Jump to content

Recommended Posts

Hi there,

 

I've been having a problem recently when attempting to do a full scan with Malwarebytes. At about 65-70% into the scan my computer starts to become sluggish and very quickly becomes unresponsive to the point that I am unable to do anything but perform a hard reset.

 

This has happened every time I've tried a full scan.I haven't been able to get a scan off properly in safe mode either without the same thing happening.

 

Avast also seems to have this problem and does the same thing during a full scan.

 

Aditionally, in the last few days my computer has been getting similar crashes even when I'm not performing a scan, although these are few and far between.

 

I fear this is maybe being caused by a virus but as I cannot complete a full scan I have no idea what to do past this point.

 

Please find pasted below my "dds" and "attach" logs:

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2
Run by UKGC at 22:16:15 on 2014-02-02
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.8173.3840 [GMT 0:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\sysWow64\CtHdaSvc.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\Tablet\Pen\WacomHost.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Battle.net\Battle.net.4124\Battle.net.exe
C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
C:\Program Files (x86)\World of Warcraft\Wow-64.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\World of Warcraft\Utils\WowBrowserProxy.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Games\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [updReg] C:\Windows\UpdReg.EXE
mRun: [sound Blaster Recon3D PCIe Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe" /r
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com

TCP: NameServer = 192.168.1.254
TCP: Interfaces\{88F82BCA-EC36-41A1-AFFF-20D6877BBA91} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{88F82BCA-EC36-41A1-AFFF-20D6877BBA91}\244584F6D65684572623D243B43474 : DHCPNameServer = 192.168.1.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\UKGC\AppData\Roaming\Mozilla\Firefox\Profiles\f3qhrby2.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-12-1 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-12-1 205320]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-4-23 56336]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-12-1 1032416]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-12-1 409832]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-9-23 171600]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-12-1 38984]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-12-1 84328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-1 50344]
R2 CtHdaSvc;SB Recon3D Service;C:\Windows\SysWOW64\CtHdaSvc.exe [2011-11-14 104448]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-6-28 8704]
R2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-2-22 86016]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-18 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-29 16939296]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-19 411936]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R2 WTabletServiceCon;Wacom Consumer Service;C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [2013-7-3 619904]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]
R3 cthda;SB Recon3D HDAudio;C:\Windows\System32\drivers\cthda.sys [2011-11-14 1265752]
R3 cthdb;SB Recon3D PCIe Audio Bus Filter;C:\Windows\System32\drivers\CtHDb.sys [2011-11-14 24152]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\System32\drivers\LGSHidFilt.Sys [2012-10-2 66360]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
R3 LVUVC64;Logitech HD Webcam C270(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-1-23 39200]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-2 646248]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192Ce.sys [2011-6-15 1145960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 aswTap;avast! SecureLine TAP Adapter v3;C:\Windows\System32\drivers\aswTap.sys [2013-11-30 44640]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-6-4 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-6-4 79360]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-6-30 1431888]
S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2013-7-3 13728]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-11 111616]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2013-7-3 81824]
S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2013-7-3 15776]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-2 1255736]
.
=============== Created Last 30 ================
.
2014-01-31 13:42:30    10315576    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1BBCB892-4839-4525-B5D2-B65398E81F15}\mpengine.dll
2014-01-23 19:52:12    39200    ----a-w-    C:\Windows\System32\drivers\nvvad64v.sys
2014-01-23 19:52:12    33056    ----a-w-    C:\Windows\SysWow64\nvaudcap32v.dll
2014-01-18 20:14:33    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-15 18:51:45    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 18:51:45    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
2014-01-15 18:51:45    53248    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
2014-01-15 18:51:45    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
2014-01-15 18:51:45    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
2014-01-15 18:51:45    30720    ----a-w-    C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 18:51:45    25600    ----a-w-    C:\Windows\System32\drivers\usbohci.sys
2014-01-15 18:51:44    376768    ----a-w-    C:\Windows\System32\drivers\netio.sys
2014-01-15 18:51:44    3156480    ----a-w-    C:\Windows\System32\win32k.sys
2014-01-08 23:15:37    --------    d-----w-    C:\Users\UKGC\AppData\Roaming\Rogue Legacy
.
==================== Find3M  ====================
.
2014-01-21 02:53:40    1048152    ----a-w-    C:\Windows\SysWow64\nvspcap.dll
2014-01-21 02:53:29    1179576    ----a-w-    C:\Windows\System32\nvspcap64.dll
2014-01-18 20:30:51    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-18 20:30:51    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-27 18:42:16    35104    ----a-w-    C:\Windows\System32\nvaudcap64v.dll
2013-12-19 18:53:46    6671648    ----a-w-    C:\Windows\System32\nvcpl.dll
2013-12-19 18:53:46    3490080    ----a-w-    C:\Windows\System32\nvsvc64.dll
2013-12-19 18:53:44    922912    ----a-w-    C:\Windows\System32\nvvsvc.exe
2013-12-19 18:53:44    63776    ----a-w-    C:\Windows\System32\nvshext.dll
2013-12-19 18:53:44    386336    ----a-w-    C:\Windows\System32\nvmctray.dll
2013-12-19 18:53:44    2559776    ----a-w-    C:\Windows\System32\nvsvcr.dll
2013-12-19 12:20:22    590112    ----a-w-    C:\Windows\SysWow64\nvStreaming.exe
2013-12-19 05:01:48    3539040    ----a-w-    C:\Windows\System32\nvcoproc.bin
2013-12-18 06:13:56    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2013-12-06 14:26:24    108968    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2013-12-01 22:57:05    92544    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2013-12-01 22:57:05    84328    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2013-12-01 22:57:05    65776    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2013-12-01 22:57:05    43152    ----a-w-    C:\Windows\avastSS.scr
2013-12-01 22:57:05    205320    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2013-12-01 22:57:05    1032416    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2013-11-30 16:16:12    44640    ----a-w-    C:\Windows\System32\drivers\aswTap.sys
2013-11-28 13:38:22    31520    ----a-w-    C:\Windows\System32\nvhdap64.dll
2013-11-28 13:38:18    197408    ----a-w-    C:\Windows\System32\drivers\nvhda64v.sys
2013-11-26 10:19:07    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
2013-11-22 08:36:08    1515296    ----a-w-    C:\Windows\System32\nvhdagenco6420103.dll
2013-11-12 02:23:09    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-11-12 02:07:29    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-11-05 16:29:02    281688    ----a-w-    C:\Windows\SysWow64\PnkBstrB.xtr
2013-11-05 16:29:02    281688    ----a-w-    C:\Windows\SysWow64\PnkBstrB.exe
2013-11-05 16:24:17    281688    ----a-w-    C:\Windows\SysWow64\PnkBstrB.ex0
.
============= FINISH: 22:16:25.00 ===============
 

 

 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 02/05/2012 12:38:57
System Uptime: 02/02/2014 21:47:28 (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | P8Z68-V LX
Processor: Intel® Core i7-2600K CPU @ 3.40GHz | LGA1155 | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 423.148 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ROOT\SIDESHOW\0000
Manufacturer:
Name:
PNP Device ID: ROOT\SIDESHOW\0000
Service:
.
Class GUID:
Description:
Device ID: ROOT\SIDESHOW\0001
Manufacturer:
Name:
PNP Device ID: ROOT\SIDESHOW\0001
Service:
.
==== System Restore Points ===================
.
RP352: 21/01/2014 10:10:34 - Windows Update
RP353: 23/01/2014 19:52:54 - Installed DirectX
RP354: 27/01/2014 10:54:41 - Installed DirectX
RP355: 28/01/2014 17:25:15 - Windows Update
.
==== Installed Programs ======================
.
A Walk in the Dark
Adobe Flash Player 11 ActiveX
Adobe Flash Player 12 Plugin
Adobe Photoshop Elements 11
Adobe Reader X (10.1.9)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
applicationupdater
Arma 2
Arma 2: Operation Arrowhead
Arma 2: Private Military Company
ARMA 2: Private Military Company - Data cache removal
Asmedia ASM104x USB 3.0 Host Controller Driver
Assassin's Creed Revelations
ASUS 802.11n WLAN Card Utilities & Driver
Autodesk 3ds Max 2012 64-bit - English
Autodesk Backburner 2012.0.0
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit
Autodesk Material Library 2012
Autodesk Material Library Base Resolution Image Library 2012
Autodesk Material Library Medium Resolution Image Library 2012
Autodesk SketchBook Pro 6
AutoHotkey 1.0.48.05
avast! Free Antivirus
Bastion
Battle.net
BattlEye for OA Uninstall
BattlEye Uninstall
Beyond Good & Evil
Bleed v1.1
Bonjour
Borderlands 2
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Composite 2012 64-bit
Curse Client
Dark Souls: Prepare to Die Edition
Diablo III
Dolby Digital Live Pack
Dragon Age Awakening Redesigned
Dragon Age Awakening Velanna Redesigned©
Dragon Age II
Dragon Age Redesigned- Leliana's Song
Dragon Age Redesigned © Morrigan
Dragon Age Redesigned©
Dragon Age Redesigned© Leliana
Dragon Age Redesigned© Sten
Dragon Age Redesigned© Wynne
Dragon Age: Origins - Ultimate Edition
Dungeons of Dredmor
Dxtory version 2.0.123
Elements 11 Organizer
F.lux
Far Cry 3
FINAL FANTASY VII
Floris Mod Pack 2.54
Fraps (remove only)
FTL: Faster Than Light
Full Combat Rebalance 2 version 1.2
gamelauncher-ps2-live
gamelauncher-ps2-psg
GeForce Experience NvStream Client Components
GraphicsGale FreeEdition version 2.03.19
Guild Wars 2
Hearthstone
Hi-Rez Studios Authenticate and Update Service
Hotline Miami
iTunes
Java 7 Update 45 (64-bit)
Java 7 Update 51
Java Auto Updater
Lagarith Lossless Codec (1.3.27)
Legend of Grimrock
Logitech Gaming Software
Logitech Gaming Software 8.40
Malwarebytes Anti-Malware version 1.75.0.1300
Mark of the Ninja
Mass Effect
Mass Effect™ 3
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
Microsoft Xbox 360 Accessories 1.2
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0 Refresh
Movie Studio Platinum 12.0 (64-bit)
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT Redists
Mumble 1.2.3
My Game Long Name
Nexus Mod Manager
NIF Utilities 3.7.3.265452180 for 3ds Max
NVIDIA 3D Vision Controller Driver 332.21
NVIDIA 3D Vision Driver 332.21
NVIDIA Control Panel 332.21
NVIDIA GeForce Experience 1.8.2
NVIDIA Graphics Driver 332.21
NVIDIA HD Audio Driver 1.3.30.1
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 11.10.11
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 11.10.11
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.20
OpenAL
Origin
Papers, Please
Paranautical Activity
Path of Exile
Portal 2
PSE11 STI Installer
Psychonauts
PunkBuster Services
Realtek Ethernet Controller Driver
Rogue Legacy
Scrolls
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
SHIELD Streaming
Skype™ 6.11
Sound Blaster Recon3D PCIe
Sound Blaster Recon3D PCIe Extras
Stalker Complete 2009 v1.4.4
Starbound
Steam
Surgeon Simulator 2013
The Elder Scrolls V: Skyrim
The Stanley Parable
The Walking Dead
The Walking Dead: Season Two
The Witcher 2: Assassins of Kings Enhanced Edition
Torchlight II
Trine 2
Ubisoft Game Launcher
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Uplay
Ut Video Codec Suite
VLC media player 2.0.7
Wacom
Warcraft III
Warhammer 40,000: Dawn of War - Game of the Year Edition
Warhammer 40,000: Dawn of War – Dark Crusade
Warhammer 40,000: Dawn of War – Soulstorm
Warhammer 40,000: Dawn of War – Winter Assault
Warhammer® 40,000™: Dawn of War® II – Retribution™
WebTablet FB Plugin 32 bit
WebTablet FB Plugin 64 bit
Windows Live ID Sign-in Assistant
WinRAR 4.11 (32-bit)
World of Warcraft
XCOM: Enemy Unknown
.
==== Event Viewer Messages From Past Week ========
.
28/01/2014 17:23:30, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
28/01/2014 17:23:30, Error: Service Control Manager [7000]  - The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
 

 

 

Thank you for your time,

 

Kaathe

 

Link to post
Share on other sites

  • Root Admin

Hello and :welcome:
 

Please read the following and post back the requested logs when ready.

General P2P/Piracy Warning:
 

 
If you're using
Peer 2 Peer
software such as
uTorrent, BitTorrent
or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have
illegal/cracked software, cracks, keygens etc
. on the system, please remove or uninstall them now and read the policy on
Piracy
.




Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.
  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
    • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

    [*]Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive [*]Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you. [*]The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone. [*]Perform everything in the correct order. Sometimes one step requires the previous one. [*]If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue. [*]You can check here if you're not sure if your computer is 32-bit or 64-bit [*]Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners. [*]When we are done, I'll give you instructions on how to cleanup all the tools and logs [*]Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. [*]Your topic will be closed if you haven't replied within 3 days [*](If I have not responded within 24 hours, please send me a Private Message as a reminder)




STEP 0
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.


Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.



STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02
Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.


 

Link to post
Share on other sites

Hi Advanced User,

 

The link RogueKiller 64-bit came up with a 404 error so I had to download it from here instead (Using the rendu2x64.png button)

 

Here is the RKreport log:

 

 

RogueKiller V8.8.3 _x64_ [Jan 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : UKGC [Admin rights]
Mode : Scan -- Date : 02/06/2014 14:53:06
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000DM003-9YN162 ATA Device +++++
--- User ---
[MBR] dd77d46b265a8d3bf49b56b48454cb6e
[bSP] 2f70951b358ab3ec628b9993ab94944d : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_02062014_145306.txt >>

 

 

Thanks for your help,

 

Kaathe

Link to post
Share on other sites

  • Root Admin

Yes, sorry about that.  I thought I had updated it already and even went back and updated some links for posts I'd made but I guess I missed yours.  Thanks for the log.

 

Please go ahead and run through the following steps and post back the logs when ready.

STEP 03
Please download Malwarebytes Anti-Rootkit from here

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

STEP 04
Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus



STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.


Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.


STEP 06
button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.



STEP 07
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.


 

Link to post
Share on other sites

Hi AdvancedSetup,

 

Here are the logs-

 

 

mbar-log-2014-02-07 (14-37-52):

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.02.07.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
UKGC :: UKGC-PC [administrator]

07/02/2014 14:37:52
mbar-log-2014-02-07 (14-37-52).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 257126
Time elapsed: 18 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

 

system-log:

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.16476

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.400000 GHz
Memory total: 8570216448, free: 6162235392

Downloaded database version: v2014.02.07.04
Downloaded database version: v2013.12.18.01
Initializing...
======================
------------ Kernel report ------------
     02/07/2014 14:37:49
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\??\C:\Windows\system32\drivers\aswSnx.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\??\C:\Windows\system32\drivers\aswTdi.sys
\SystemRoot\system32\drivers\afd.sys
\??\C:\Windows\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\??\C:\Windows\system32\drivers\aswSP.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\cthdb.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\rtl8192Ce.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\asmtxhci.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\drivers\LGBusEnum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\drivers\cthda.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\DRIVERS\asmthub3.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\LGSHidFilt.Sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\??\C:\Windows\system32\drivers\aswFsBlk.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\lvuvc64.sys
\SystemRoot\system32\DRIVERS\lvrs64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\xusb21.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\drivers\LGVirHid.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\normaliz.dll
\Windows\System32\nsi.dll
\Windows\System32\urlmon.dll
\Windows\System32\iertutil.dll
\Windows\System32\advapi32.dll
\Windows\System32\sechost.dll
\Windows\System32\setupapi.dll
\Windows\System32\user32.dll
\Windows\System32\gdi32.dll
\Windows\System32\usp10.dll
\Windows\System32\comdlg32.dll
\Windows\System32\imm32.dll
\Windows\System32\kernel32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\psapi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\wininet.dll
\Windows\System32\difxapi.dll
\Windows\System32\ole32.dll
\Windows\System32\lpk.dll
\Windows\System32\ws2_32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\msctf.dll
\Windows\System32\shell32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\shlwapi.dll
\Windows\System32\imagehlp.dll
\Windows\System32\clbcatq.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800773f790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xfffffa8007183680
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800773f790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007649960, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800773f790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007194520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007183680, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: CE40F4DA

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 1953314816

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1953505168-1953525168)...
Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 

 

JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x64
Ran by UKGC on 07/02/2014 at 14:59:06.37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\UKGC\AppData\Roaming\mozilla\firefox\profiles\f3qhrby2.default\minidumps [117 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/02/2014 at 15:03:11.06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

AdwCleaner[s0]:

 

# AdwCleaner v3.018 - Report created 07/02/2014 at 15:12:47
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : UKGC - UKGC-PC
# Running from : C:\Users\UKGC\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v27.0 (en-US)

[ File : C:\Users\UKGC\AppData\Roaming\Mozilla\Firefox\Profiles\f3qhrby2.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [767 octets] - [07/02/2014 15:09:10]
AdwCleaner[s0].txt - [689 octets] - [07/02/2014 15:12:47]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [748 octets] ##########

 

 

mbam-log-2014-02-07 (15-17-05):

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.07.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
UKGC :: UKGC-PC [administrator]

07/02/2014 15:17:05
mbam-log-2014-02-07 (15-17-05).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 221994
Time elapsed: 4 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

 

Eset Online Log:

 

C:\Users\UKGC\Desktop\Toolboks\XCOM EW ToolBoks 1_6_4.exe    a variant of MSIL/Packed.Confuser.G potentially unwanted application
 

 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by UKGC (administrator) on UKGC-PC on 07-02-2014 16:41:21
Running from C:\Users\UKGC\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Valve Corporation) C:\Games\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [shadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [updReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [sound Blaster Recon3D PCIe Control Panel] - C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [880128 2011-11-14] (Creative Technology Ltd)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-01] (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x11D04451CAD7CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\UKGC\AppData\Roaming\Mozilla\Firefox\Profiles\f3qhrby2.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Hide Favicons - C:\Users\UKGC\AppData\Roaming\Mozilla\Firefox\Profiles\f3qhrby2.default\Extensions\hidefavicons@maarten.xpi [2013-06-22]
FF Extension: Reddit Enhancement Suite - C:\Users\UKGC\AppData\Roaming\Mozilla\Firefox\Profiles\f3qhrby2.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2013-06-22]
FF Extension: Readability - C:\Users\UKGC\AppData\Roaming\Mozilla\Firefox\Profiles\f3qhrby2.default\Extensions\readability@readability.com.xpi [2013-11-01]
FF Extension: NoScript - C:\Users\UKGC\AppData\Roaming\Mozilla\Firefox\Profiles\f3qhrby2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-06-22]
FF Extension: Download YouTube Videos as MP4 - C:\Users\UKGC\AppData\Roaming\Mozilla\Firefox\Profiles\f3qhrby2.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-01-19]
FF Extension: Adblock Plus - C:\Users\UKGC\AppData\Roaming\Mozilla\Firefox\Profiles\f3qhrby2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-22]
FF Extension: Greasemonkey - C:\Users\UKGC\AppData\Roaming\Mozilla\Firefox\Profiles\f3qhrby2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-06-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-01]

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-01] (AVAST Software)
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [104448 2011-11-14] (Creative Technology Ltd)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-01] ()
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-01] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-01] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2013-11-30] (The OpenVPN Project)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-01] ()
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1265752 2011-11-14] (Creative Technology Ltd)
R3 cthdb; C:\Windows\System32\DRIVERS\cthdb.sys [24152 2011-11-14] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-02] (Logitech Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 ALSysIO; \??\C:\Users\UKGC\AppData\Local\Temp\ALSysIO64.sys [X]
S3 cpuz134; \??\C:\Users\UKGC\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-07 16:41 - 2014-02-07 16:41 - 00014728 _____ () C:\Users\UKGC\Desktop\FRST.txt
2014-02-07 16:41 - 2014-02-07 16:41 - 00000000 ____D () C:\FRST
2014-02-07 16:40 - 2014-02-07 16:40 - 02079744 _____ (Farbar) C:\Users\UKGC\Desktop\FRST64.exe
2014-02-07 15:25 - 2014-02-07 15:25 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-07 15:14 - 2014-02-07 15:14 - 00000827 _____ () C:\Users\UKGC\Desktop\AdwCleaner[s0].txt
2014-02-07 15:09 - 2014-02-07 15:12 - 00000000 ____D () C:\AdwCleaner
2014-02-07 15:08 - 2014-02-07 15:08 - 01166132 _____ () C:\Users\UKGC\Desktop\AdwCleaner.exe
2014-02-07 15:03 - 2014-02-07 15:03 - 00000894 _____ () C:\Users\UKGC\Desktop\JRT.txt
2014-02-07 14:59 - 2014-02-07 14:59 - 00000000 ____D () C:\Windows\ERUNT
2014-02-07 14:56 - 2014-02-07 14:57 - 01037530 _____ (Thisisu) C:\Users\UKGC\Desktop\JRT.exe
2014-02-07 14:37 - 2014-02-07 14:56 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-07 14:37 - 2014-02-07 14:37 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-07 14:36 - 2014-02-07 14:37 - 00000000 ____D () C:\Users\UKGC\Desktop\Mbar
2014-02-06 15:31 - 2014-02-06 15:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-06 14:53 - 2014-02-06 14:53 - 00001550 _____ () C:\Users\UKGC\Desktop\RKreport[0]_S_02062014_145306.txt
2014-02-06 14:51 - 2014-02-06 14:53 - 00000000 ____D () C:\Users\UKGC\Desktop\RK_Quarantine
2014-02-06 14:49 - 2014-02-06 14:49 - 04380160 _____ () C:\Users\UKGC\Desktop\RogueKillerX64.exe
2014-02-06 14:48 - 2014-02-06 14:48 - 00000000 ____D () C:\Users\UKGC\Desktop\ERUNT Backup
2014-02-06 14:47 - 2014-02-06 14:47 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-02-06 14:44 - 2014-02-06 14:46 - 00002038 _____ () C:\Users\UKGC\Desktop\Rkill.txt
2014-02-06 14:44 - 2014-02-06 14:44 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\UKGC\Desktop\rkill.exe
2014-02-05 20:49 - 2014-02-05 20:49 - 03544968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-03 17:38 - 2014-02-03 17:48 - 00000000 ____D () C:\Users\UKGC\Documents\Hardware Monitor
2014-02-02 22:16 - 2014-02-02 22:16 - 00018954 _____ () C:\Users\UKGC\Desktop\dds.txt
2014-02-02 22:16 - 2014-02-02 22:16 - 00009092 _____ () C:\Users\UKGC\Desktop\attach.txt
2014-02-02 22:10 - 2014-02-02 22:10 - 00688992 ____R (Swearware) C:\Users\UKGC\Desktop\dds.scr
2014-02-02 11:58 - 2014-02-02 11:58 - 00000000 ____D () C:\Users\UKGC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THQ
2014-02-01 19:50 - 2014-02-01 19:50 - 00003544 ____N () C:\bootsqm.dat
2014-01-23 19:52 - 2013-12-27 18:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-23 19:52 - 2013-12-27 18:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-20 12:16 - 2014-01-25 20:08 - 00000106 _____ () C:\Users\UKGC\Desktop\JSA.txt
2014-01-18 20:40 - 2013-12-19 20:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-18 20:40 - 2013-12-19 20:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 00357152 _____ () C:\Windows\system32\NvIFROpenGL.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 00314656 _____ () C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-01-18 20:40 - 2013-12-19 20:33 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-01-18 20:40 - 2013-11-28 13:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-01-18 20:40 - 2013-11-28 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-01-18 20:40 - 2013-11-22 08:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-01-18 20:14 - 2014-01-18 20:14 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 20:14 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 20:14 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-18 20:14 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-18 20:14 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-15 20:18 - 2014-01-16 17:35 - 00000000 ____D () C:\Users\UKGC\Desktop\DeSmuME
2014-01-15 18:51 - 2013-11-27 01:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:51 - 2013-11-27 01:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:51 - 2013-11-27 01:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:51 - 2013-11-27 01:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:51 - 2013-11-27 01:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:51 - 2013-11-27 01:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:51 - 2013-11-27 01:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:51 - 2013-11-26 11:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:51 - 2013-11-26 10:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-08 23:15 - 2014-01-08 23:15 - 00000000 ____D () C:\Users\UKGC\AppData\Roaming\Rogue Legacy

==================== One Month Modified Files and Folders =======

2014-02-07 16:41 - 2014-02-07 16:41 - 00014728 _____ () C:\Users\UKGC\Desktop\FRST.txt
2014-02-07 16:41 - 2014-02-07 16:41 - 00000000 ____D () C:\FRST
2014-02-07 16:40 - 2014-02-07 16:40 - 02079744 _____ (Farbar) C:\Users\UKGC\Desktop\FRST64.exe
2014-02-07 16:40 - 2013-08-15 14:31 - 00000000 ____D () C:\Users\UKGC\AppData\Local\Battle.net
2014-02-07 15:49 - 2012-12-17 13:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-07 15:25 - 2014-02-07 15:25 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-07 15:21 - 2009-07-14 05:13 - 00778834 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-07 15:21 - 2009-07-14 04:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-07 15:21 - 2009-07-14 04:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-07 15:17 - 2012-05-02 11:38 - 01168600 _____ () C:\Windows\WindowsUpdate.log
2014-02-07 15:14 - 2014-02-07 15:14 - 00000827 _____ () C:\Users\UKGC\Desktop\AdwCleaner[s0].txt
2014-02-07 15:14 - 2012-05-02 11:53 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-07 15:14 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-07 15:14 - 2009-07-14 04:51 - 00099334 _____ () C:\Windows\setupact.log
2014-02-07 15:13 - 2013-06-22 16:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-07 15:12 - 2014-02-07 15:09 - 00000000 ____D () C:\AdwCleaner
2014-02-07 15:08 - 2014-02-07 15:08 - 01166132 _____ () C:\Users\UKGC\Desktop\AdwCleaner.exe
2014-02-07 15:03 - 2014-02-07 15:03 - 00000894 _____ () C:\Users\UKGC\Desktop\JRT.txt
2014-02-07 14:59 - 2014-02-07 14:59 - 00000000 ____D () C:\Windows\ERUNT
2014-02-07 14:57 - 2014-02-07 14:56 - 01037530 _____ (Thisisu) C:\Users\UKGC\Desktop\JRT.exe
2014-02-07 14:56 - 2014-02-07 14:37 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-07 14:37 - 2014-02-07 14:37 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-07 14:37 - 2014-02-07 14:36 - 00000000 ____D () C:\Users\UKGC\Desktop\Mbar
2014-02-07 03:43 - 2012-06-23 16:56 - 00000000 ____D () C:\Users\UKGC\AppData\Roaming\Skype
2014-02-07 02:00 - 2012-06-03 12:07 - 00000000 ____D () C:\Users\UKGC\AppData\Local\Adobe
2014-02-06 15:31 - 2014-02-06 15:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-06 14:53 - 2014-02-06 14:53 - 00001550 _____ () C:\Users\UKGC\Desktop\RKreport[0]_S_02062014_145306.txt
2014-02-06 14:53 - 2014-02-06 14:51 - 00000000 ____D () C:\Users\UKGC\Desktop\RK_Quarantine
2014-02-06 14:49 - 2014-02-06 14:49 - 04380160 _____ () C:\Users\UKGC\Desktop\RogueKillerX64.exe
2014-02-06 14:48 - 2014-02-06 14:48 - 00000000 ____D () C:\Users\UKGC\Desktop\ERUNT Backup
2014-02-06 14:47 - 2014-02-06 14:47 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-02-06 14:46 - 2014-02-06 14:44 - 00002038 _____ () C:\Users\UKGC\Desktop\Rkill.txt
2014-02-06 14:44 - 2014-02-06 14:44 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\UKGC\Desktop\rkill.exe
2014-02-05 22:30 - 2013-10-30 17:08 - 00000000 ____D () C:\Users\UKGC\AppData\Local\Deployment
2014-02-05 20:49 - 2014-02-05 20:49 - 03544968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-05 20:49 - 2012-12-17 13:33 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 20:49 - 2012-05-02 11:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 20:49 - 2012-05-02 11:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 14:13 - 2013-12-01 22:57 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-03 17:48 - 2014-02-03 17:38 - 00000000 ____D () C:\Users\UKGC\Documents\Hardware Monitor
2014-02-02 22:16 - 2014-02-02 22:16 - 00018954 _____ () C:\Users\UKGC\Desktop\dds.txt
2014-02-02 22:16 - 2014-02-02 22:16 - 00009092 _____ () C:\Users\UKGC\Desktop\attach.txt
2014-02-02 22:10 - 2014-02-02 22:10 - 00688992 ____R (Swearware) C:\Users\UKGC\Desktop\dds.scr
2014-02-02 11:58 - 2014-02-02 11:58 - 00000000 ____D () C:\Users\UKGC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THQ
2014-02-01 19:50 - 2014-02-01 19:50 - 00003544 ____N () C:\bootsqm.dat
2014-02-01 17:25 - 2012-05-02 11:38 - 00000000 ____D () C:\Users\UKGC
2014-02-01 17:08 - 2009-07-14 04:45 - 01912032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-31 15:05 - 2012-12-01 11:24 - 00000000 ____D () C:\Users\UKGC\AppData\Roaming\vlc
2014-01-30 13:51 - 2012-05-08 08:42 - 00060712 _____ () C:\Users\UKGC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-30 11:46 - 2012-08-17 19:45 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-01-27 10:56 - 2012-05-02 12:30 - 00463023 _____ () C:\Windows\DirectX.log
2014-01-26 00:00 - 2013-01-26 19:41 - 00000000 ____D () C:\Users\UKGC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-25 20:08 - 2014-01-20 12:16 - 00000106 _____ () C:\Users\UKGC\Desktop\JSA.txt
2014-01-25 09:45 - 2013-03-07 21:16 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-01-25 09:45 - 2012-06-23 16:56 - 00000000 ____D () C:\ProgramData\Skype
2014-01-23 19:52 - 2012-05-02 11:53 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-21 02:53 - 2013-10-29 15:32 - 01179576 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-01-21 02:53 - 2013-10-29 15:32 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-01-19 03:07 - 2013-04-23 13:48 - 00001456 _____ () C:\Users\UKGC\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-01-19 02:16 - 2013-09-11 17:06 - 00000000 ____D () C:\Users\UKGC\Desktop\DX Files
2014-01-19 02:16 - 2012-08-24 08:09 - 00000000 ____D () C:\Users\UKGC\Documents\Movie Studio Platinum 12.0 Projects
2014-01-18 20:41 - 2012-05-02 11:53 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-01-18 20:18 - 2013-10-29 15:38 - 00000000 ____D () C:\Users\UKGC\AppData\Local\NVIDIA
2014-01-18 20:17 - 2013-11-13 14:42 - 00000000 ____D () C:\Users\UKGC\AppData\Local\NVIDIA Corporation
2014-01-18 20:17 - 2012-05-02 11:52 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-01-18 20:15 - 2013-09-28 04:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-18 20:14 - 2014-01-18 20:14 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 20:14 - 2013-09-28 04:03 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-18 04:38 - 2013-11-14 07:51 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-01-17 03:18 - 2013-12-02 03:20 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-01-17 03:18 - 2013-08-15 14:31 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-01-16 17:35 - 2014-01-15 20:18 - 00000000 ____D () C:\Users\UKGC\Desktop\DeSmuME
2014-01-16 15:35 - 2012-05-09 12:22 - 00000000 ____D () C:\Users\UKGC\Documents\my games
2014-01-16 03:02 - 2013-08-15 00:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 03:00 - 2012-05-02 12:07 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-08 23:15 - 2014-01-08 23:15 - 00000000 ____D () C:\Users\UKGC\AppData\Roaming\Rogue Legacy
2014-01-08 23:15 - 2013-01-27 21:17 - 00000000 ____D () C:\Users\UKGC\Documents\SavedGames
2014-01-08 18:33 - 2013-08-28 00:52 - 00000000 ____D () C:\Users\UKGC\Desktop\Stoof

Some content of TEMP:
====================
C:\Users\UKGC\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\UKGC\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\UKGC\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\UKGC\AppData\Local\Temp\Nexus%20Mod%20Manager-0.45.7.exe
C:\Users\UKGC\AppData\Local\Temp\ntdll_dump.dll
C:\Users\UKGC\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\UKGC\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\UKGC\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\UKGC\AppData\Local\Temp\nvStInst.exe
C:\Users\UKGC\AppData\Local\Temp\Quarantine.exe
C:\Users\UKGC\AppData\Local\Temp\SkypeSetup.exe
C:\Users\UKGC\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\UKGC\AppData\Local\Temp\vlc-2.0.7-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-30 11:08

==================== End Of Log ============================

 

 

Addition:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-02-2014
Ran by UKGC at 2014-02-07 16:41:37
Running from C:\Users\UKGC\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) (x32 Version: 10.1.9 - Adobe Systems Incorporated)
Apple Application Support (x32 Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
applicationupdater (HKCU Version:  - Sony Online Entertainment)
Arma 2 (x32 Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (x32 Version:  - Bohemia Interactive)
ARMA 2: Private Military Company - Data cache removal (x32 Version:  - )
Arma 2: Private Military Company (x32 Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.3.0 - Asmedia Technology)
Assassin's Creed Revelations (x32 Version:  - Ubisoft)
ASUS 802.11n WLAN Card Utilities & Driver (x32 Version: 1.00.0178 - REALTEK Semiconductor Corp.)
Autodesk 3ds Max 2012 64-bit - English (Version: 14.0 - Autodesk)
Autodesk 3ds Max 2012 64-bit - English (Version: 14.0 - Autodesk) Hidden
Autodesk Backburner 2012.0.0 (x32 Version: 2012.0.0 - Autodesk, Inc.)
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit (Version:  - Autodesk)
Autodesk Material Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
Autodesk SketchBook Pro 6 (x32 Version: 6.00.0000 - Autodesk)
AutoHotkey 1.0.48.05 (x32 Version: 1.0.48.05 - Chris Mallett)
avast! Free Antivirus (x32 Version: 9.0.2008 - Avast Software)
Bastion (x32 Version:  - Supergiant Games)
Battle.net (x32 Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (x32 Version:  - )
BattlEye Uninstall (x32 Version:  - )
Beyond Good & Evil (x32 Version:  - Ubisoft)
Bleed v1.1 (x32 Version:  - Bootdisk Revolution)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (x32 Version:  - Gearbox Software)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Composite 2012 64-bit (Version: 7.0.0 - Autodesk)
Curse Client (HKCU Version: 5.1.1.792 - Curse)
Dark Souls: Prepare to Die Edition (x32 Version:  - )
Diablo III (x32 Version:  - Blizzard Entertainment)
Dolby Digital Live Pack (x32 Version: 3.03 - Creative Technology Limited)
Dragon Age Awakening Redesigned (HKCU Version:  - )
Dragon Age Awakening Velanna Redesigned© (HKCU Version:  - )
Dragon Age II (x32 Version: 1.00 - Electronic Arts, Inc.)
Dragon Age Redesigned © Morrigan (HKCU Version:  - )
Dragon Age Redesigned- Leliana's Song (HKCU Version:  - )
Dragon Age Redesigned© (HKCU Version:  - )
Dragon Age Redesigned© Leliana (HKCU Version:  - )
Dragon Age Redesigned© Sten (HKCU Version:  - )
Dragon Age Redesigned© Wynne (HKCU Version:  - )
Dragon Age: Origins - Ultimate Edition (x32 Version:  - BioWare)
Dungeons of Dredmor (x32 Version:  - )
Dxtory version 2.0.123 (x32 Version: 2.0.123 - ExKode Co. Ltd.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ERUNT 1.1j (x32 Version:  - Lars Hederer)
F.lux (HKCU Version:  - )
Far Cry 3 (x32 Version: 1.05 - Ubisoft)
FINAL FANTASY VII (x32 Version:  - Square Enix)
Floris Mod Pack 2.54 (x32 Version:  - )
Fraps (remove only) (x32 Version:  - )
FTL: Faster Than Light (x32 Version:  - )
Full Combat Rebalance 2 version 1.2 (x32 Version: 1.2 - Andrzej Kwiatkowski)
gamelauncher-ps2-live (HKCU Version:  - Sony Online Entertainment)
gamelauncher-ps2-psg (HKCU Version:  - Sony Online Entertainment)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GraphicsGale FreeEdition version 2.03.19 (x32 Version:  - HUMANBALANCE Ltd.)
Guild Wars 2 (x32 Version:  - )
Hearthstone (x32 Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (x32 Version: 3.0.0.0 - Hi-Rez Studios)
Hotline Miami (x32 Version:  - )
iTunes (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Lagarith Lossless Codec (1.3.27) (x32 Version:  - )
Legend of Grimrock (x32 Version:  - )
Logitech Gaming Software (Version: 8.40.83 - Logitech Inc.) Hidden
Logitech Gaming Software 8.40 (Version: 8.40.83 - Logitech Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Mark of the Ninja (x32 Version:  - )
Mass Effect (x32 Version:  - BioWare)
Mass Effect™ 3 (x32 Version: 1.05.0.0 - Electronic Arts)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (x32 Version: 4.0.30901.0 - Microsoft Corporation)
Movie Studio Platinum 12.0 (64-bit) (Version: 12.0.756 - Sony)
Mozilla Firefox 27.0 (x86 en-US) (x32 Version: 27.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Mumble 1.2.3 (x32 Version: 1.2.3 - Thorvald Natvig)
My Game Long Name (Version:  - Epic Games, Inc.)
Nexus Mod Manager (Version: 0.46.0 - Black Tree Gaming)
NIF Utilities 3.7.3.265452180 for 3ds Max (Version:  - NIF File Format Library and Tools)
NVIDIA 3D Vision Controller Driver 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA Control Panel 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2 (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (Version: 1.2.20 - NVIDIA Corporation)
OpenAL (x32 Version:  - )
Origin (x32 Version: 9.3.1.4482 - Electronic Arts, Inc.)
Papers, Please (x32 Version:  - 3909)
Paranautical Activity (x32 Version:  - Code Avarice)
Path of Exile (x32 Version:  - Grinding Gear Games)
Portal 2 (x32 Version:  - Valve)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Psychonauts (x32 Version:  - Double Fine Productions)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (x32 Version: 7.49.927.2011 - Realtek)
Rogue Legacy (x32 Version:  - Cellar Door Games)
Scrolls (x32 Version: 1.0.0 - Mojang)
Scrolls (x32 Version: 1.0.0 - Mojang) Hidden
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Sound Blaster Recon3D PCIe (x32 Version: 1.00.09 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (x32 Version: 1.0 - Creative Technology Limited)
Stalker Complete 2009 v1.4.4 (x32 Version:  - )
Starbound (x32 Version:  - )
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Surgeon Simulator 2013 (x32 Version:  - Bossa Studios)
The Elder Scrolls V: Skyrim (x32 Version:  - Bethesda Game Studios)
The Stanley Parable (x32 Version:  - Galactic Cafe)
The Walking Dead (x32 Version:  - )
The Walking Dead: Season Two (x32 Version:  - Telltale Games)
The Witcher 2: Assassins of Kings Enhanced Edition (x32 Version:  - CD Projekt RED)
Torchlight II (x32 Version:  - )
Trine 2 (x32 Version:  - )
Ubisoft Game Launcher (x32 Version: 1.0.0.0 - UBISOFT)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Uplay (x32 Version: 2.0 - Ubisoft)
Ut Video Codec Suite (Version: 13.1.0 - UMEZAWA Takeshi)
VLC media player 2.0.7 (x32 Version: 2.0.7 - VideoLAN)
Wacom (Version: 5.3.2-1 - Wacom Technology Corp.)
Warcraft III (x32 Version:  - Blizzard Entertainment)
Warhammer 40,000: Dawn of War – Dark Crusade (x32 Version:  - Relic Entertainment)
Warhammer 40,000: Dawn of War - Game of the Year Edition (x32 Version:  - Relic Entertainment)
Warhammer 40,000: Dawn of War – Soulstorm (x32 Version:  - Relic Entertainment)
Warhammer 40,000: Dawn of War – Winter Assault (x32 Version:  - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (x32 Version:  - Relic Entertainment)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (Version: 2.1.0.2 - Wacom Technology Corp.)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.11 (32-bit) (x32 Version: 4.11.0 - win.rar GmbH)
World of Warcraft (x32 Version:  - Blizzard Entertainment)
XCOM: Enemy Unknown (x32 Version:  - Firaxis Games)

==================== Restore Points  =========================

27-01-2014 10:54:41 Installed DirectX
28-01-2014 17:25:15 Windows Update
04-02-2014 18:02:11 Windows Update

==================== Hosts content: ==========================

2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0E9756FE-4BFF-4C7A-A53A-667C33C7A862} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-01] (AVAST Software)
Task: {1513571B-DF9E-4A3A-9BEE-CFDAB5BF5F35} - System32\Tasks\{C18CEAE4-9B19-4113-90BB-68BEF1A02448} => Firefox.exe http://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsMain
Task: {344B8D5B-4216-4281-A059-085A766D562B} - System32\Tasks\{79514371-2918-4464-A03E-A18FEEF41F7A} => Firefox.exe http://ui.skype.com/ui/0/6.11.0.102/en/abandoninstall?page=tsProgressBar
Task: {4C38123B-1FE0-43BC-933B-A9E1E1D6BBDE} - System32\Tasks\XboxStatTask => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe [2009-09-30] (Microsoft Corporation)
Task: {8CEB519B-D97E-46D4-8489-827C0DBC3119} - System32\Tasks\{13728652-F70D-433A-A501-D1FCC8129A93} => Firefox.exe http://ui.skype.com/ui/0/5.10.0.114/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {99933892-FFE3-4EB7-9B77-B3CC92D26EE5} - System32\Tasks\AdobeAAMUpdater-1.0-UKGC-PC-UKGC => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {EDAE8396-9088-4ACD-9896-DC55ED05764F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-05-09 15:56 - 2012-02-17 19:55 - 00193536 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-07-03 14:06 - 2012-12-11 12:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-02-07 14:25 - 2014-02-07 10:42 - 02171904 _____ () C:\Program Files\AVAST Software\Avast\defs\14020700\algo.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-01 22:57 - 2013-12-01 22:57 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-06 15:31 - 2014-02-06 15:31 - 03583600 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-08 18:03 - 2013-12-12 22:19 - 00142848 _____ () C:\Games\Steam\libavresample-1.dll
2014-01-08 18:03 - 2013-11-05 01:12 - 00890592 _____ () C:\Games\Steam\libavutil-52.dll
2013-11-02 22:53 - 2014-01-10 23:33 - 00717312 _____ () C:\Games\Steam\SDL2.dll
2013-11-02 22:53 - 2014-01-27 19:02 - 01138088 _____ () C:\Games\Steam\bin\chromehtml.DLL
2013-11-02 22:53 - 2014-01-10 23:33 - 20625832 _____ () C:\Games\Steam\bin\libcef.dll
2013-11-02 22:53 - 2013-06-14 23:49 - 01100800 _____ () C:\Games\Steam\bin\avcodec-53.dll
2013-11-02 22:53 - 2013-06-14 23:49 - 00124416 _____ () C:\Games\Steam\bin\avutil-51.dll
2013-11-02 22:53 - 2013-06-14 23:49 - 00192000 _____ () C:\Games\Steam\bin\avformat-53.dll
2014-02-05 20:49 - 2014-02-05 20:49 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/07/2014 03:25:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/07/2014 03:25:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/07/2014 03:25:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/07/2014 03:25:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/07/2014 03:23:00 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (02/07/2014 03:15:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (02/07/2014 03:25:29 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\UKGC\Desktop\esetsmartinstaller_enu.exe

Error: (02/07/2014 03:25:18 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\UKGC\Desktop\esetsmartinstaller_enu.exe

Error: (02/07/2014 03:25:18 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\UKGC\Desktop\esetsmartinstaller_enu.exe

Error: (02/07/2014 03:25:13 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\UKGC\Desktop\esetsmartinstaller_enu.exe

Error: (02/07/2014 03:23:00 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (02/07/2014 03:15:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 34%
Total physical RAM: 8173.2 MB
Available physical RAM: 5358.4 MB
Total Pagefile: 16344.57 MB
Available Pagefile: 13432.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:428.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: CE40F4DA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

 

 

Thanks,

 

Kaathe

Link to post
Share on other sites

  • Root Admin

Please run a Full Disk Check on your system drive.  If needed here are some links on how to run a Disk Check.

On Windows 7 the disk check log is in the Event Logs under Application with a heading source of  Wininit

How to Run Disk Check in Windows 7

How to Run Check Disk at Startup in Vista or Windows 7

 

Link to post
Share on other sites

Here is the chkdsk log:

 

 

 

TimeCreated : 08/02/2014 17:31:07
Message     :
              
              Checking file system on C:
              The type of the file system is NTFS.
              
              A disk check has been scheduled.
              Windows will now check the disk.                         
              
              CHKDSK is verifying files (stage 1 of 5)...
                427264 file records processed.                                 
                      
              File verification completed.
                1826 large file records processed.                             
                    
                0 bad file records processed.                                  
                 
                0 EA records processed.                                        
                 
                44 reparse records processed.                                  
                  
              CHKDSK is verifying indexes (stage 2 of 5)...
                516686 index entries processed.                                
                      
              Index verification completed.
                0 unindexed files scanned.                                     
                 
                0 unindexed files recovered.                                   
                 
              CHKDSK is verifying security descriptors (stage 3 of 5)...
                427264 file SDs/SIDs processed.                                
                      
              Cleaning up 29 unused index entries from index $SII of file 0x9.
              Cleaning up 29 unused index entries from index $SDH of file 0x9.
              Cleaning up 29 unused security descriptors.
              Security descriptor verification completed.
                44712 data files processed.                                    
                     
              CHKDSK is verifying Usn Journal...
                34960920 USN bytes processed.                                  
                        
              Usn Journal verification completed.
              CHKDSK is verifying file data (stage 4 of 5)...
                427248 files processed.                                        
                      
              File data verification completed.
              CHKDSK is verifying free space (stage 5 of 5)...
                112092699 free clusters processed.                             
                         
              Free space verification is complete.
              Windows has checked the file system and found no problems.
              
               976657407 KB total disk space.
               527548388 KB in 345853 files.
                  179320 KB in 44713 indexes.
                      16 KB in bad sectors.
                  558887 KB in use by the system.
                   65536 KB occupied by the log file.
               448370796 KB available on disk.
              
                    4096 bytes in each allocation unit.
               244164351 total allocation units on disk.
               112092699 allocation units available on disk.
              
              Internal Info:
              00 85 06 00 b2 f5 05 00 52 d1 0a 00 00 00 00 00  ........R.......
              68 04 00 00 2c 00 00 00 00 00 00 00 00 00 00 00  h...,...........
              00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
              
              Windows has finished checking your disk.
              Please wait while your computer restarts.

 

 

 

Thanks

Link to post
Share on other sites

Here is the log:

 

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.08.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
UKGC :: UKGC-PC [administrator]

08/02/2014 22:27:50
mbam-log-2014-02-08 (22-27-50).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 222118
Time elapsed: 6 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

 

 

Thanks

Link to post
Share on other sites

  • Root Admin

Great, that's good news.

 

At this time there are no more signs of an infection on your system.
However if you are still seeing any signs of an infection please let me know.

Let's go ahead and remove the tools and logs we've used during this process.

Most of the tools used are potentially dangerous to use unsupervised or if ran at the wrong time.
They are often updated daily so if you went to use them again in the future they would be outdated anyways.

The following procedures will implement some cleanup procedures to remove these tools.
It will also reset your System Restore by flushing out previous restore points and create a new restore point.
It will also remove all the backups our tools may have created.

Uninstall ComboFix (if used):

  • Turn off all active protection software including your antivirus.
  • Push the "Windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • Please copy and past the following into the box ComboFix /Uninstall and click OK.
  • Note the space between the X and the /Uninstall, it needs to be there.

CF-Uninstall.png

 
Remove the rest of the tools used:
 
Please download
OTCleanIt
and save it to your Desktop. This tool will remove all the tools we used to clean your pc.

  • Double-click OTCleanIt.exe.
  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes, if not go ahead and delete it by yourself.
  • If asked to restart the computer, please do so


Note:

If you receive a warning from your firewall or other security programs regarding
OTCleanIt
attempting to contact the internet, please allow it to do so.


AdwCleaner Removal:
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes

ESET antivirus Removal:
  • This tool can be uninstalled via the Control Panel, Programs, Uninstall


 
 
If there are any other left over Folders, Files, Logs then you can delete them on your own.
 
Please visit the following link to see how to delete old System Restore Points. Please delete all of them and create a new one at this time.
How to Delete System Protection Restore Points in Windows 7 and Windows 8

Remove all but the most recent Restore Point on Windows XP


As Java seems to get exploited on a regular basis I advise not using Java if possible but to at least disable java in your web browsers
How do I disable Java in my web browser? - Disable Java

A lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data.
Nothing is 100% bulletproof but with a little bit of education you can certainly swing things in your favor.


If you're not currently using Malwarebytes PRO then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection.

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.