated)Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.)Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.1130.2010 - Acer Incorporated)Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)Addon Sync 2009 (HKLM-x32\...\{4E3AA543-09D7-401E-9DF2-2591D24C7C49}) (Version: 1.0.67 - YomaTools)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) HiddenAdobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version: - )Arma 3 Alpha (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)avast! Free Antivirus (HKLM-x32\...\avast) (Version: 8.0.1489.0 - AVAST Software)Backup Manager V3 (x32 Version: 3.0.0.69 - NTI Corporation) HiddenBattlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)Battlefield 4™ Beta (HKLM-x32\...\{CFAB3721-549D-4827-A4E8-7F90192114AB}) (Version: 1.0.0.0 - Electronic Arts)Battleground Europe (HKLM-x32\...\Battleground Europe) (Version: - Playnet Inc.)Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )Blacklight: Retribution (HKLM-x32\...\Steam App 209870) (Version: - Zombie, Inc.)Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.56 - Atheros Communications)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.6.1.2 - Broadcom Corporation)Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.2 - Broadcom Corporation)Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games)Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)Chivalry: Medieval Warfare Beta (HKLM-x32\...\Steam App 232210) (Version: - )clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1229.00 - CyberLink Corp.)clear.fi (x32 Version: 1.0.1229.00 - CyberLink Corp.) Hiddenclear.fi (x32 Version: 9.0.7209 - CyberLink Corp.) Hiddenclear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3008 - Acer Incorporated)Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version: - Crytek Studios)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)DayZ Commander (HKLM-x32\...\{5B75991B-CCBA-4908-ACFF-3FF60A624D5E}) (Version: 0.92.83 - Dotjosh Studios)DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)DMUninstaller (HKLM-x32\...\DMUninstaller) (Version: - ) <==== ATTENTIONDota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) HiddenETDWare PS/2-X64 8.0.6.0_WHQL (HKLM\...\Elantech) (Version: 8.0.6.0 - ELAN Microelectronic Corp.)Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version: - Fistful of Frags Team)Free to Play (HKLM-x32\...\Steam App 245550) (Version: - Valve)Frhed 1.6.0 (HKLM-x32\...\Frhed) (Version: 1.6.0 - Raihan Kibria)Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) HiddenGoogle Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) HiddenGrand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar North / Toronto)Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.0.82.0 - Intel)iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) HiddenJunk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenJust Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche)Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - JC2-MP Team)Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.3 - Acer Inc.)Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)Media Watch (HKLM-x32\...\MediaWatchV1home263) (Version: 1.1 - Media Watch) <==== ATTENTIONMediaEspresso (x32 Version: 1.0.1210_33255 - CyberLink Corp.) HiddenMerriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenMirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig)MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) HiddenMyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) HiddenMyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) HiddenNexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version: - )NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8939 - NTI Corporation)NTI Media Maker 9 (x32 Version: 9.0.2.8939 - NTI Corporation) HiddenNVIDIA Control Panel 334.89 (Version: 334.89 - NVIDIA Corporation) HiddenNVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)NVIDIA Graphics Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) HiddenNVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA Optimus Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) HiddenNVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) HiddenNVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) HiddenNVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) HiddenNVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) HiddenNVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)OpenAL (HKLM-x32\...\OpenAL) (Version: - )Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)PFPortChecker 1.0.39 (HKLM-x32\...\PFPortChecker) (Version: 1.0.39 - Portforward.com)PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)RAMDisk (HKLM-x32\...\{BA624CEA-0B42-4CFA-BFC2-09BEB5A55A46}) (Version: 4.4.0.31 - Dataram, Inc.)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6276 - Realtek Semiconductor Corp.)Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) HiddenRising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive)ROBLOX Player for User (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) HiddenShredder (Version: 2.0.8.7 - Egis Technology Inc.) HiddenShredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) HiddenSkype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version: - Square Enix)Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)Sniper Elite: Nazi Zombie Army (HKLM-x32\...\Steam App 227100) (Version: - Rebellion)Source SDK (HKLM-x32\...\Steam App 211) (Version: - Valve)Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve)Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) HiddenSystem Update kb70007 (x32 Version: 1.0.0 - MSR) HiddenTactical Intervention (HKLM-x32\...\Steam App 51100) (Version: - FIX Korea)Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version: - Ubisoft Singapore)Tribes: Ascend (HKLM-x32\...\Steam App 17080) (Version: - Hi-Rez Studios)Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)v9 uninstaller (HKLM-x32\...\v9 uninstaller) (Version: - v9)VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) HiddenVideo Player (HKLM-x32\...\Video Player) (Version: 1.1 - Video Player) <==== ATTENTIONWar Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)War Thunder Launcher 1.0.1.199 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2012 Gaijin Entertainment Corporation)Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3007 - Acer Incorporated)Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) HiddenWindows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version: - Wargaming.net) ==================== Restore Points ========================= ==================== Hosts content: ========================== 2009-07-14 12:34 - 2014-05-31 14:55 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {40296B7F-3651-4D7B-9215-6258E924EDB2} - \avast! Emergency Update No Task File <==== ATTENTIONTask: {468FAEF2-6683-4761-8993-286AEF6FB6AE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {60999981-3F77-4C3D-BBA2-B6B6CFA48DED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-27] (Google Inc.)Task: {AC049156-009A-4558-9C40-B0AB7867231C} - System32\Tasks\{FD40588C-A2B4-492A-BD09-F39DE2823EE8} => Iexplore.exe http://ui.skype.com/ui/0/4.1.0.179.367/en/abandoninstall?source=lightinstaller&page=tsProblems&LastError=12007&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincludedTask: {B28367E1-AC18-48B7-BDF7-DF3EB1FD2104} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2010-12-30] (CyberLink)Task: {C3AD03E9-DAA0-44FC-BA59-94E13D7971F8} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2010-12-30] (Acer Incorporated)Task: {CC281060-F615-4AF4-891C-7DFE6032AF6A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)Task: {DB18E583-2A7F-4E51-B001-B0B816C42B04} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-27] (Google Inc.)Task: {E64047C9-5D58-4090-BE73-E7920372C7C2} - System32\Tasks\{E76C5C1C-8000-498B-9916-482C2FBFA1B9} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.367&LastError=404Task: {F09CC197-7E92-4F94-9069-15497A10DA2E} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2010-12-30] (CyberLink Corp.)Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-02-20 15:30 - 2014-02-09 04:34 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll2014-02-20 16:02 - 2014-02-09 03:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2013-05-28 18:32 - 2014-05-17 14:29 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2011-03-03 21:52 - 2011-01-28 02:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll2013-02-13 12:37 - 2013-02-13 12:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe2013-05-28 18:32 - 2014-05-31 20:48 - 00281032 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2013-09-13 18:51 - 2013-09-13 18:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2013-09-13 18:51 - 2013-09-13 18:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2014-02-20 15:30 - 2014-02-09 04:34 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll2010-11-12 11:22 - 2010-11-12 11:22 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll2010-11-12 11:22 - 2010-11-12 11:22 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll2010-11-12 11:22 - 2010-11-12 11:22 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll2010-12-30 07:56 - 2010-12-30 07:56 - 00210312 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll2014-05-18 12:05 - 2014-04-30 10:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll2014-04-23 07:47 - 2014-04-30 10:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll2014-05-18 12:05 - 2014-04-30 10:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll2014-01-10 11:39 - 2014-04-30 10:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll2013-04-23 18:30 - 2014-05-17 11:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll2014-05-18 12:06 - 2014-05-30 03:37 - 02139840 _____ () C:\Program Files (x86)\Steam\video.dll2014-05-18 12:05 - 2014-04-29 10:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll2013-05-03 15:35 - 2014-05-30 03:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL2013-03-26 16:16 - 2014-05-02 09:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll2012-12-11 09:51 - 2013-06-15 09:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll2012-12-11 09:51 - 2013-06-15 09:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll2012-12-11 09:51 - 2013-06-15 09:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll2013-05-03 15:35 - 2014-05-30 03:36 - 00131264 _____ () C:\Program Files (x86)\Steam\bin\audio.dll2012-09-07 15:37 - 2013-06-15 09:49 - 00071680 _____ () C:\Program Files (x86)\Steam\bin\mssmp3.asi2013-07-11 11:30 - 2013-06-15 09:49 - 00153088 _____ () C:\Program Files (x86)\Steam\bin\mssvoice.asi2013-02-13 12:38 - 2013-02-13 12:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll2014-02-14 17:25 - 2014-02-14 17:25 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll2011-02-22 23:10 - 2010-09-14 12:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:373E1720AlternateDataStreams: C:\ProgramData\Temp:4D066AD2 ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: aswRdrDescription: aswRdrClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: aswRdrProblem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.Devices stay in this state if they have been prepared for removal.After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: aswSPDescription: aswSPClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: aswSPProblem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.Devices stay in this state if they have been prepared for removal.After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: avast! Network Shield SupportDescription: avast! Network Shield SupportClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: aswTdiProblem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.Devices stay in this state if they have been prepared for removal.After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-InterfaceDescription: Microsoft Teredo Tunneling AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors:==================Error: (05/31/2014 01:35:29 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (05/31/2014 01:14:33 PM) (Source: System Restore) (EventID: 8210) (User: )Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80070003. Error: (05/31/2014 01:08:57 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (05/31/2014 11:02:16 AM) (Source: System Restore) (EventID: 8210) (User: )Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80070003. Error: (05/31/2014 10:28:26 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (05/31/2014 10:04:53 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (05/31/2014 04:21:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 16458 Error: (05/31/2014 04:21:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 16458 Error: (05/31/2014 04:21:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/31/2014 04:21:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 15382 System errors:=============Error: (05/31/2014 08:59:56 PM) (Source: bowser) (EventID: 8003) (User: )Description: The master browser has received a server announcement from the computer MAC0014512431DCthat believes that it is the master browser for the domain on transport NetBT_Tcpip_{270D5AA2-8710-4326-81D3-DDF8C131237E}.The master browser is stopping or an election is being forced. Error: (05/31/2014 07:41:04 PM) (Source: bowser) (EventID: 8003) (User: )Description: The master browser has received a server announcement from the computer MAC0014512431DCthat believes that it is the master browser for the domain on transport NetBT_Tcpip_{270D5AA2-8710-4326-81D3-DDF8C131237E}.The master browser is stopping or an election is being forced. Error: (05/31/2014 05:31:21 PM) (Source: Service Control Manager) (EventID: 7030) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (05/31/2014 05:21:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (05/31/2014 04:55:27 PM) (Source: volsnap) (EventID: 14) (User: )Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:. Error: (05/31/2014 04:50:51 PM) (Source: volsnap) (EventID: 14) (User: )Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:. Error: (05/31/2014 03:23:53 PM) (Source: Service Control Manager) (EventID: 7030) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (05/31/2014 03:18:41 PM) (Source: Service Control Manager) (EventID: 7030) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (05/31/2014 02:55:16 PM) (Source: Service Control Manager) (EventID: 7030) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (05/31/2014 02:53:40 PM) (Source: Application Popup) (EventID: 1060) (User: )Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Microsoft Office Sessions:=========================Error: (05/31/2014 01:35:29 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (05/31/2014 01:14:33 PM) (Source: System Restore) (EventID: 8210) (User: )Description: Windows Update0x80070003 Error: (05/31/2014 01:08:57 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (05/31/2014 11:02:16 AM) (Source: System Restore) (EventID: 8210) (User: )Description: Windows Update0x80070003 Error: (05/31/2014 10:28:26 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (05/31/2014 10:04:53 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (05/31/2014 04:21:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 16458 Error: (05/31/2014 04:21:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 16458 Error: (05/31/2014 04:21:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/31/2014 04:21:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 15382 CodeIntegrity Errors:=================================== Date: 2014-05-31 14:53:40.069 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-05-31 14:53:39.979 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 71%Total physical RAM: 8043.86 MBAvailable physical RAM: 2279.09 MBTotal Pagefile: 16085.9 MBAvailable Pagefile: 9743.55 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:683.54 GB) (Free:188.02 GB) NTFSDrive e: (CMW) (Fixed) (Total:3.99 GB) (Free:3.99 GB) FAT32Drive f: () (Removable) (Total:15.1 GB) (Free:13.64 GB) FAT32 ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 4 GB) (Disk ID: D969BE86)Partition 1: (Active) - (Size=4 GB) - (Type=0B) ========================================================Disk: 1 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 7E67CD20)Partition 1: (Not Active) - (Size=15 GB) - (Type=27)Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=684 GB) - (Type=07 NTFS) ========================================================Disk: 2 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18)Partition 1: (Active) - (Size=15 GB) - (Type=0C) ==================== End Of Log ============================ This is the FSS.txt Farbar Service Scanner Version: 21-05-2014Ran by User (administrator) on 31-05-2014 at 21:12:13Running from "F:\"Microsoft Windows 7 Home Premium Service Pack 1 (X64)Boot Mode: Normal**************************************************************** Internet Services:============ Connection Status:==============Localhost is accessible.LAN connected.Google IP is accessible.Google.com is accessible.Yahoo.com is accessible.IE proxy is enabled.ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118 Windows Firewall:============= Firewall Disabled Policy: ==================[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall"=DWORD:0 System Restore:============ System Restore Disabled Policy: ======================== Action Center:============ Windows Update:============ Windows Autoupdate Disabled Policy: ============================ Windows Defender:============== Other Services:============== File Check:========C:\Windows\System32\nsisvc.dll => MD5 is legitC:\Windows\System32\drivers\nsiproxy.sys => MD5 is legitC:\Windows\System32\dhcpcore.dll => MD5 is legitC:\Windows\System32\drivers\afd.sys => MD5 is legitC:\Windows\System32\drivers\tdx.sys => MD5 is legitC:\Windows\System32\Drivers\tcpip.sys => MD5 is legitC:\Windows\System32\dnsrslvr.dll => MD5 is legitC:\Windows\System32\mpssvc.dll => MD5 is legitC:\Windows\System32\bfe.dll => MD5 is legitC:\Windows\System32\drivers\mpsdrv.sys => MD5 is legitC:\Windows\System32\SDRSVC.dll => MD5 is legitC:\Windows\System32\vssvc.exe => MD5 is legitC:\Windows\System32\wscsvc.dll => MD5 is legitC:\Windows\System32\wbem\WMIsvc.dll => MD5 is legitC:\Windows\System32\wuaueng.dll => MD5 is legitC:\Windows\System32\qmgr.dll => MD5 is legitC:\Windows\System32\es.dll => MD5 is legitC:\Windows\System32\cryptsvc.dll => MD5 is legitC:\Program Files\Windows Defender\MpSvc.dll => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legit **** End of log **** Hopefully you can find the source
  12. bursticool
    Hi, My name is Christopher and I am requesting help for a recent problem issue that has happened on my computer. Yesterday night, I ran a scan to clear malware off my computer as it was infested with ads, after the scan it kept popping up Malcious website blocks, which I ignored. Today as I tried to access the internet, I was unable to connect to google due to the error "Unable to connect to Proxy Server". I'm confused because I am able to talk to friends through steam chat (A platform of PC games) but unable to download updates and play online, same goes for Chrome and Internet Explorer. I have tried: Restarting my computer System Restore (Restored to yesterday) Disconnecting to the router/Reconnecting Uninstalling Malware Bytes and current anti-virus Avast! Disabling Firewalls and Avast! Shields and itself Connecting to the Router Through LAN If someone could detect and help me fix this problem, it would mean the world to me
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.