Jump to content

e-windowsdefender.nl/


Recommended Posts

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.25.2

Run by BobsonGaming at 12:15:52 on 2014-02-02

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.16328.13076 [GMT -6:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe

C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe

C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe

C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Windows\system32\IProsetMonitor.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

E:\games\Steam\Steam.exe

C:\Windows\System32\StikyNot.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\taskeng.exe

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe

C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe

C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe

C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe

C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe

C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.


mWinlogon: Userinit = userinit.exe,

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

uRun: [steam] "E:\games\Steam\Steam.exe" -silent

uRun: [AIM for Windows] "C:\Users\BobsonGaming\AppData\Local\AOL\AIM\aim.exe"

uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet

mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60

mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe

mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSPanel.exe /S

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe" /r

mRun: [updReg] C:\Windows\UpdReg.EXE

mRun: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe" /r

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

StartupFolder: C:\Users\BOBSON~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

TCP: NameServer = 192.168.254.254

TCP: Interfaces\{A487912C-536B-49D4-9E62-B7417CFBD377} : DHCPNameServer = 192.168.254.254

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s

x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64

x64-Run: [RunDLLEntry] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\AmbRunE.dll,RunDLLEntry

x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart

x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\BobsonGaming\AppData\Roaming\Mozilla\Firefox\Profiles\2kf8tlwj.default\

FF - prefs.js: browser.startup.homepage - www.google.com

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false

============= SERVICES / DRIVERS ===============

.

R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-1-6 49760]

R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-6-14 19264]

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]

R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-6-1 920736]

R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-6-1 951936]

R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2013-6-14 149120]

R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe [2013-6-14 324608]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-6-14 13592]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-7-27 170824]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-6-14 166720]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-14 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-14 701512]

R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 134944]

R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-17 1494304]

R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-7-30 15129376]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-6-14 365376]

R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]

R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]

R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-6-14 160768]

R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\System32\drivers\ICCWDT.sys [2012-5-17 26136]

R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-6-14 357184]

R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-6-14 789824]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-6-14 25928]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]

R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-12-17 39200]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]

S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-6-25 79360]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-6-25 79360]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-14 19456]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-13 56832]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-6-14 30208]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-6-14 1255736]

.

=============== Created Last 30 ================

.

2014-02-02 17:57:45 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B921E3C6-B35B-4F8F-BEC3-CD978B206E67}\offreg.dll

2014-02-02 17:45:57 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B921E3C6-B35B-4F8F-BEC3-CD978B206E67}\mpengine.dll

2014-02-01 16:32:28 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2014-01-24 18:10:50 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3D7C5395-A8E5-4E76-B04C-5A0BA16CC4CF}\gapaengine.dll

2014-01-23 18:51:34 -------- d-----w- C:\Program Files\iPod

2014-01-23 18:51:33 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-01-23 18:51:33 -------- d-----w- C:\Program Files\iTunes

2014-01-23 18:51:33 -------- d-----w- C:\Program Files (x86)\iTunes

2014-01-18 04:28:25 -------- d-----w- C:\Users\BobsonGaming\AppData\Local\Blizzard

2014-01-18 03:47:40 -------- d-----w- C:\Program Files (x86)\Hearthstone

2014-01-18 03:44:23 -------- d-----w- C:\Users\BobsonGaming\AppData\Local\Blizzard Entertainment

2014-01-18 03:44:22 -------- d-----w- C:\Users\BobsonGaming\AppData\Roaming\Battle.net

2014-01-18 03:44:22 -------- d-----w- C:\Users\BobsonGaming\AppData\Local\Battle.net

2014-01-18 03:44:18 -------- d-----w- C:\Program Files (x86)\Battle.net

2014-01-14 19:01:50 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2014-01-14 19:01:50 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys

2014-01-14 19:01:50 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2014-01-14 19:01:50 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2014-01-14 19:01:50 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

2014-01-14 19:01:50 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2014-01-14 19:01:50 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2014-01-14 19:01:47 3156480 ----a-w- C:\Windows\System32\win32k.sys

2014-01-14 19:01:45 376768 ----a-w- C:\Windows\System32\drivers\netio.sys

.

==================== Find3M  ====================

.

2014-01-19 17:57:14 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2014-01-19 17:57:14 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe

2013-12-10 02:13:11 982232 ----a-w- C:\Windows\SysWow64\nvspcap.dll

2013-12-10 02:13:01 1100248 ----a-w- C:\Windows\System32\nvspcap64.dll

2013-12-05 08:42:30 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys

2013-12-05 08:42:26 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll

2013-12-05 08:42:26 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll

2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll

2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll

2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll

2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll

2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll

2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll

2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll

2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll

2013-11-14 05:42:33 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll

2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2013-11-11 15:02:02 6674208 ----a-w- C:\Windows\System32\nvcpl.dll

2013-11-11 15:02:02 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll

2013-11-11 15:01:59 922912 ----a-w- C:\Windows\System32\nvvsvc.exe

2013-11-11 15:01:59 63776 ----a-w- C:\Windows\System32\nvshext.dll

2013-11-11 15:01:59 219424 ----a-w- C:\Windows\System32\nvmctray.dll

2013-11-11 15:01:58 3467927 ----a-w- C:\Windows\System32\nvcoproc.bin

2013-11-11 14:59:28 590112 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

.

============= FINISH: 12:15:59.10 ===============

 

Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume1

Install Date: 6/14/2013 3:38:46 PM

System Uptime: 2/2/2014 11:34:58 AM (1 hours ago)

.

Motherboard: ASUSTeK COMPUTER INC. |  | MAXIMUS V GENE

Processor: Intel® Core i5-3570K CPU @ 3.40GHz | LGA1155 | 3401/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 238 GiB total, 171.252 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 932 GiB total, 863.561 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Flash Player 12 Plugin

Adobe Reader X (10.1.9) MUI

AI Suite II

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Asmedia ASM104x USB 3.0 Host Controller Driver

Asmedia ASM106x SATA Host Controller Driver

ASUS WebStorage Sync Agent

Battle.net

Bonjour

Canon MG2100 series MP Drivers

CCleaner

Empire: Total War

GeForce Experience NvStream Client Components

Google Chrome

Google Update Helper

Hearthstone

Intel® Management Engine Components

Intel® Network Connections 17.3.63.0

Intel® Rapid Storage Technology

Intel® USB 3.0 eXtensible Host Controller Driver

Intel® Trusted Connect Service Client

Intel® Watchdog Timer Driver (Intel® WDT)

iTunes

Java 7 Update 25

Java Auto Updater

League of Legends

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 4.5.1

Microsoft Security Client

Microsoft Security Essentials

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

mIRC

Mozilla Firefox 26.0 (x86 en-US)

Mozilla Maintenance Service

NVIDIA 3D Vision Controller Driver 331.82

NVIDIA 3D Vision Driver 331.82

NVIDIA Control Panel 331.82

NVIDIA GeForce Experience 1.8.1

NVIDIA Graphics Driver 331.82

NVIDIA HD Audio Driver 1.3.26.4

NVIDIA Install Application

NVIDIA LED Visualizer 1.0

NVIDIA Network Service

NVIDIA PhysX

NVIDIA PhysX System Software 9.13.0725

NVIDIA ShadowPlay 10.11.15

NVIDIA Stereoscopic 3D Driver

NVIDIA Update 10.11.15

NVIDIA Update Core

NVIDIA Virtual Audio 1.2.19

OpenOffice.org 3.4.1

Pidgin

QuickTime

Realtek High Definition Audio Driver

SHIELD Streaming

Sid Meier's Civilization V

Skype™ 6.11

Sound Blaster X-Fi MB 2

StarCraft II

Steam

Total War: ROME II

Total War: SHOGUN 2

VLC media player 2.0.7

WinRAR 4.20 (64-bit)

Yahoo! Messenger

.

==== Event Viewer Messages From Past Week ========

.

1/30/2014 10:24:14 PM, Error: volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

1/28/2014 12:28:39 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

1/28/2014 12:28:39 PM, Error: Service Control Manager [7000]  - The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================

 

Link to post
Share on other sites

  • Root Admin

Hello and :welcome:
 

Please read the following and post back the requested logs.

General P2P/Piracy Warning:
 

 
If you're using
Peer 2 Peer
software such as
uTorrent, BitTorrent
or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have
illegal/cracked software, cracks, keygens etc
. on the system, please remove or uninstall them now and read the policy on
Piracy
.




Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.
  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
    • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

    [*]Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive [*]Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you. [*]The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone. [*]Perform everything in the correct order. Sometimes one step requires the previous one. [*]If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue. [*]You can check here if you're not sure if your computer is 32-bit or 64-bit [*]Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners. [*]When we are done, I'll give you instructions on how to cleanup all the tools and logs [*]Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. [*]Your topic will be closed if you haven't replied within 3 days [*](If I have not responded within 24 hours, please send me a Private Message as a reminder)




STEP 0
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.


Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.



STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02
Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.


 

Link to post
Share on other sites

I did steps 0-2 and then I releaised that I'd still had MSE active so I shut it down and redid everything. Also, your link to Rogue KillerX gave me a 404 error. I went to the website and manually DL'd roguexkiller but when I ran it, it said it was out of date, and did I want to Dl the new version. I clicked yes, and it brought me back to the page I just was at, http://www.adlice.com/softwares/roguekiller/ and I dl'd the same program twice, essentially. The second time I ran it, I clicked "no, I didn't want the new version" and it gave me the EULA prompt and I did the scan. Next post has the report. 

Link to post
Share on other sites

RogueKiller V8.8.3 _x64_ [Jan 24 2014] by Tigzy

mail : tigzyRK<at>gmail<dot>com




 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : BobsonGaming [Admin rights]

Mode : Scan -- Date : 02/04/2014 15:00:20

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 4 ¤¤¤

[RUN][sUSP PATH] HKCU\[...]\Run : AIM for Windows ("C:\Users\BobsonGaming\AppData\Local\AOL\AIM\aim.exe" [x]) -> FOUND

[RUN][sUSP PATH] HKUS\S-1-5-21-4189940685-1973123187-4231036715-1000\[...]\Run : AIM for Windows ("C:\Users\BobsonGaming\AppData\Local\AOL\AIM\aim.exe" [x]) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 0 ¤¤¤

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Browser Addons : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Samsung SSD 840 PRO Seri +++++

--- User ---

[MBR] 8f4941d5ae1e55bfa40adc601ec83096

[bSP] 1b5e7a5056a7e1e932f7e24fb136213a : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 244096 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD10EZEX-00RKKA0 +++++

--- User ---

[MBR] 9f05e0d9f0ff279946314fae91677626

[bSP] 7561cfd962cdb7882b29f407bf951a26 : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[0]_S_02042014_150020.txt >>

RKreport[0]_S_02042014_145029.txt

 

 

 

Link to post
Share on other sites

  • Root Admin

Thanks for the info on the moved link. Seems the x86 is still valid but he moved the x64 link for some reason so I'll update my message.

Please go ahead and run through the following steps and post back the logs when ready.

STEP 03

Please download Malwarebytes Anti-Rootkit from here

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt
STEP 04

Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus
STEP 05

Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

STEP 06

button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.
STEP 07

Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.
Link to post
Share on other sites

Step three, no malware found. 

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
 
Database version: v2014.02.04.12
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
BobsonGaming :: BOBSONGAMING-PC [administrator]
 
2/4/2014 5:06:23 PM
mbar-log-2014-02-04 (17-06-23).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 232769
Time elapsed: 3 minute(s), 14 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 11.0.9600.16476
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 3.410000 GHz
Memory total: 17121288192, free: 13721812992
 
Downloaded database version: v2014.02.04.12
Downloaded database version: v2013.12.18.01
=======================================
Initializing...
------------ Kernel report ------------
     02/04/2014 17:06:21
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\asahci64.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\SysWow64\drivers\AsUpIO.sys
\SystemRoot\SysWow64\drivers\AsIO.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\SysWow64\drivers\AiChargerPlus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\asmtxhci.sys
\SystemRoot\system32\DRIVERS\ICCWDT.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\SysWow64\drivers\ASUSFILTER.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\asmthub3.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\e1c62x64.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\advapi32.dll
\Windows\System32\nsi.dll
\Windows\System32\psapi.dll
\Windows\System32\imm32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\difxapi.dll
\Windows\System32\gdi32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\msctf.dll
\Windows\System32\ws2_32.dll
\Windows\System32\normaliz.dll
\Windows\System32\imagehlp.dll
\Windows\System32\wininet.dll
\Windows\System32\user32.dll
\Windows\System32\ole32.dll
\Windows\System32\usp10.dll
\Windows\System32\comdlg32.dll
\Windows\System32\setupapi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\shlwapi.dll
\Windows\System32\lpk.dll
\Windows\System32\kernel32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\shell32.dll
\Windows\System32\urlmon.dll
\Windows\System32\sechost.dll
\Windows\System32\iertutil.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa800cfc5060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-2\
Lower Device Object: 0xfffffa800c9de050
Lower Device Driver Name: \Driver\iaStor\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800cfc4060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa800c9da050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800cfc4060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800cfc4b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800cfc4060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800c9d7420, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800c9da050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 5AD6B294
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable
 
    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 499908608
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 256060514304 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-500098192-500118192)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800cfc5060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800cfc5b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800cfc5060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800c9dba00, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800c9de050, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 626E931E
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1953519616
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
 
Done!
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished
 
Link to post
Share on other sites

step 4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x64
Ran by BobsonGaming on Tue 02/04/2014 at 17:12:30.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\Users\BobsonGaming\AppData\Roaming\mozilla\firefox\profiles\2kf8tlwj.default\user.js
Emptied folder: C:\Users\BobsonGaming\AppData\Roaming\mozilla\firefox\profiles\2kf8tlwj.default\minidumps [16 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/04/2014 at 17:15:35.02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

Step 5 log Opted to clean it all 

 

# AdwCleaner v3.018 - Report created 04/02/2014 at 17:25:36
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : BobsonGaming - BOBSONGAMING-PC
# Running from : C:\Users\BobsonGaming\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\BOBSON~1\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\BOBSON~1\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\BOBSON~1\AppData\Local\Temp\Uninstall.exe
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v26.0 (en-US)
 
[ File : C:\Users\BobsonGaming\AppData\Roaming\Mozilla\Firefox\Profiles\2kf8tlwj.default\prefs.js ]
 
 
-\\ Google Chrome v32.0.1700.107
 
[ File : C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [988 octets] - [04/02/2014 17:25:36]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1047 octets] ##########
Link to post
Share on other sites

step 5B, post reboot

 

 

# AdwCleaner v3.018 - Report created 04/02/2014 at 17:28:00
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : BobsonGaming - BOBSONGAMING-PC
# Running from : C:\Users\BobsonGaming\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\BOBSON~1\AppData\Local\Temp\Uninstall.exe
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v26.0 (en-US)
 
[ File : C:\Users\BobsonGaming\AppData\Roaming\Mozilla\Firefox\Profiles\2kf8tlwj.default\prefs.js ]
 
 
-\\ Google Chrome v32.0.1700.107
 
[ File : C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1127 octets] - [04/02/2014 17:25:36]
AdwCleaner[s0].txt - [921 octets] - [04/02/2014 17:28:00]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [980 octets] ##########
Link to post
Share on other sites

Step 5 C, Malwarebytes quick scan report

 

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.02.04.12
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
BobsonGaming :: BOBSONGAMING-PC [administrator]
 
Protection: Enabled
 
2/4/2014 5:31:52 PM
mbam-log-2014-02-04 (17-31-52).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Startup | P2P
Objects scanned: 213099
Time elapsed: 1 minute(s), 34 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
Link to post
Share on other sites

Step 7A Frst 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by BobsonGaming (administrator) on BOBSONGAMING-PC on 04-02-2014 18:00:16
Running from C:\Users\BobsonGaming\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link for 32-Bit version:
Download link for 64-Bit Version:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [THXCfg64] - C:\Windows\system32\THXCfg64.dll [25600 2010-09-14] (Creative Technology Ltd.)
HKLM\...\Run: [RunDLLEntry] - C:\Windows\system32\AmbRunE.dll [17920 2009-02-26] (Creative Technology Ltd.)
HKLM\...\Run: [shadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-09] (NVIDIA Corporation)
HKLM-x32\...\Run: [uSB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] - C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSPanel.exe [3353472 2012-09-17] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe [1517056 2011-08-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [updReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe [241789 2010-02-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKU\S-1-5-21-4189940685-1973123187-4231036715-1000\...\Run: [steam] - E:\games\Steam\Steam.exe [1815976 2014-01-27] (Valve Corporation)
HKU\S-1-5-21-4189940685-1973123187-4231036715-1000\...\Run: [AIM for Windows] - "C:\Users\BobsonGaming\AppData\Local\AOL\AIM\aim.exe"
HKU\S-1-5-21-4189940685-1973123187-4231036715-1000\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-4189940685-1973123187-4231036715-1000\...\MountPoints2: {549dfdc8-0772-11de-923e-806e6f6e6963} - D:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-4189940685-1973123187-4231036715-1000\...\MountPoints2: {dd42cc20-fc58-11e2-a2b6-08606ef0283a} - F:\Setup.exe
Startup: C:\Users\BobsonGaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x26073AA0D768CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
 
FireFox:
========
FF ProfilePath: C:\Users\BobsonGaming\AppData\Roaming\Mozilla\Firefox\Profiles\2kf8tlwj.default
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\BobsonGaming\AppData\Roaming\Mozilla\Firefox\Profiles\2kf8tlwj.default\Extensions\donottrackplus@abine.com [2014-01-03]
FF Extension: EPUBReader - C:\Users\BobsonGaming\AppData\Roaming\Mozilla\Firefox\Profiles\2kf8tlwj.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2013-12-02]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\BobsonGaming\AppData\Roaming\Mozilla\Firefox\Profiles\2kf8tlwj.default\Extensions\adblockpopups@jessehakanen.net.xpi [2013-06-14]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\BobsonGaming\AppData\Roaming\Mozilla\Firefox\Profiles\2kf8tlwj.default\Extensions\elemhidehelper@adblockplus.org.xpi [2013-06-14]
FF Extension: Adblock Plus - C:\Users\BobsonGaming\AppData\Roaming\Mozilla\Firefox\Profiles\2kf8tlwj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-14]
FF Extension: Greasemonkey - C:\Users\BobsonGaming\AppData\Roaming\Mozilla\Firefox\Profiles\2kf8tlwj.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-06-14]
 
Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Extension: (Bejeweled) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2013-06-14]
CHR Extension: (Angry Birds) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-06-14]
CHR Extension: (Google Docs) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-14]
CHR Extension: (Google Drive) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-14]
CHR Extension: (YouTube) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-14]
CHR Extension: (Remember The Milk) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\chdiaibgndcpagmnpkjoelgfkommjbni [2013-06-14]
CHR Extension: (AdBlock+) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmimgmjdabgiilljdjfbonifbhiglao [2013-06-14]
CHR Extension: (Google Search) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-14]
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2013-06-14]
CHR Extension: (Causality Games) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl [2013-06-14]
CHR Extension: (AdBlock) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-06-14]
CHR Extension: (NPR Infinite Player) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpcelemhneoooapbbopolpjhmbfmnbf [2013-06-14]
CHR Extension: (wikiHow Survival Kit) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\ickaeddjnhfofihhibhnjemlphjmnchl [2013-06-14]
CHR Extension: (Lose It!) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\jehemifhdilebjjpibeianiedocpgocn [2013-06-14]
CHR Extension: (Stop Autoplay for YouTube.) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdfnbpkmkkdhgidgcpdkgpdlfjcgnnh [2013-06-14]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2013-06-14]
CHR Extension: (Quick Note) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2013-06-14]
CHR Extension: (Google Play Books) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2013-06-14]
CHR Extension: (Google Wallet) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Sinuous) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\omlmnomieeknagejjojcpdomnbnbchdl [2013-06-14]
CHR Extension: (Gmail) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-14]
CHR Extension: (Canvas Rider) - C:\Users\BobsonGaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2013-06-14]
 
==================== Services (Whitelisted) =================
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe [324608 2012-05-18] (ASUSTeK Computer Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-13] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-19] (MCCI Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-04 18:00 - 2014-02-04 18:00 - 00020319 _____ () C:\Users\BobsonGaming\Desktop\FRST.txt
2014-02-04 18:00 - 2014-02-04 18:00 - 00000000 ____D () C:\FRST
2014-02-04 17:59 - 2014-02-04 17:59 - 02080256 _____ (Farbar) C:\Users\BobsonGaming\Desktop\FRST64.exe
2014-02-04 17:58 - 2014-02-04 17:58 - 00000200 _____ () C:\Users\BobsonGaming\Desktop\eset.txt
2014-02-04 17:37 - 2014-02-04 17:37 - 02347384 _____ (ESET) C:\Users\BobsonGaming\Downloads\esetsmartinstaller_enu.exe
2014-02-04 17:37 - 2014-02-04 17:37 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-04 17:25 - 2014-02-04 17:28 - 00000000 ____D () C:\AdwCleaner
2014-02-04 17:24 - 2014-02-04 17:24 - 01166132 _____ () C:\Users\BobsonGaming\Desktop\AdwCleaner.exe
2014-02-04 17:15 - 2014-02-04 17:15 - 00000967 _____ () C:\Users\BobsonGaming\Desktop\JRT.txt
2014-02-04 17:12 - 2014-02-04 17:12 - 00000000 ____D () C:\Windows\ERUNT
2014-02-04 17:11 - 2014-02-04 17:11 - 01037530 _____ (Thisisu) C:\Users\BobsonGaming\Desktop\JRT.exe
2014-02-04 17:06 - 2014-02-04 17:09 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-04 17:05 - 2014-02-04 17:09 - 00000000 ____D () C:\Users\BobsonGaming\Desktop\mbar
2014-02-04 17:05 - 2014-02-04 17:05 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-04 17:04 - 2014-02-04 17:05 - 12589848 _____ (Malwarebytes Corp.) C:\Users\BobsonGaming\Downloads\mbar-1.07.0.1009.exe
2014-02-04 15:00 - 2014-02-04 15:00 - 00002204 _____ () C:\Users\BobsonGaming\Desktop\RKreport[0]_S_02042014_150020.txt
2014-02-04 14:50 - 2014-02-04 14:50 - 00002171 _____ () C:\Users\BobsonGaming\Desktop\RKreport[0]_S_02042014_145029.txt
2014-02-04 14:47 - 2014-02-04 14:47 - 04380160 _____ () C:\Users\BobsonGaming\Desktop\RogueKillerX64 (2).exe
2014-02-04 14:46 - 2014-02-04 14:57 - 00000000 ____D () C:\Users\BobsonGaming\Desktop\RK_Quarantine
2014-02-04 14:44 - 2014-02-04 14:44 - 04380160 _____ () C:\Users\BobsonGaming\Desktop\RogueKillerX64.exe
2014-02-04 14:41 - 2014-02-04 14:57 - 00000000 ____D () C:\Windows\ERDNT
2014-02-04 14:40 - 2014-02-04 14:41 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-02-04 14:40 - 2014-02-04 14:40 - 00000931 _____ () C:\Users\BobsonGaming\Desktop\NTREGOPT.lnk
2014-02-04 14:40 - 2014-02-04 14:40 - 00000912 _____ () C:\Users\BobsonGaming\Desktop\ERUNT.lnk
2014-02-04 14:38 - 2014-02-04 14:38 - 00791393 _____ (Lars Hederer ) C:\Users\BobsonGaming\Downloads\erunt-setup.exe
2014-02-04 14:34 - 2014-02-04 14:56 - 00002038 _____ () C:\Users\BobsonGaming\Desktop\rkill.txt
2014-02-04 14:34 - 2014-02-04 14:34 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\BobsonGaming\Desktop\rkill.exe
2014-02-02 12:16 - 2014-02-02 12:16 - 00003620 _____ () C:\Users\BobsonGaming\Desktop\attach.txt
2014-02-02 12:16 - 2014-02-02 12:15 - 00019656 _____ () C:\Users\BobsonGaming\Desktop\dds.txt
2014-02-02 12:14 - 2014-02-02 12:14 - 00688992 ____R (Swearware) C:\Users\BobsonGaming\Downloads\dds.com
2014-01-23 12:51 - 2014-01-23 12:51 - 00001786 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-23 12:51 - 2014-01-23 12:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-23 12:51 - 2014-01-23 12:51 - 00000000 ____D () C:\Program Files\iTunes
2014-01-23 12:51 - 2014-01-23 12:51 - 00000000 ____D () C:\Program Files\iPod
2014-01-23 12:51 - 2014-01-23 12:51 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-17 22:28 - 2014-01-17 22:28 - 00000000 ____D () C:\Users\BobsonGaming\AppData\Local\Blizzard
2014-01-17 21:47 - 2014-01-18 00:38 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-01-17 21:47 - 2014-01-17 21:47 - 00001190 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-01-17 21:44 - 2014-02-04 14:39 - 00000000 ____D () C:\Users\BobsonGaming\AppData\Local\Battle.net
2014-01-17 21:44 - 2014-01-17 21:47 - 00000000 ____D () C:\Users\BobsonGaming\AppData\Roaming\Battle.net
2014-01-17 21:44 - 2014-01-17 21:44 - 00001153 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-01-17 21:44 - 2014-01-17 21:44 - 00000000 ____D () C:\Users\BobsonGaming\AppData\Local\Blizzard Entertainment
2014-01-17 21:44 - 2014-01-17 21:44 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-01-17 21:39 - 2014-01-17 21:39 - 05971136 _____ (Blizzard Entertainment) C:\Users\BobsonGaming\Downloads\Hearthstone-Beta-Setup-enUS.exe
2014-01-17 17:05 - 2014-01-17 17:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-01-16 11:36 - 2014-01-16 11:36 - 00002022 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-01-14 13:01 - 2013-11-26 19:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-14 13:01 - 2013-11-26 19:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-14 13:01 - 2013-11-26 19:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-14 13:01 - 2013-11-26 19:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-14 13:01 - 2013-11-26 19:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-14 13:01 - 2013-11-26 19:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-14 13:01 - 2013-11-26 19:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-14 13:01 - 2013-11-26 05:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-14 13:01 - 2013-11-26 04:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-07 15:03 - 2014-01-07 15:08 - 211183464 _____ (NVIDIA Corporation) C:\Users\BobsonGaming\Downloads\331.82-desktop-win8-win7-winvista-64bit-english-whql.exe
 
==================== One Month Modified Files and Folders =======
 
2014-02-04 18:00 - 2014-02-04 18:00 - 00020319 _____ () C:\Users\BobsonGaming\Desktop\FRST.txt
2014-02-04 18:00 - 2014-02-04 18:00 - 00000000 ____D () C:\FRST
2014-02-04 17:59 - 2014-02-04 17:59 - 02080256 _____ (Farbar) C:\Users\BobsonGaming\Desktop\FRST64.exe
2014-02-04 17:58 - 2014-02-04 17:58 - 00000200 _____ () C:\Users\BobsonGaming\Desktop\eset.txt
2014-02-04 17:48 - 2013-06-14 02:22 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-04 17:46 - 2013-06-25 17:07 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 17:46 - 2013-06-25 17:07 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-04 17:46 - 2013-06-14 23:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-04 17:46 - 2013-06-14 23:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 17:37 - 2014-02-04 17:37 - 02347384 _____ (ESET) C:\Users\BobsonGaming\Downloads\esetsmartinstaller_enu.exe
2014-02-04 17:37 - 2014-02-04 17:37 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-04 17:36 - 2009-07-13 22:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-04 17:36 - 2009-07-13 22:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-04 17:34 - 2009-07-13 23:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-04 17:31 - 2009-03-02 15:48 - 01312505 _____ () C:\Windows\WindowsUpdate.log
2014-02-04 17:29 - 2013-10-29 19:50 - 00020375 _____ () C:\Windows\setupact.log
2014-02-04 17:29 - 2013-06-14 02:22 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-04 17:28 - 2014-02-04 17:25 - 00000000 ____D () C:\AdwCleaner
2014-02-04 17:28 - 2013-06-14 21:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-04 17:28 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-04 17:24 - 2014-02-04 17:24 - 01166132 _____ () C:\Users\BobsonGaming\Desktop\AdwCleaner.exe
2014-02-04 17:15 - 2014-02-04 17:15 - 00000967 _____ () C:\Users\BobsonGaming\Desktop\JRT.txt
2014-02-04 17:12 - 2014-02-04 17:12 - 00000000 ____D () C:\Windows\ERUNT
2014-02-04 17:11 - 2014-02-04 17:11 - 01037530 _____ (Thisisu) C:\Users\BobsonGaming\Desktop\JRT.exe
2014-02-04 17:09 - 2014-02-04 17:06 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-04 17:09 - 2014-02-04 17:05 - 00000000 ____D () C:\Users\BobsonGaming\Desktop\mbar
2014-02-04 17:05 - 2014-02-04 17:05 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-04 17:05 - 2014-02-04 17:04 - 12589848 _____ (Malwarebytes Corp.) C:\Users\BobsonGaming\Downloads\mbar-1.07.0.1009.exe
2014-02-04 17:04 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-04 15:00 - 2014-02-04 15:00 - 00002204 _____ () C:\Users\BobsonGaming\Desktop\RKreport[0]_S_02042014_150020.txt
2014-02-04 14:57 - 2014-02-04 14:46 - 00000000 ____D () C:\Users\BobsonGaming\Desktop\RK_Quarantine
2014-02-04 14:57 - 2014-02-04 14:41 - 00000000 ____D () C:\Windows\ERDNT
2014-02-04 14:56 - 2014-02-04 14:34 - 00002038 _____ () C:\Users\BobsonGaming\Desktop\rkill.txt
2014-02-04 14:56 - 2013-06-14 14:40 - 00000000 ____D () C:\Users\BobsonGaming\AppData\Local\VirtualStore
2014-02-04 14:50 - 2014-02-04 14:50 - 00002171 _____ () C:\Users\BobsonGaming\Desktop\RKreport[0]_S_02042014_145029.txt
2014-02-04 14:47 - 2014-02-04 14:47 - 04380160 _____ () C:\Users\BobsonGaming\Desktop\RogueKillerX64 (2).exe
2014-02-04 14:44 - 2014-02-04 14:44 - 04380160 _____ () C:\Users\BobsonGaming\Desktop\RogueKillerX64.exe
2014-02-04 14:41 - 2014-02-04 14:40 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-02-04 14:40 - 2014-02-04 14:40 - 00000931 _____ () C:\Users\BobsonGaming\Desktop\NTREGOPT.lnk
2014-02-04 14:40 - 2014-02-04 14:40 - 00000912 _____ () C:\Users\BobsonGaming\Desktop\ERUNT.lnk
2014-02-04 14:39 - 2014-01-17 21:44 - 00000000 ____D () C:\Users\BobsonGaming\AppData\Local\Battle.net
2014-02-04 14:38 - 2014-02-04 14:38 - 00791393 _____ (Lars Hederer ) C:\Users\BobsonGaming\Downloads\erunt-setup.exe
2014-02-04 14:34 - 2014-02-04 14:34 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\BobsonGaming\Desktop\rkill.exe
2014-02-04 01:30 - 2013-08-31 14:49 - 00000000 ____D () C:\Users\BobsonGaming\AppData\Roaming\Skype
2014-02-04 01:27 - 2013-06-14 21:28 - 00000000 ____D () C:\Users\BobsonGaming\AppData\Roaming\.purple
2014-02-03 20:49 - 2013-06-14 02:23 - 00002186 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-02 12:16 - 2014-02-02 12:16 - 00003620 _____ () C:\Users\BobsonGaming\Desktop\attach.txt
2014-02-02 12:15 - 2014-02-02 12:16 - 00019656 _____ () C:\Users\BobsonGaming\Desktop\dds.txt
2014-02-02 12:14 - 2014-02-02 12:14 - 00688992 ____R (Swearware) C:\Users\BobsonGaming\Downloads\dds.com
2014-01-25 12:32 - 2009-07-13 23:08 - 00032626 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-23 12:51 - 2014-01-23 12:51 - 00001786 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-23 12:51 - 2014-01-23 12:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-23 12:51 - 2014-01-23 12:51 - 00000000 ____D () C:\Program Files\iTunes
2014-01-23 12:51 - 2014-01-23 12:51 - 00000000 ____D () C:\Program Files\iPod
2014-01-23 12:51 - 2014-01-23 12:51 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-23 12:50 - 2013-06-14 19:51 - 00000000 ____D () C:\ProgramData\Apple
2014-01-21 19:57 - 2013-07-29 19:08 - 00000000 ____D () C:\Users\BobsonGaming\Documents\StarCraft II
2014-01-21 18:31 - 2013-07-29 19:08 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-01-19 11:56 - 2013-06-25 16:09 - 00000000 ____D () C:\Users\BobsonGaming\AppData\Local\Adobe
2014-01-19 01:33 - 2010-11-20 21:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-18 00:38 - 2014-01-17 21:47 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-01-17 22:28 - 2014-01-17 22:28 - 00000000 ____D () C:\Users\BobsonGaming\AppData\Local\Blizzard
2014-01-17 21:47 - 2014-01-17 21:47 - 00001190 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-01-17 21:47 - 2014-01-17 21:44 - 00000000 ____D () C:\Users\BobsonGaming\AppData\Roaming\Battle.net
2014-01-17 21:44 - 2014-01-17 21:44 - 00001153 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-01-17 21:44 - 2014-01-17 21:44 - 00000000 ____D () C:\Users\BobsonGaming\AppData\Local\Blizzard Entertainment
2014-01-17 21:44 - 2014-01-17 21:44 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-01-17 21:39 - 2014-01-17 21:39 - 05971136 _____ (Blizzard Entertainment) C:\Users\BobsonGaming\Downloads\Hearthstone-Beta-Setup-enUS.exe
2014-01-17 17:05 - 2014-01-17 17:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-01-16 11:36 - 2014-01-16 11:36 - 00002022 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-01-14 14:08 - 2009-07-13 22:45 - 00304576 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-14 14:07 - 2013-08-14 01:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-14 14:06 - 2013-06-14 16:30 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-07 15:11 - 2013-06-14 16:56 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-07 15:08 - 2014-01-07 15:03 - 211183464 _____ (NVIDIA Corporation) C:\Users\BobsonGaming\Downloads\331.82-desktop-win8-win7-winvista-64bit-english-whql.exe
 
Some content of TEMP:
====================
C:\Users\BobsonGaming\AppData\Local\Temp\mirc732.exe
C:\Users\BobsonGaming\AppData\Local\Temp\ntdll_dump.dll
C:\Users\BobsonGaming\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\BobsonGaming\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\BobsonGaming\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\BobsonGaming\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\BobsonGaming\AppData\Local\Temp\nvStInst.exe
C:\Users\BobsonGaming\AppData\Local\Temp\Quarantine.exe
C:\Users\BobsonGaming\AppData\Local\Temp\swt-win32-3349.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-01-29 15:38
 
==================== End Of Log ============================
Link to post
Share on other sites

Step 7B Addition 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2014
Ran by BobsonGaming at 2014-02-04 18:00:26
Running from C:\Users\BobsonGaming\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (x32 Version: 10.1.9 - Adobe Systems Incorporated)
AI Suite II (x32 Version: 2.01.01 - ASUSTeK Computer Inc.)
Apple Application Support (x32 Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.3.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (x32 Version:  - )
ASUS WebStorage Sync Agent (x32 Version: 1.1.11.125 - ASUS Cloud Corporation)
Battle.net (x32 Version:  - Blizzard Entertainment)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Canon MG2100 series MP Drivers (Version:  - )
CCleaner (Version: 4.07 - Piriform)
Empire: Total War (x32 Version:  - The Creative Assembly)
ERUNT 1.1j (x32 Version:  - Lars Hederer)
ESET Online Scanner v3 (x32 Version:  - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hearthstone (x32 Version:  - Blizzard Entertainment)
Intel® Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel® Network Connections 17.3.63.0 (Version: 17.3.63.0 - Intel)
Intel® Network Connections 17.3.63.0 (Version: 17.3.63.0 - Intel) Hidden
Intel® Rapid Storage Technology (x32 Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.5.235 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (x32 Version:  - Intel Corporation)
iTunes (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
League of Legends (x32 Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
mIRC (x32 Version: 7.32 - mIRC Co. Ltd.)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
NVIDIA 3D Vision Controller Driver 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3182 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
Pidgin (x32 Version: 2.10.7 - )
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (x32 Version:  - 2K Games, Inc.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Sound Blaster X-Fi MB 2 (x32 Version: 1.04.01 - Creative Technology Limited)
StarCraft II (x32 Version:  - Blizzard Entertainment)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Total War: ROME II (x32 Version:  - Creative Assembly)
Total War: SHOGUN 2 (x32 Version:  - The Creative Assembly)
VLC media player 2.0.7 (x32 Version: 2.0.7 - VideoLAN)
WinRAR 4.20 (64-bit) (Version: 4.20.0 - win.rar GmbH)
Yahoo! Messenger (x32 Version:  - Yahoo! Inc.)
 
==================== Restore Points  =========================
 
02-02-2014 21:13:11 Scheduled Checkpoint
03-02-2014 05:16:32 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0C7B7951-3F7D-47FF-9504-8EFC5DE275FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-14] (Google Inc.)
Task: {29DD38FB-98F0-40DF-B741-A205A5CE0453} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2012-08-14] (ASUSTeK Computer Inc.)
Task: {6DBF983E-8FFA-49A9-80B1-C00E617ED965} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd)
Task: {93345ADA-28F4-4689-8D7C-F639D0EB1216} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {93FED472-177A-4D3E-BD14-CB215F7406FE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-04] (Adobe Systems Incorporated)
Task: {BB1DFF24-2B57-4DC5-821F-5D1B7F5E70F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-14] (Google Inc.)
Task: {CD007592-58D7-4F1E-96C1-2C8B4ED46121} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {D1ADD411-EE22-4AD3-AD98-2A52C065A724} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E333CA77-6FBB-46D4-9C54-CE94B23BE0E3} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-06-25 16:32 - 2010-06-08 12:23 - 00236544 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-14 19:26 - 2014-02-04 17:28 - 00039936 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-06-14 19:26 - 2010-06-28 20:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-06-14 19:28 - 2012-05-17 04:57 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2013-06-14 19:28 - 2012-07-05 11:05 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2014-02-03 20:49 - 2014-02-01 17:41 - 00715592 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-03 20:49 - 2014-02-01 17:41 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
2014-02-03 20:49 - 2014-02-01 17:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-03 20:49 - 2014-02-01 17:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-03 20:49 - 2014-02-01 17:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2013-08-14 16:51 - 2013-08-14 16:51 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\67f2d87ba056e1075fce76a8c50bb57e\IsdiInterop.ni.dll
2013-06-14 19:20 - 2012-02-01 15:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2013-06-14 19:21 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/04/2014 05:59:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/04/2014 05:37:46 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/04/2014 05:37:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/04/2014 05:30:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/04/2014 05:29:24 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
 
Error: (02/04/2014 05:24:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/04/2014 05:23:05 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
 
 
System errors:
=============
 
Microsoft Office Sessions:
=========================
Error: (02/04/2014 05:59:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\BobsonGaming\Downloads\esetsmartinstaller_enu.exe
 
Error: (02/04/2014 05:37:46 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\BobsonGaming\Downloads\esetsmartinstaller_enu.exe
 
Error: (02/04/2014 05:37:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\BobsonGaming\Downloads\esetsmartinstaller_enu.exe
 
Error: (02/04/2014 05:30:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/04/2014 05:29:24 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
 
Error: (02/04/2014 05:24:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/04/2014 05:23:05 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 19%
Total physical RAM: 16328.13 MB
Available physical RAM: 13122.14 MB
Total Pagefile: 16426.31 MB
Available Pagefile: 13061.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
 
==================== Drives ================================
 
Drive c: (ssd) (Fixed) (Total:238.37 GB) (Free:168.65 GB) NTFS
Drive e: (WD1TBHDBob1) (Fixed) (Total:931.51 GB) (Free:863.15 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 5AD6B294)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 626E931E)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites

  • Root Admin

Please uninstall ALL versions of Java from your Control Panel, Add/Remove and then reboot and run the following.

Please download JavaRa-1.16 and save it to your computer.

  • Double click to open the zip file and then select all and choose Copy.
  • Create a new folder on your Desktop named RemoveJava and paste the files into this new folder.
  • Quit all browsers and other running applications.
  • Right-click on JavaRa.exe in RemoveJava folder and choose Run as administrator to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it in your next reply.
Then run the following

 

Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.
Next, Please download Security Check by screen317 from HERE or HERE.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
Link to post
Share on other sites

I'm having difficulty at this point.  When I downloaded it, it said there's a new javara available.  I clicked "no" and proceeded to the update portion.  The program is not updating. The wheel just spins and nothing is downloaded.  After a while, I cancelled out and downloaded the new version, 2.5 ( the one you linked was 2.0), but when I went to follow steps, "Create log file" was no longer an option, so I deleted that version of the program. Please advice how I should proceed.

Link to post
Share on other sites

javara log... 

 

 

JavaRa 1.16 Removal Log.
 
Report follows after line.
 
------------------------------------
 
The JavaRa removal process was started on Wed Feb 05 01:01:08 2014
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124.
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124.
 
Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
 
Found and removed: SOFTWARE\Classes\CLSID\{5852F5ED-8BF4-11D4-A245-0080C6F74284}
 
Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
 
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA}
 
Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}
 
Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284}
 
Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkit
 
Found and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284}
 
Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled
 
Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.7.0.0
 
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
 
Found and removed: SOFTWARE\JavaSoft
 
Found and removed: SOFTWARE\JreMetrics
 
Found and removed: SOFTWARE\MozillaPlugins
 
------------------------------------
 
Finished reporting.
Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.79  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

Microsoft Security Essentials   

 Antivirus up to date!  

`````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware version 1.75.0.1300  

  Adobe Flash Player 12.0.0.43 Flash Player out of Date!  

 Adobe Reader 10.1.9 Adobe Reader out of Date!  

 Mozilla Firefox (26.0) 

 Google Chrome 32.0.1700.102  

 Google Chrome 32.0.1700.107  

````````Process Check: objlist.exe by Laurent````````  

 Microsoft Security Essentials MSMpEng.exe 

 Microsoft Security Essentials msseces.exe 

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbamgui.exe  

 Malwarebytes' Anti-Malware mbamscheduler.exe   

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

  • Root Admin

Please see the following and update your Adobe Flash

https://forums.malwarebytes.org/index.php?showtopic=141703

Then also check for any Adobe Reader updates as well.

Then reboot one more time and run the following and post back the log please.

Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.

Link to post
Share on other sites

MiniToolBox by Farbar  Version: 23-01-2014

Ran by BobsonGaming (administrator) on 05-02-2014 at 01:33:34

Running from "C:\Users\BobsonGaming\Desktop"

Microsoft Windows 7 Home Premium  Service Pack 1 (X64)

Boot Mode: Normal

***************************************************************************

 

========================= Flush DNS: ===================================

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========================= IE Proxy Settings: ============================== 

 

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

 

========================= FF Proxy Settings: ============================== 

 

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

 

========================= Hosts content: =================================

 

 

 

========================= IP Configuration: ================================

 

Intel® 82579V Gigabit Network Connection = Local Area Connection (Connected)

 

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

 

reset

set global icmpredirects=enabled

 

 

popd

# End of IPv4 configuration

 

 

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : BobsonGaming-PC

   Primary Dns Suffix  . . . . . . . : 

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

   DNS Suffix Search List. . . . . . : Home

 

Ethernet adapter Local Area Connection:

 

   Connection-specific DNS Suffix  . : Home

   Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection

   Physical Address. . . . . . . . . : 08-60-6E-F0-28-3A

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : fe80::c8c7:e978:a991:f0a2%11(Preferred) 

   IPv4 Address. . . . . . . . . . . : 192.168.254.1(Preferred) 

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : Wednesday, February 05, 2014 1:29:46 AM

   Lease Expires . . . . . . . . . . : Wednesday, July 28, 2021 4:29:46 PM

   Default Gateway . . . . . . . . . : 192.168.254.254

   DHCP Server . . . . . . . . . . . : 192.168.254.254

   DHCPv6 IAID . . . . . . . . . . . : 235429998

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-4C-86-AF-08-60-6E-F0-28-3A

   DNS Servers . . . . . . . . . . . : 192.168.254.254

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Tunnel adapter isatap.Home:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : Home

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Teredo Tunneling Pseudo-Interface:

 

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:1095:3b85:3f57:1fe(Preferred) 

   Link-local IPv6 Address . . . . . : fe80::1095:3b85:3f57:1fe%13(Preferred) 

   Default Gateway . . . . . . . . . : ::

   NetBIOS over Tcpip. . . . . . . . : Disabled

Server:  MyRouter.Home

Address:  192.168.254.254

 

Name:    google.com

Addresses:  2607:f8b0:4003:c02::8a

 173.194.64.138

 173.194.64.139

 173.194.64.100

 173.194.64.101

 173.194.64.102

 173.194.64.113

 

 

Pinging google.com [173.194.64.138] with 32 bytes of data:

Reply from 173.194.64.138: bytes=32 time=72ms TTL=48

Reply from 173.194.64.138: bytes=32 time=74ms TTL=48

 

Ping statistics for 173.194.64.138:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 72ms, Maximum = 74ms, Average = 73ms

Server:  MyRouter.Home

Address:  192.168.254.254

 

Name:    yahoo.com

Addresses:  98.138.253.109

 98.139.183.24

 206.190.36.45

 

 

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=76ms TTL=51

Reply from 98.138.253.109: bytes=32 time=73ms TTL=51

 

Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 73ms, Maximum = 76ms, Average = 74ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 2ms, Maximum = 4ms, Average = 3ms

===========================================================================

Interface List

 11...08 60 6e f0 28 3a ......Intel® 82579V Gigabit Network Connection

  1...........................Software Loopback Interface 1

 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0  192.168.254.254    192.168.254.1     20

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

    192.168.254.0    255.255.255.0         On-link     192.168.254.1    276

    192.168.254.1  255.255.255.255         On-link     192.168.254.1    276

  192.168.254.255  255.255.255.255         On-link     192.168.254.1    276

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link     192.168.254.1    276

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link     192.168.254.1    276

===========================================================================

Persistent Routes:

  None

 

IPv6 Route Table

===========================================================================

Active Routes:

 If Metric Network Destination      Gateway

 13     58 ::/0                     On-link

  1    306 ::1/128                  On-link

 13     58 2001::/32                On-link

 13    306 2001:0:9d38:6ab8:1095:3b85:3f57:1fe/128

                                    On-link

 11    276 fe80::/64                On-link

 13    306 fe80::/64                On-link

 13    306 fe80::1095:3b85:3f57:1fe/128

                                    On-link

 11    276 fe80::c8c7:e978:a991:f0a2/128

                                    On-link

  1    306 ff00::/8                 On-link

 13    306 ff00::/8                 On-link

 11    276 ff00::/8                 On-link

===========================================================================

Persistent Routes:

  None

========================= Winsock entries =====================================

 

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)

Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)

x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (02/05/2014 01:31:34 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/05/2014 01:29:59 AM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall

 

Error: (02/05/2014 01:15:03 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/05/2014 01:13:28 AM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall

 

Error: (02/05/2014 01:07:58 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/05/2014 01:06:22 AM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall

 

Error: (02/04/2014 08:43:35 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/04/2014 08:41:59 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall

 

Error: (02/04/2014 08:35:28 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/04/2014 08:33:55 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall

 

 

System errors:

=============

Error: (02/05/2014 01:04:17 AM) (Source: Service Control Manager) (User: )

Description: The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (02/04/2014 11:27:46 PM) (Source: Microsoft Antimalware) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 1.165.3263.0

 

Update Source: %NT AUTHORITY59

 

Update Stage: 4.4.0304.00

 

Source Path: 4.4.0304.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\SYSTEM

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

 

Microsoft Office Sessions:

=========================

Error: (02/05/2014 01:31:34 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/05/2014 01:29:59 AM) (Source: Steam Client Service)(User: )

Description: Failed to poke open firewall

 

Error: (02/05/2014 01:15:03 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/05/2014 01:13:28 AM) (Source: Steam Client Service)(User: )

Description: Failed to poke open firewall

 

Error: (02/05/2014 01:07:58 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/05/2014 01:06:22 AM) (Source: Steam Client Service)(User: )

Description: Failed to poke open firewall

 

Error: (02/04/2014 08:43:35 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/04/2014 08:41:59 PM) (Source: Steam Client Service)(User: )

Description: Failed to poke open firewall

 

Error: (02/04/2014 08:35:28 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/04/2014 08:33:55 PM) (Source: Steam Client Service)(User: )

Description: Failed to poke open firewall

 

 

=========================== Installed Programs ============================

 

Adobe Flash Player 12 ActiveX (Version: 12.0.0.44)

Adobe Flash Player 12 Plugin (Version: 12.0.0.44)

Adobe Reader XI (11.0.06)  MUI (Version: 11.0.06)

AI Suite II (Version: 2.01.01)

Apple Application Support (Version: 3.0)

Apple Mobile Device Support (Version: 7.1.0.32)

Apple Software Update (Version: 2.1.3.127)

Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.14.3.0)

Asmedia ASM106x SATA Host Controller Driver

ASUS WebStorage Sync Agent (Version: 1.1.11.125)

Battle.net

Bonjour (Version: 3.0.0.10)

Canon MG2100 series MP Drivers

CCleaner (Version: 4.07)

Empire: Total War

ERUNT 1.1j

ESET Online Scanner v3

GeForce Experience NvStream Client Components (Version: 1.6.28)

Google Chrome (Version: 32.0.1700.107)

Google Update Helper (Version: 1.3.22.3)

Hearthstone

Intel® Management Engine Components (Version: 8.1.0.1252)

Intel® Network Connections 17.3.63.0 (Version: 17.3.63.0)

Intel® Rapid Storage Technology (Version: 11.1.0.1006)

Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.5.235)

Intel® Trusted Connect Service Client (Version: 1.24.388.1)

Intel® Watchdog Timer Driver (Intel® WDT)

iTunes (Version: 11.1.4.62)

League of Legends (Version: 3.0.0)

Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)

Microsoft Security Client (Version: 4.4.0304.0)

Microsoft Security Essentials (Version: 4.4.304.0)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

mIRC (Version: 7.32)

Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)

Mozilla Maintenance Service (Version: 26.0)

NVIDIA 3D Vision Controller Driver 331.82 (Version: 331.82)

NVIDIA 3D Vision Driver 331.82 (Version: 331.82)

NVIDIA Control Panel 331.82 (Version: 331.82)

NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1)

NVIDIA Graphics Driver 331.82 (Version: 331.82)

NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4)

NVIDIA Install Application (Version: 2.1002.142.992)

NVIDIA LED Visualizer 1.0 (Version: 1.0)

NVIDIA Network Service (Version: 1.0)

NVIDIA PhysX (Version: 9.13.0725)

NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)

NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15)

NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3182)

NVIDIA Update 10.11.15 (Version: 10.11.15)

NVIDIA Update Core (Version: 10.11.15)

NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19)

OpenOffice.org 3.4.1 (Version: 3.41.9593)

Pidgin (Version: 2.10.7)

QuickTime (Version: 7.74.80.86)

Realtek High Definition Audio Driver (Version: 6.0.1.6699)

SHIELD Streaming (Version: 1.6.85)

Sid Meier's Civilization V

Skype™ 6.11 (Version: 6.11.102)

Sound Blaster X-Fi MB 2 (Version: 1.04.01)

StarCraft II

Steam (Version: 1.0.0.0)

Total War: ROME II

Total War: SHOGUN 2

VLC media player 2.0.7 (Version: 2.0.7)

WinRAR 4.20 (64-bit) (Version: 4.20.0)

Yahoo! Messenger

 

========================= Devices: ================================

 

Name: Reflector Display Driver used to gain access to graphics data

Description: Reflector Display Driver used to gain access to graphics data

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: RDPREFMP

 

Name: Microsoft Windows Management Interface for ACPI

Description: Microsoft Windows Management Interface for ACPI

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: WmiAcpi

 

Name: Xeon® processor E3-1200 v2/3rd Gen Core processor DRAM Controller - 0150

Description: Xeon® processor E3-1200 v2/3rd Gen Core processor DRAM Controller - 0150

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: 

 

Name: System Attribute Cache

Description: System Attribute Cache

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: discache

 

Name: High Definition Audio Controller

Description: High Definition Audio Controller

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: HDAudBus

 

Name: USB Root Hub

Description: USB Root Hub

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: (Standard USB Host Controller)

Service: asmthub3

 

Name: WAN Miniport (L2TP)

Description: WAN Miniport (L2TP)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: Rasl2tp

 

Name: msahci

Description: msahci

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: msahci

 

Name: Link-Layer Topology Discovery Responder

Description: Link-Layer Topology Discovery Responder

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: rspndr

 

Name: Microsoft Windows Management Interface for ACPI

Description: Microsoft Windows Management Interface for ACPI

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: WmiAcpi

 

Name: LDDM Graphics Subsystem

Description: LDDM Graphics Subsystem

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: DXGKrnl

 

Name: HID-compliant device

Description: HID-compliant device

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: (Standard system devices)

Service: 

 

Name: Generic volume shadow copy

Description: Generic volume shadow copy

Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}

Manufacturer: Microsoft

Service: 

 

Name: WAN Miniport (Network Monitor)

Description: WAN Miniport (Network Monitor)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: NdisWan

 

Name: ACPI Thermal Zone

Description: ACPI Thermal Zone

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: Generic volume

Description: Generic volume

Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}

Manufacturer: Microsoft

Service: volsnap

 

Name: Security Driver

Description: Security Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: secdrv

 

Name: Intel® 82802 Firmware Hub Device

Description: Intel® 82802 Firmware Hub Device

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: 

 

Name: msisadrv

Description: msisadrv

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: msisadrv

 

Name: WAN Miniport (IP)

Description: WAN Miniport (IP)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: NdisWan

 

Name: WDC WD10EZEX-00RKKA0

Description: Disk drive

Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard disk drives)

Service: disk

 

Name: ACPI Thermal Zone

Description: ACPI Thermal Zone

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: Xeon® processor E3-1200 v2/3rd Gen Core processor PCI Express Root Port - 0151

Description: Xeon® processor E3-1200 v2/3rd Gen Core processor PCI Express Root Port - 0151

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: pci

 

Name: Intel® 7 Series/C216 Chipset Family SMBus Host Controller - 1E22

Description: Intel® 7 Series/C216 Chipset Family SMBus Host Controller - 1E22

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: 

 

Name: Security Processor Loader Driver

Description: Security Processor Loader Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: spldr

 

Name: Intel® Watchdog Timer Driver (Intel® WDT)

Description: Intel® Watchdog Timer Driver (Intel® WDT)

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: ICCWDT

 

Name: Generic volume shadow copy

Description: Generic volume shadow copy

Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}

Manufacturer: Microsoft

Service: 

 

Name: ATA Channel 0

Description: IDE Channel

Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard IDE ATA/ATAPI controllers)

Service: atapi

 

Name: HID-compliant mouse

Description: HID-compliant mouse

Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: mouhid

 

Name: Microsoft ACPI-Compliant System

Description: Microsoft ACPI-Compliant System

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: ACPI

 

Name: WAN Miniport (IPv6)

Description: WAN Miniport (IPv6)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: NdisWan

 

Name: Programmable interrupt controller

Description: Programmable interrupt controller

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: Generic PnP Monitor

Description: Generic PnP Monitor

Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard monitor types)

Service: monitor

 

Name: NDIS System Driver

Description: NDIS System Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: NDIS

 

Name: ACPI Fixed Feature Button

Description: ACPI Fixed Feature Button

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: WAN Miniport (PPPOE)

Description: WAN Miniport (PPPOE)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: RasPppoe

 

Name: Generic volume

Description: Generic volume

Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}

Manufacturer: Microsoft

Service: volsnap

 

Name: ATA Channel 1

Description: IDE Channel

Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard IDE ATA/ATAPI controllers)

Service: atapi

 

Name: Xeon® processor E3-1200 v2/3rd Gen Core processor PCI Express Root Port - 0155

Description: Xeon® processor E3-1200 v2/3rd Gen Core processor PCI Express Root Port - 0155

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: pci

 

Name: System timer

Description: System timer

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E26

Description: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E26

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: Intel

Service: usbehci

 

Name: NDProxy

Description: NDProxy

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: NDProxy

 

Name: Bitlocker Drive Encryption Filter Driver

Description: Bitlocker Drive Encryption Filter Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: fvevol

 

Name: HID-compliant device

Description: HID-compliant device

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: (Standard system devices)

Service: 

 

Name: WAN Miniport (PPTP)

Description: WAN Miniport (PPTP)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: PptpMiniport

 

Name: Intel® Core i5-3570K CPU @ 3.40GHz

Description: Intel Processor

Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}

Manufacturer: Intel

Service: intelppm

 

Name: Microsoft ISATAP Adapter

Description: Microsoft ISATAP Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

 

Name: High precision event timer

Description: High precision event timer

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: HTTP

Description: HTTP

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: HTTP

 

Name: TCP/IP Protocol Driver

Description: TCP/IP Protocol Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: Tcpip

 

Name: HID Keyboard Device

Description: HID Keyboard Device

Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard keyboards)

Service: kbdhid

 

Name: WAN Miniport (SSTP)

Description: WAN Miniport (SSTP)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: RasSstp

 

Name: Direct memory access controller

Description: Direct memory access controller

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Teredo Tunneling Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

 

Name: Hardware Policy Driver

Description: Hardware Policy Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: hwpolicy

 

Name: NETBT

Description: NETBT

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: NetBT

 

Name: Intel® 82579V Gigabit Network Connection

Description: Intel® 82579V Gigabit Network Connection

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: e1cexpress

 

Name: RAS Async Adapter

Description: RAS Async Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: AsyncMac

 

Name: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E2D

Description: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E2D

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: Intel

Service: usbehci

 

Name: HID Keyboard Device

Description: HID Keyboard Device

Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard keyboards)

Service: kbdhid

 

Name: USB Composite Device

Description: USB Composite Device

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: (Standard USB Host Controller)

Service: usbccgp

 

Name: TCP/IP Registry Compatibility

Description: TCP/IP Registry Compatibility

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: tcpipreg

 

Name: ACPI x64-based PC

Description: ACPI x64-based PC

Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard computers)

Service: \Driver\ACPI_HAL

 

Name: Terminal Server Keyboard Driver

Description: Terminal Server Keyboard Driver

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: TermDD

 

Name: PCI bus

Description: PCI bus

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: pci

 

Name: NVIDIA High Definition Audio

Description: NVIDIA High Definition Audio

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: NVIDIA

Service: NVHDA

 

Name: USB Composite Device

Description: USB Composite Device

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: (Standard USB Host Controller)

Service: usbccgp

 

Name: KSecDD

Description: KSecDD

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: KSecDD

 

Name: Microsoft Network Inspection System

Description: Microsoft Network Inspection System

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: NisDrv

 

Name: File as Volume Driver

Description: File as Volume Driver

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: blbdrive

 

Name: Intel® USB 3.0 Root Hub

Description: Intel® USB 3.0 Root Hub

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: Intel® Corporation

Service: iusb3hub

 

Name: HID-compliant mouse

Description: HID-compliant mouse

Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: mouhid

 

Name: System CMOS/real time clock

Description: System CMOS/real time clock

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: Terminal Server Mouse Driver

Description: Terminal Server Mouse Driver

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: TermDD

 

Name: NetIO Legacy TDI Support Driver

Description: NetIO Legacy TDI Support Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: tdx

 

Name: USB Input Device (Logitech Download Assistant)

Description: USB Input Device (Logitech Download Assistant)

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: Logitech (x64)

Service: HidUsb

 

Name: Composite Bus Enumerator

Description: Composite Bus Enumerator

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: CompositeBus

 

Name: Plug and Play Software Device Enumerator

Description: Plug and Play Software Device Enumerator

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: swenum

 

Name: KSecPkg

Description: KSecPkg

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: KSecPkg

 

Name: System board

Description: System board

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: Intel® Core i5-3570K CPU @ 3.40GHz

Description: Intel Processor

Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}

Manufacturer: Intel

Service: intelppm

 

Name: USB Input Device

Description: USB Input Device

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: (Standard system devices)

Service: HidUsb

 

Name: High Definition Audio Controller

Description: High Definition Audio Controller

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: HDAudBus

 

Name: Intel® 7 Series/C216 Chipset Family SATA AHCI Controller

Description: Intel® 7 Series/C216 Chipset Family SATA AHCI Controller

Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: iaStor

 

Name: Intel® USB 3.0 eXtensible Host Controller

Description: Intel® USB 3.0 eXtensible Host Controller

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: Intel® Corporation

Service: iusb3xhc

 

Name: ASUS DRW-24B1ST   c

Description: CD-ROM Drive

Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard CD-ROM drives)

Service: cdrom

 

Name: UMBus Root Bus Enumerator

Description: UMBus Root Bus Enumerator

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: umbus

 

Name: Ancillary Function Driver for Winsock

Description: Ancillary Function Driver for Winsock

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: AFD

 

Name: Motherboard resources

Description: Motherboard resources

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: NSI proxy service driver.

Description: NSI proxy service driver.

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: nsiproxy

 

Name: Link-Layer Topology Discovery Mapper I/O Driver

Description: Link-Layer Topology Discovery Mapper I/O Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: lltdio

 

Name: VgaSave

Description: VgaSave

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: VgaSave

 

Name: HID-compliant consumer control device

Description: HID-compliant consumer control device

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: Microsoft

Service: 

 

Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)

Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: NVIDIA

Service: nvvad_WaveExtensible

 

Name: Realtek High Definition Audio

Description: Realtek High Definition Audio

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: Realtek

Service: IntcAzAudAddService

 

Name: USB Input Device

Description: USB Input Device

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: (Standard system devices)

Service: HidUsb

 

Name: Motherboard resources

Description: Motherboard resources

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: AsIO

Description: AsIO

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: AsIO

 

Name: USB Input Device

Description: USB Input Device

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: (Standard system devices)

Service: HidUsb

 

Name: Dynamic Volume Manager

Description: Dynamic Volume Manager

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: volmgrx

 

Name: Motherboard resources

Description: Motherboard resources

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: Microsoft Virtual Drive Enumerator Driver

Description: Microsoft Virtual Drive Enumerator Driver

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: vdrvroot

 

Name: AsUpIO

Description: AsUpIO

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: AsUpIO

 

Name: NVIDIA GeForce GTX 660 

Description: NVIDIA GeForce GTX 660 

Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}

Manufacturer: NVIDIA

Service: nvlddmkm

 

Name: Null

Description: Null

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: Null

 

Name: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 1 - 1E10

Description: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 1 - 1E10

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: pci

 

Name: Intel® Management Engine Interface 

Description: Intel® Management Engine Interface 

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: MEIx64

 

Name: Motherboard resources

Description: Motherboard resources

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: HID-compliant device

Description: HID-compliant device

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: (Standard system devices)

Service: 

 

Name: Storage volumes

Description: Storage volumes

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: volsnap

 

Name: Volume Manager

Description: Volume Manager

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: volmgr

 

Name: USB Input Device

Description: USB Input Device

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: (Standard system devices)

Service: HidUsb

 

Name: UMBus Enumerator

Description: UMBus Enumerator

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: umbus

 

Name: IDE Channel

Description: IDE Channel

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: atapi

 

Name: Numeric data processor

Description: Numeric data processor

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: Performance Counters for Windows Driver

Description: Performance Counters for Windows Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: pcw

 

Name: Generic USB Hub

Description: Generic USB Hub

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: (Generic USB Hub)

Service: usbhub

 

Name: Intel® Core i5-3570K CPU @ 3.40GHz

Description: Intel Processor

Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}

Manufacturer: Intel

Service: intelppm

 

Name: Remote Access IPv6 ARP Driver

Description: Remote Access IPv6 ARP Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: Wanarpv6

 

Name: Mount Point Manager

Description: Mount Point Manager

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: mountmgr

 

Name: Beep

Description: Beep

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: Beep

 

Name: PEAUTH

Description: PEAUTH

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: PEAUTH

 

Name: Microsoft ACPI-Compliant Embedded Controller

Description: Microsoft ACPI-Compliant Embedded Controller

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: Asmedia 106x SATA Controller

Description: Asmedia 106x SATA Controller

Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}

Manufacturer: Asmedia Technology

Service: asahci64

 

Name: HID-compliant device

Description: HID-compliant device

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: (Standard system devices)

Service: 

 

Name: Kernel Mode Driver Frameworks service

Description: Kernel Mode Driver Frameworks service

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: Wdf01000

 

Name: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 5 - 1E18

Description: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 5 - 1E18

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: pci

 

Name: Generic USB Hub

Description: Generic USB Hub

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: (Generic USB Hub)

Service: usbhub

 

Name: Intel® Z77 Express Chipset LPC Controller - 1E44

Description: Intel® Z77 Express Chipset LPC Controller - 1E44

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: msisadrv

 

Name: QoS Packet Scheduler

Description: QoS Packet Scheduler

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: Psched

 

Name: ACPI Fan

Description: ACPI Fan

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: WFP Lightweight Filter

Description: WFP Lightweight Filter

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: WfpLwf

 

Name: Windows Firewall Authorization Driver

Description: Windows Firewall Authorization Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: mpsdrv

 

Name: USB Root Hub

Description: USB Root Hub

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: (Standard USB Host Controller)

Service: usbhub

 

Name: Generic volume shadow copy

Description: Generic volume shadow copy

Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}

Manufacturer: Microsoft

Service: 

 

Name: ACPI Fan

Description: ACPI Fan

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: Samsung SSD 840 PRO Seri

Description: Disk drive

Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard disk drives)

Service: disk

 

Name: ACPI Fan

Description: ACPI Fan

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: HID-compliant device

Description: HID-compliant device

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: (Standard system devices)

Service: 

 

Name: User Mode Driver Frameworks Platform Driver

Description: User Mode Driver Frameworks Platform Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: WudfPf

 

Name: Common Log (CLFS)

Description: Common Log (CLFS)

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: CLFS

 

Name: USB Root Hub

Description: USB Root Hub

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: (Standard USB Host Controller)

Service: usbhub

 

Name: Generic volume shadow copy

Description: Generic volume shadow copy

Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}

Manufacturer: Microsoft

Service: 

 

Name: ASMedia XHCI Controller

Description: ASMedia XHCI Controller

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: ASMedia Technology Inc

Service: asmtxhci

 

Name: RDPCDD

Description: RDPCDD

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: RDPCDD

 

Name: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 8 - 1E1E

Description: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 8 - 1E1E

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: pci

 

Name: ACPI Fan

Description: ACPI Fan

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: Intel® Core i5-3570K CPU @ 3.40GHz

Description: Intel Processor

Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}

Manufacturer: Intel

Service: intelppm

 

Name: Generic volume shadow copy

Description: Generic volume shadow copy

Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}

Manufacturer: Microsoft

Service: 

 

Name: Microsoft System Management BIOS Driver

Description: Microsoft System Management BIOS Driver

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: mssmbios

 

Name: CNG

Description: CNG

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: CNG

 

Name: ACPI Fan

Description: ACPI Fan

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: RDP Encoder Mirror Driver

Description: RDP Encoder Mirror Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: RDPENCDD

 

Name: Generic volume

Description: Generic volume

Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}

Manufacturer: Microsoft

Service: volsnap

 

Name: WAN Miniport (IKEv2)

Description: WAN Miniport (IKEv2)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: RasAgileVpn

 

Name: ACPI Power Button

Description: ACPI Power Button

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard system devices)

Service: 

 

Name: HID-compliant device

Description: HID-compliant device

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: (Standard system devices)

Service: 

 

Name: Generic volume shadow copy

Description: Generic volume shadow copy

Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}

Manufacturer: Microsoft

Service: 

 

 

========================= Memory info: ===================================

 

Percentage of memory in use: 14%

Total physical RAM: 16328.13 MB

Available physical RAM: 14007.82 MB

Total Pagefile: 16426.31 MB

Available Pagefile: 14069.34 MB

Total Virtual: 4095.88 MB

Available Virtual: 3966.66 MB

 

========================= Partitions: =====================================

 

1 Drive c: (ssd) (Fixed) (Total:238.37 GB) (Free:169.31 GB) NTFS

3 Drive e: (WD1TBHDBob1) (Fixed) (Total:931.51 GB) (Free:869.42 GB) NTFS

 

========================= Users: ========================================

 

User accounts for \\BOBSONGAMING-PC

 

Administrator            BobsonGaming             Guest                    

 

========================= Minidump Files ==================================

 

No minidump file found

 

 

**** End of log ****
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.