Jump to content

BSoD Error, potentially caused by MWB..?


Storm

Recommended Posts

Not really sure what's up with this. My PC got the same BSoD while playing a game around 4 times today. I have an SSD, so was able to reboot and hop right back into said game. After I close the game, I begin to browse a few websites. I get the BSoD again. Come back from dinner, it happens again. I hopped onto google, hoping to find a solution to said error, and the error that I found was supposedly caused by MWB..? I booted into Safemode, uninstalled mwb, and I seem to be running fine now and have been for the past hour or so? I'm an avid mwb user, and definitely don't want to uninstall it permanently. Are there any solutions fix this?

 

Picture of the error: (Soon to be uploaded shortly, phone weirded out on me)

 

PC Specs and Operating System: ucHmbVz.png

 

Thanks in advance for any help I can get on this. Please let me know if I need to post the dump logs. 

 

BAD_POOL_HEADER

 

Technical Information:

*** STOP: 0x00000019 (0x0000000000000020,0xFFFFFA8009A68100,0xFFFFFA8009A68120,0x0000000004020010)

Edited by AdvancedSetup
placed image inline
Link to post
Share on other sites

Hey, here are my logs.

FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2015 01

Ran by J (administrator) on LONGSPEAK on 04-02-2015 21:33:25

Running from C:\Users\J\Downloads

Loaded Profiles: J (Available profiles: J)

Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 8 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() C:\Windows\DAODx.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Spotify Ltd) C:\Users\J\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

() C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

(ShareX Developers) C:\Program Files\ShareX\ShareX.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe

(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-15] (NVIDIA Corporation)

HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)

HKU\S-1-5-21-1053089240-525954451-3889578908-1000\...\Run: [MultiWall] => "C:\Program Files (x86)\MultiWall\MultiWall.exe" -hide

HKU\S-1-5-21-1053089240-525954451-3889578908-1000\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1942720 2015-01-23] (Valve Corporation)

HKU\S-1-5-21-1053089240-525954451-3889578908-1000\...\Run: [spotify Web Helper] => C:\Users\J\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-28] (Spotify Ltd)

HKU\S-1-5-21-1053089240-525954451-3889578908-1000\...\Run: [GoogleChromeAutoLaunch_EC7D443C1E63C91CE213351B75D9A2A3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-01-26] (Google Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk

ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe ()

Startup: C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk

ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Developers)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1053089240-525954451-3889578908-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:

========

FF ProfilePath: C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\qgxufpbr.default

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF Extension: Tamper Data - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\qgxufpbr.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2015-02-02]

Chrome:

=======

CHR Profile: C:\Users\J\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-28]

CHR Extension: (Google Docs) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-28]

CHR Extension: (Google Drive) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-28]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-28]

CHR Extension: (YouTube) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-28]

CHR Extension: (Adblock Plus) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-28]

CHR Extension: (Steam inventory helper) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-01-15]

CHR Extension: (Google Search) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-28]

CHR Extension: (AdBlock) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-28]

CHR Extension: (Reddit Enhancement Suite) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-12-28]

CHR Extension: (Geometry Theme) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhcfkokkfkkdhmnfeoeidaoleemdgmap [2014-12-28]

CHR Extension: (Google Wallet) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-28]

CHR Extension: (Gmail) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-28]

CHR Extension: (Reddit Trading Flair Linker Enhanced) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnahghpneiabcncanmccahgloopbbbgp [2014-12-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 celavimushost; C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [123096 2015-01-16] (altPUG LLC)

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-15] (NVIDIA Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-15] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-15] (NVIDIA Corporation)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)

S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)

R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-04] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-15] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)

S3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [25088 2015-02-02] (SteelSeries ApS)

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-04 21:33 - 2015-02-04 21:33 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-02-04 21:33 - 2015-02-04 21:33 - 00011592 _____ () C:\Users\J\Downloads\FRST.txt

2015-02-04 21:33 - 2015-02-04 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-02-04 21:33 - 2015-02-04 21:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-02-04 21:33 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-02-04 21:33 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-02-04 21:33 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2015-02-04 21:31 - 2015-02-04 21:31 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\J\Downloads\mbam-setup-2.0.4.1028.exe

2015-02-04 21:29 - 2015-02-04 21:33 - 00000000 ____D () C:\FRST

2015-02-04 21:28 - 2015-02-04 21:28 - 02131968 _____ (Farbar) C:\Users\J\Downloads\FRST64.exe

2015-02-04 21:28 - 2015-02-04 21:28 - 01682416 _____ (Malwarebytes Corporation) C:\Users\J\Desktop\mbam-check-2.1.1.1001.exe

2015-02-04 19:58 - 2015-02-04 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy

2015-02-04 19:58 - 2015-02-04 19:58 - 00000000 ____D () C:\Program Files\Speccy

2015-02-03 18:27 - 2015-02-03 18:28 - 01333493 _____ () C:\Users\J\Documents\wat.wmv

2015-02-03 15:43 - 2015-02-03 15:43 - 00081075 _____ () C:\Users\J\Desktop\cfg.zip

2015-02-02 14:39 - 2015-02-02 14:39 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-02-02 14:39 - 2015-02-02 14:39 - 00000000 ____D () C:\Users\J\AppData\Roaming\Mozilla

2015-02-02 14:39 - 2015-02-02 14:39 - 00000000 ____D () C:\Users\J\AppData\Local\Mozilla

2015-02-02 14:39 - 2015-02-02 14:39 - 00000000 ____D () C:\ProgramData\Mozilla

2015-02-02 14:39 - 2015-02-02 14:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2015-02-02 14:39 - 2015-02-02 14:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2015-02-02 13:11 - 2015-02-02 13:11 - 00000054 _____ () C:\Users\J\Desktop\cs.txt

2015-02-02 08:12 - 2015-02-02 08:12 - 00025088 _____ (SteelSeries ApS) C:\Windows\system32\Drivers\ssdevfactory.sys

2015-02-01 15:34 - 2015-02-01 16:03 - 336007419 _____ () C:\Users\J\Documents\funny mm.wmv

2015-02-01 15:12 - 2015-02-01 15:29 - 225023119 _____ () C:\Users\J\Documents\case opening.wmv

2015-02-01 15:07 - 2015-02-01 15:12 - 45965823 _____ () C:\Users\J\Documents\tradeup.wmv

2015-02-01 15:04 - 2015-02-01 15:04 - 00014392 _____ () C:\Users\J\Documents\tradeup.veg

2015-01-31 18:58 - 2015-02-03 16:18 - 00001055 _____ () C:\Users\J\Desktop\store.txt

2015-01-29 16:39 - 2015-02-01 15:05 - 00012192 _____ () C:\Users\J\Documents\case opening.veg

2015-01-29 16:39 - 2015-01-29 16:39 - 00011544 _____ () C:\Users\J\Documents\case opening.veg.bak

2015-01-27 17:42 - 2015-01-27 17:48 - 85885979 _____ () C:\Users\J\Documents\00000001.restored.wmv

2015-01-27 17:25 - 2015-01-27 17:29 - 83821979 _____ () C:\Users\J\Documents\swag.wmv

2015-01-25 18:03 - 2015-01-25 18:03 - 00000000 ____D () C:\Windows\pss

2015-01-25 16:52 - 2015-01-25 16:52 - 00007601 _____ () C:\Users\J\AppData\Local\Resmon.ResmonCfg

2015-01-20 15:18 - 2014-05-14 09:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-01-20 15:18 - 2014-05-14 09:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-01-20 15:18 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-01-20 15:18 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-01-20 15:18 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-01-20 15:18 - 2014-05-14 09:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-01-20 15:18 - 2014-05-14 09:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-01-20 15:18 - 2014-05-14 09:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-01-20 15:18 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-01-20 15:18 - 2014-05-14 09:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-01-20 15:18 - 2014-05-14 09:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-01-20 15:18 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-01-20 15:18 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-01-20 15:18 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-01-18 22:09 - 2015-01-18 17:45 - 26775758 _____ () C:\Users\J\Desktop\ponchonacho_d2_63000_nova ace.dem

2015-01-18 15:23 - 2015-01-18 15:23 - 00000000 ____D () C:\Users\J\AppData\Roaming\Sony Creative Software Inc

2015-01-16 22:41 - 2015-01-16 22:41 - 00000000 ____D () C:\ProgramData\Celavimus

2015-01-16 22:40 - 2015-01-16 22:40 - 00001197 _____ () C:\Users\Public\Desktop\CEVO Client (CSGO).lnk

2015-01-16 22:40 - 2015-01-16 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client

2015-01-16 22:40 - 2015-01-16 22:40 - 00000000 ____D () C:\Program Files (x86)\CEVO

2015-01-13 16:15 - 2015-01-13 16:15 - 603489897 _____ () C:\Windows\MEMORY.DMP

2015-01-13 16:13 - 2015-01-13 16:13 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf

2015-01-13 16:13 - 2015-01-13 16:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ssdevfactory_01011.Wdf

2015-01-13 16:13 - 2015-01-13 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries

2015-01-13 16:13 - 2012-07-25 21:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

2015-01-13 16:13 - 2012-07-25 21:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys

2015-01-13 16:13 - 2012-07-25 19:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll

2015-01-13 16:13 - 2012-06-02 07:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

2015-01-13 16:12 - 2015-01-13 16:12 - 00000000 ____D () C:\Users\ADMINI~1

2015-01-12 18:44 - 2015-01-12 18:57 - 181054681 _____ () C:\Users\J\Desktop\mm.wmv

2015-01-11 21:41 - 2015-01-11 21:41 - 00000000 ____D () C:\Users\J\AppData\Roaming\InstallShield

2015-01-11 21:41 - 2015-01-11 21:41 - 00000000 ____D () C:\ProgramData\InstallShield

2015-01-11 21:41 - 2015-01-11 21:41 - 00000000 ____D () C:\ProgramData\Brother

2015-01-11 21:37 - 2015-01-13 16:12 - 00029486 _____ () C:\Windows\DPINST.LOG

2015-01-11 17:08 - 2015-01-11 17:08 - 00006028 _____ () C:\Windows\system32\--traceoff

2015-01-11 17:08 - 2015-01-11 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

2015-01-11 17:08 - 2015-01-11 17:08 - 00000000 _____ () C:\Windows\system32\--debugoff

2015-01-11 17:07 - 2015-01-11 17:07 - 00000000 ____D () C:\ProgramData\Sony

2015-01-11 17:07 - 2015-01-11 17:07 - 00000000 ____D () C:\Program Files\Sony

2015-01-09 19:43 - 2015-02-04 19:41 - 00424078 _____ () C:\Windows\PFRO.log

2015-01-09 19:43 - 2015-02-04 19:41 - 00016493 _____ () C:\Windows\setupact.log

2015-01-09 19:43 - 2015-01-09 19:43 - 00000000 _____ () C:\Windows\setuperr.log

2015-01-09 17:09 - 2015-01-11 17:00 - 00000000 ____D () C:\Program Files (x86)\Sony

2015-01-09 17:04 - 2015-01-09 17:10 - 00002576 _____ () C:\Users\J\Documents\Vegas.htm

2015-01-09 17:00 - 2015-01-09 17:00 - 00000000 ____D () C:\Users\J\AppData\Roaming\Publish Providers

2015-01-09 16:55 - 2015-01-09 16:55 - 00000000 ____D () C:\Windows\system32\appmgmt

2015-01-09 16:49 - 2015-01-11 17:07 - 00000000 ____D () C:\Users\J\AppData\Local\Sony

2015-01-09 16:48 - 2015-01-11 17:26 - 00000000 ____D () C:\Users\J\AppData\Roaming\Sony

2015-01-09 16:32 - 2015-02-04 19:36 - 00000000 ____D () C:\Users\J\AppData\Roaming\uTorrent

2015-01-09 16:32 - 2015-01-09 16:32 - 00000000 ____D () C:\ProgramData\APN

2015-01-09 15:44 - 2015-01-09 15:44 - 00000000 ____D () C:\Windows\Minidump

2015-01-07 20:29 - 2015-01-07 20:29 - 00002764 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC

2015-01-07 20:29 - 2015-01-07 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2015-01-07 20:29 - 2015-01-07 20:29 - 00000000 ____D () C:\Program Files\CCleaner

2015-01-07 16:37 - 2015-01-24 11:57 - 00000000 ____D () C:\Users\J\AppData\Roaming\OBS

2015-01-07 16:37 - 2015-01-24 11:53 - 00000000 ____D () C:\Program Files (x86)\OBS

2015-01-07 16:37 - 2015-01-07 16:37 - 00000935 _____ () C:\Users\J\Desktop\Open Broadcaster Software.lnk

2015-01-07 16:37 - 2015-01-07 16:37 - 00000000 ____D () C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software

2015-01-07 16:37 - 2015-01-07 16:37 - 00000000 ____D () C:\Program Files\OBS

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-04 21:18 - 2014-12-28 13:01 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-02-04 21:18 - 2014-12-28 13:01 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-02-04 20:23 - 2014-12-28 13:08 - 00000000 ____D () C:\Program Files (x86)\Steam

2015-02-04 19:48 - 2009-07-13 21:45 - 00021648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-02-04 19:48 - 2009-07-13 21:45 - 00021648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-02-04 19:47 - 2009-07-13 22:13 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-02-04 19:44 - 2014-12-28 12:45 - 01990642 _____ () C:\Windows\WindowsUpdate.log

2015-02-04 19:41 - 2014-12-28 13:14 - 00000000 ____D () C:\ProgramData\NVIDIA

2015-02-04 19:41 - 2014-12-28 13:03 - 00000000 ____D () C:\ProgramData\AVAST Software

2015-02-04 19:41 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-02-04 18:32 - 2014-12-28 13:17 - 00000000 ____D () C:\Users\J\AppData\Roaming\Skype

2015-02-04 17:21 - 2014-12-28 15:54 - 00000000 ____D () C:\Users\J\AppData\Roaming\TS3Client

2015-02-04 16:23 - 2015-01-04 18:58 - 00000000 ____D () C:\Users\J\AppData\Roaming\.minecraft

2015-02-03 21:13 - 2014-12-28 13:01 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-02-03 21:13 - 2014-12-28 13:01 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-02-03 18:18 - 2014-12-28 13:32 - 00000000 ____D () C:\Users\J\Documents\ShareX

2015-02-03 15:20 - 2014-12-28 13:23 - 00000000 ____D () C:\Users\J\AppData\Local\SteelSeries Engine 3 Client

2015-02-03 15:16 - 2014-12-28 13:04 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update

2015-02-02 17:08 - 2015-01-04 18:57 - 00000000 ____D () C:\Program Files (x86)\Minecraft

2015-02-01 09:49 - 2014-12-28 13:39 - 00000000 ____D () C:\Users\J\AppData\Roaming\Spotify

2015-01-27 15:15 - 2014-12-28 16:50 - 00000000 ____D () C:\Users\J\AppData\Local\Spotify

2015-01-24 13:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache

2015-01-20 18:40 - 2014-12-28 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX

2015-01-20 18:40 - 2014-12-28 13:31 - 00000000 ____D () C:\Program Files\ShareX

2015-01-16 22:40 - 2014-12-30 09:23 - 00000000 ____D () C:\ProgramData\Package Cache

2015-01-15 23:41 - 2014-12-28 13:07 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll

2015-01-15 23:41 - 2014-12-28 13:07 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2015-01-15 23:41 - 2014-12-28 13:07 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll

2015-01-15 23:41 - 2014-12-28 13:07 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2015-01-12 15:16 - 2014-12-28 12:44 - 00000000 ____D () C:\Users\J

2015-01-09 17:00 - 2015-01-04 18:59 - 00000000 ____D () C:\Users\J\AppData\Roaming\NVIDIA

2015-01-07 20:29 - 2014-12-28 13:39 - 00000000 ____D () C:\Windows\Panther

2015-01-07 17:45 - 2014-12-30 19:30 - 00000000 ____D () C:\Users\J\AppData\Roaming\Mumble

2015-01-06 15:35 - 2014-12-30 09:23 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys

==================== Files in the root of some directories =======

2015-01-25 16:52 - 2015-01-25 16:52 - 0007601 _____ () C:\Users\J\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:

====================

C:\Users\J\AppData\Local\Temp\ShareX-9.6.0-setup.exe

C:\Users\J\AppData\Local\Temp\ShareX-9.6.1-setup.exe

C:\Users\J\AppData\Local\Temp\utt9B10.tmp.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-24 12:58

==================== End Of Log ============================

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2015 01

Ran by J at 2015-02-04 21:33:48

Running from C:\Users\J\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)

CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )

Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)

Google Chrome (HKLM-x32\...\{C3FF5ACB-174A-3E07-AE2A-62063FBCC9B1}) (Version: 66.30.49247 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden

Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang)

Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)

NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)

NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)

NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)

NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)

ShareX 9.6.1 (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 9.6.1 - ShareX Developers)

SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden

Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)

Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)

Spotify (HKU\S-1-5-21-1053089240-525954451-3889578908-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

SteelSeries Engine 3.3.3 (HKLM\...\SteelSeries Engine 3) (Version: 3.3.3 - SteelSeries ApS)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)

TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)

Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)

WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

27-12-2014 21:05:54 Removed Samsung Data Migration

27-12-2014 21:08:49 Installed Samsung Data Migration

27-12-2014 21:13:06 Installed Samsung Data Migration

27-12-2014 21:17:58 Installed Acronis Migrate Easy

03-02-2015 15:20:05 Installed DirectX

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {5ED88605-5684-4C07-A48C-B94E2407058D} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-29] ()

Task: {85FB9960-B26F-42D2-A20A-A89ACD3CC9B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-28] (Google Inc.)

Task: {AFE9E5C3-2A0A-457E-995B-C10264BC757C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

Task: {EA1F9952-58E2-4057-969A-835946EF88BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-28] (Google Inc.)

Task: {FF78DA04-A77E-4308-9288-FDD332D72D9B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-12-28 13:13 - 2014-12-13 01:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2009-03-29 23:32 - 2009-03-29 23:32 - 00032768 ____R () C:\Windows\DAODx.exe

2014-09-18 00:23 - 2014-09-18 00:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll

2014-10-14 11:51 - 2014-10-14 11:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll

2014-09-18 00:23 - 2014-09-18 00:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll

2014-10-14 11:51 - 2014-10-14 11:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll

2015-02-02 09:48 - 2015-02-02 09:48 - 17833984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

2015-01-03 10:28 - 2015-01-03 10:28 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\x2api.dll

2014-12-28 13:07 - 2015-01-15 23:42 - 00715080 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll

2014-12-28 13:07 - 2015-01-15 23:42 - 00854344 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll

2014-12-28 13:09 - 2014-12-01 14:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll

2014-12-28 13:09 - 2014-12-01 14:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll

2014-12-28 13:09 - 2014-12-01 14:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll

2014-12-28 13:09 - 2014-12-01 14:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll

2014-12-28 13:09 - 2014-11-11 11:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll

2014-12-28 13:22 - 2014-12-01 17:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll

2014-12-28 13:13 - 2014-12-01 17:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll

2014-12-28 13:13 - 2014-12-01 17:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll

2014-12-28 13:09 - 2015-01-23 15:34 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll

2014-12-28 13:09 - 2014-12-01 14:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll

2014-12-28 13:09 - 2015-01-23 15:33 - 00696512 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL

2015-02-03 16:15 - 2015-01-26 20:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libglesv2.dll

2015-02-03 16:15 - 2015-01-26 20:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libegl.dll

2015-02-03 16:15 - 2015-01-26 20:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\pdf.dll

2014-12-28 13:09 - 2015-01-15 16:42 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

2014-12-28 13:09 - 2015-01-15 16:42 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1053089240-525954451-3889578908-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\J\AppData\Local\GNE\DualWallpaper\DualWallpaper.bmp

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^J^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Folding@home.lnk => C:\Windows\pss\Folding@home.lnk.Startup

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

MSCONFIG\startupreg: Spotify => "C:\Users\J\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart

MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\J\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-1053089240-525954451-3889578908-500 - Administrator - Disabled)

Guest (S-1-5-21-1053089240-525954451-3889578908-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1053089240-525954451-3889578908-1002 - Limited - Enabled)

J (S-1-5-21-1053089240-525954451-3889578908-1000 - Administrator - Enabled) => C:\Users\J

==================== Faulty Device Manager Devices =============

Name: Network Controller

Description: Network Controller

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Universal Serial Bus (USB) Controller

Description: Universal Serial Bus (USB) Controller

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Universal Serial Bus (USB) Controller

Description: Universal Serial Bus (USB) Controller

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:

==================

Error: (02/04/2015 07:43:10 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 07:37:16 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 07:36:43 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: Failed to create restore point (Process = C:\Program Files\AVAST Software\Avast\Setup\Instup.exe Files\AVAST Software\Avast\Setup\Instup.exe" /control_panel /instop:uninstall; Description = avast! antivirus system restore point; Error = 0x8007043c).

Error: (02/04/2015 07:25:50 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 07:07:20 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 06:55:59 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 06:44:59 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 06:34:03 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 05:02:13 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Steam.exe, version: 2.59.12.64, time stamp: 0x54c2c1a7

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x56ff8b90

Faulting process id: 0x6c0

Faulting application start time: 0xSteam.exe0

Faulting application path: Steam.exe1

Faulting module path: Steam.exe2

Report Id: Steam.exe3

Error: (02/04/2015 03:13:17 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:

=============

Error: (02/04/2015 09:24:36 PM) (Source: atapi) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:24:36 PM) (Source: atapi) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:24:36 PM) (Source: atapi) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:24:36 PM) (Source: atapi) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:24:36 PM) (Source: atapi) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:24:36 PM) (Source: atapi) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:13:21 PM) (Source: atapi) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:13:21 PM) (Source: atapi) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:13:21 PM) (Source: atapi) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:13:21 PM) (Source: atapi) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort1.

Microsoft Office Sessions:

=========================

Error: (02/04/2015 07:43:10 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 07:37:16 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 07:36:43 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: C:\Program Files\AVAST Software\Avast\Setup\Instup.exe Files\AVAST Software\Avast\Setup\Instup.exe" /control_panel /instop:uninstallavast! antivirus system restore point0x8007043c

Error: (02/04/2015 07:25:50 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 07:07:20 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 06:55:59 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 06:44:59 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 06:34:03 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 05:02:13 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Steam.exe2.59.12.6454c2c1a7unknown0.0.0.000000000c000000556ff8b906c001d040c9af63352eC:\Program Files (x86)\Steam\Steam.exeunknown3c32631e-acca-11e4-bf2d-d850e6db3f54

Error: (02/04/2015 03:13:17 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

==================== Memory info ===========================

Processor: AMD FX-6300 Six-Core Processor

Percentage of memory in use: 36%

Total physical RAM: 8089.43 MB

Available physical RAM: 5108.26 MB

Total Pagefile: 16177.05 MB

Available Pagefile: 12385.93 MB

Total Virtual: 8192 MB

Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.66 GB) (Free:8.49 GB) NTFS

Drive d: () (Fixed) (Total:534.55 GB) (Free:445.81 GB) NTFS

Drive g: () (Removable) (Total:14.83 GB) (Free:8.99 GB) FAT32

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================

Disk: 1 (Size: 931.5 GB) (Disk ID: 314E5FD4)

Partition: GPT Partition Type.

========================================================

Disk: 2 (Size: 14.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Mbam-Check:

mbam-check result log version: 2.1.1.1001

========================================

User Account type: Administrator

OS: Windows 7 Service Pack 1 Service Pack 1 64 bit Operating System

Current Version and Build: 6.1.7601.0

Malwarebytes Anti-Malware: 2.0.4.1028

Installed On: 2015/02/04

Malware Database: 2015.02.05.01

Rootkit Database: 2015.02.03.01

Remediation Database: 2014.12.06.01

IP Database: 0000.00.00.00

Domain Database: 0000.00.00.00

License: Premium

Malware Protection: 4 (The service is running.)

Malicious Website Protection: 4 (The service is running.)

Chameleon: 4 (The service is running.)

Log Created: 2015/02/04 21:35:42

Compatibility Flag Settings:

=================================

Malwarebytes Anti-Malware Shell Extension Block Check:

======================================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:

MBAM Startup Entries:

=====================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Malwarebytes Anti-Malware Service and Driver Status:

=======================================================

--------------Driver File Info:--------------

C:\Windows\system32\drivers\mbam.sys

File Size: 25816 BYTES FileVersion: 0.1.15.0 MD5: [ca43f8904e24bbe49982e4c0b29e6579]

C:\Windows\system32\drivers\mwac.sys

File Size: 63704 BYTES FileVersion: 1.0.6.0 MD5: [a646c2ddb8c46e9b20a326faf566646c]

C:\Windows\system32\drivers\mbamswissarmy.sys

File Size: 129752 BYTES FileVersion: 0.2.13.0 MD5: [26c43960c99ee861a5d0edc4dcf3b1c3]

C:\Windows\system32\drivers\mbamchameleon.sys

File Size: 93400 BYTES FileVersion: 1.1.4.0 MD5: [478cc94c937d235cb0a96ab8f2359d81]

--------------MBAMProtector:--------------

Type: 2

State: 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE: 0

SERVICE_EXIT_CODE: 0

CHECKPOINT: 0

WAIT_HINT: 0

--------------MBAMService:--------------

Type: 16

State: 4 (The service is running.)

WIN32_EXIT_CODE: 0

SERVICE_EXIT_CODE: 0

CHECKPOINT: 0

WAIT_HINT: 0

--------------MBAMScheduler:--------------

Type: 16

State: 4 (The service is running.)

WIN32_EXIT_CODE: 0

SERVICE_EXIT_CODE: 0

CHECKPOINT: 0

WAIT_HINT: 0

--------------MBAMChameleon:--------------

Type: 2

State: 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE: 0

SERVICE_EXIT_CODE: 0

CHECKPOINT: 0

WAIT_HINT: 0

--------------MBAMWebAccessControl:--------------

Type: 2

State: 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE: 0

SERVICE_EXIT_CODE: 0

CHECKPOINT: 0

WAIT_HINT: 0

Required Dependencies:

======================

--------------BFE:--------------

Type: 32

State: 4 (The service is running.)

WIN32_EXIT_CODE: 0

SERVICE_EXIT_CODE: 0

CHECKPOINT: 0

WAIT_HINT: 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

DisplayName REG_SZ @%SystemRoot%\system32\bfe.dll,-1001

Group REG_SZ NetworkProvider

ImagePath REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork

Description REG_SZ @%SystemRoot%\system32\bfe.dll,-1002

ObjectName REG_SZ NT AUTHORITY\LocalService

ErrorControl REG_DWORD 1

Start REG_DWORD 2

Type REG_DWORD 32

DependOnService REG_MULTI_SZ RpcSs

ServiceSidType REG_DWORD 3

RequiredPrivileges REG_MULTI_SZ SeAuditPrivilege

FailureActions REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters

ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll

ServiceDllUnloadOnStop REG_DWORD 1

ServiceMain REG_SZ BfeServiceMain

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter

{dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data

{2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data

{2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data

{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data

{0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data

{12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data

{c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data

{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data

{074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data

{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data

{a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data

{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data

{935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data

{941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter

{dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data

{f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY Binary Data

{0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data

{12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data

{c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data

{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data

{4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY Binary Data

{be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY Binary Data

{716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY Binary Data

{1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY Binary Data

{07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY Binary Data

{5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY Binary Data

{b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY Binary Data

{0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY Binary Data

{074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data

{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data

{a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data

{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data

{91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY Binary Data

{64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY Binary Data

{13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY Binary Data

{cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY Binary Data

{2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data

{375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY Binary Data

{2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data

{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data

{b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY Binary Data

{3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY Binary Data

{935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data

{941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data

{b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY Binary Data

{d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY Binary Data

{8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY Binary Data

{4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY Binary Data

{3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY Binary Data

{17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY Binary Data

{567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY Binary Data

{4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY Binary Data

{3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider

{decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data

{4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data

{1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data

{aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data

{38b977e7-40a1-446a-bd7f-6ab5980c5d16}REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer

{b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data

{b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data

{b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data

{9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data

{9367171b-3264-4f09-a0e8-81b38c162f17}REG_BINARY Binary Data

--------------fltmgr:--------------

Type: 2

State: 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE: 0

SERVICE_EXIT_CODE: 0

CHECKPOINT: 0

WAIT_HINT: 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr

AttachWhenLoaded REG_DWORD 1

DisplayName REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001

Group REG_SZ FSFilter Infrastructure

ImagePath REG_EXPAND_SZ system32\drivers\fltmgr.sys

Description REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000

ErrorControl REG_DWORD 3

Start REG_DWORD 0

Tag REG_DWORD 1

Type REG_DWORD 2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum

0 REG_SZ Root\LEGACY_FLTMGR\0000

Count REG_DWORD 1

NextInstance REG_DWORD 1

C:\Windows\system32\drivers\fltmgr.sys

File Size: 289664 BYTES FileVersion: 6.1.7601.17514 MD5: [da6b67270fd9db3697b20fce94950741]

C:\Windows\SysWOW64\olepro32.dll

File Size: 90112 BYTES FileVersion: 6.1.7601.17514 MD5: [703ffd301ab900b047337c5d40fd6f96]

MBAM Registry Settings and License Info:

========================================

--------------Settings:--------------

Advanced:

AutomaticQuarantine: true

AutostartProtection: true

LimitedMode: false

LowPriorityScans: true

SelfProtection: true

StartSilentMode: false

StartupDelay: 0

ApplicationState:

First-Run-After-Installation: false

General:

DaysUntilNotifyExpiration: 5

Language: en

RightClickAccess: false

SilentErrors: false

Logging:

ExportLog: true

Notification:

ProtectionTray:

DisplayMilliseconds: 7000

ScanHistory:

Duration_Complete: 56823

Duration_Driver: 6874

Duration_Filesystem: 26

Duration_Heuristics: 178825

Duration_Loading: 0

Duration_MasterBootRecord: 371

Duration_Memory: 40000

Duration_PreScan: 11013

Duration_Registry: 9053

Duration_Sector: 0

Duration_Startup: 10393

ItemCount_Complete: 314594

ItemCount_Driver: 308

ItemCount_Filesystem: 31365

ItemCount_Heuristics: 10143

ItemCount_Loading: 0

ItemCount_MasterBootRecord: 3

ItemCount_Memory: 2797

ItemCount_PreScan: 11000

ItemCount_Registry: 567

ItemCount_Sector: 0

ItemCount_Startup: 1834

LastScanDateEpoch: 1422699621948

LastScanType: 1 (Threat Scan)

Update:

LastUpdate: 2015-02-05T04:33:19

NotifyInstallReady: true

NotifyOutdatedDatabase: 7

ProxyPassword:

ProxyPort: 0

ProxyServer:

ProxyUsername:

UseProxy: false

UseProxyAuthentication: false

--------------Account:--------------

Account Status: Premium

Expiration Time: 2035/01/07 20:33:04

Activation Time: 2015/01/07 20:33:04

Trial Used: false

--------------Access Policies:--------------

Scheduler Queue:

================

tasks:

1a62a6bd-2cd5-4dce-b895-cf684d322097:

parameters:

AutoDelete: false

CheckForUpdatesBeforeScanStart: true

ProcessLaunchedFromScheduler: true

ScanConfig:

ExitWhenQuarantineCompletes: false

ExportLog: true

FileSystemOption: true

Quarantine: Prompt

RebootSystemWhenMalwareDetected: false

ScanArchives: true

ScanExtra: true

ScanHeuristic: true

ScanMemoryObjects: true

ScanPUM: 2

ScanPUP: 2

ScanRegistry: true

ScanRootkits: false

ScanStartup: true

ScanTargets:

ScanType: 1 (Threat Scan)

Silent: true

StartTaskFromSystemAccount: false

TaskType: 0

triggers:

3a476c9c-3799-424e-889c-7140053e8176:

dateinterval: 1:0:0

lastscheduled: Wed, 04 Feb 2015 15:12:46.151620 -0700

lasttriggered: Wed, 04 Feb 2015 15:12:46.151620 -0700

nextscheduled: Thu, 05 Feb 2015 03:06:41 -0700

recovery: 23:00:00

start: Thu, 08 Jan 2015 03:13:05 -0700

timeinterval: 00:00:00

type: 4

uuid: 3a476c9c-3799-424e-889c-7140053e8176

type: scan

uuid: 1a62a6bd-2cd5-4dce-b895-cf684d322097

e77f54d1-7d1c-4b26-8ee3-8ae21b443175:

parameters:

NotifyWhenUpdateCompletes: true

ProcessLaunchedFromScheduler: true

TaskType: 3

triggers:

7d46fbad-031b-4b4b-a90a-03d39d5888e1:

dateinterval: 0:0:0

lastscheduled: Wed, 04 Feb 2015 21:01:57.706407 -0700

lasttriggered: Wed, 04 Feb 2015 19:09:45.711648 -0700

nextscheduled: Wed, 04 Feb 2015 22:01:57.706407 -0700

recovery: 00:00:00

start: Wed, 07 Jan 2015 21:01:57.706407 -0700

timeinterval: 01:00:00

type: 3

uuid: 7d46fbad-031b-4b4b-a90a-03d39d5888e1

type: update

uuid: e77f54d1-7d1c-4b26-8ee3-8ae21b443175

Pending File Rename Operations:

================================

If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.

Pending File Rename Operations:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\

PendingFileRenameOperations REG_MULTI_SZ \??\C:\Users\J\AppData\Local\Temp\nslD173.tmp\p\syschk.dll

MBAMProtector Registry Values:

==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector

Type REG_DWORD 2

Start REG_DWORD 3

ErrorControl REG_DWORD 1

ImagePath REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys

Group REG_SZ FSFilter Anti-Virus

DependOnService REG_MULTI_SZ FltMgr

WOW64 REG_DWORD 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances

DefaultInstance REG_SZ MBAMProtector Instance

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance

Altitude REG_SZ 328800

Flags REG_DWORD 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters

PassThruFile REG_SZ mbampt.exe

ProductPath REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum

0 REG_SZ Root\LEGACY_MBAMPROTECTOR\0000

Count REG_DWORD 1

NextInstance REG_DWORD 1

MBAMService Registry Values:

============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService

Type REG_DWORD 16

Start REG_DWORD 2

ErrorControl REG_DWORD 1

ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"

DependOnService REG_MULTI_SZ MBAMProtector

WOW64 REG_DWORD 1

ObjectName REG_SZ LocalSystem

Description REG_SZ Malwarebytes Anti-Malware service

DelayedAutostart REG_DWORD 0

MBAMScheduler Registry Values:

==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler

Type REG_DWORD 16

Start REG_DWORD 2

ErrorControl REG_DWORD 1

ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"

WOW64 REG_DWORD 1

ObjectName REG_SZ LocalSystem

Description REG_SZ Malwarebytes Anti-Malware scheduler

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:

===============================================================================

--------------TERMService:--------------

Type: 32

State: 1 (The service is not running.) (State is stopped)

WIN32_EXIT_CODE: 1077

SERVICE_EXIT_CODE: 0

CHECKPOINT: 0

WAIT_HINT: 0

TermService Start is set to: 3 (Manual Startup)

Proxy Status: No proxy is Set

Proxy Override:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\

ProxyOverride REG_SZ *.local

LAN Settings:

=============

only 'Automatically detect settings' is selected

SystemPartition:

================

HKEY_LOCAL_MACHINE\SYSTEM\Setup\

SystemPartition REG_SZ \Device\HarddiskVolume1

Balloon Tips Status:

====================

Enabled

Time Format Settings:

=====================

Should be:

h:mm:ss tt

AM

PM

:

Currently:

REG_SZ h:mm:ss tt

REG_SZ AM

REG_SZ PM

REG_SZ :

Language and Regional Settings:

===============================

ACP: Language is English (United States)

MACCP: Language is English (United States)

OEMCP: Language is English (United States)

Startup Folders for Error_Expanding_Variables Check:

====================================================

All Users Startup Folder Exists.

Current User's Startup Folder Exists.

Context Menu Entries:

=====================

List of MBAM Related Directories:

=================================

C:\Program Files (x86)\Malwarebytes Anti-Malware\

7z.dll File Size: 920888 BYTES FileVersion: 9.20.0.0 MD5: [067f8fee78dc960d6fc36d1d071913e8]

changes.txt File Size: 100 BYTES FileVersion: N/A MD5: [a4b1260d5fa0045146288698a3db62f0]

license.rtf File Size: 39478 BYTES FileVersion: N/A MD5: [8627b31943a534aad30d154c2b2c1aaf]

master.conf File Size: 1258 BYTES FileVersion: N/A MD5: [9702ca5e82d3756c6d8af34a2ababaea]

mbam.dll File Size: 579896 BYTES FileVersion: 1.0.16.0 MD5: [9605659224814baf5dc0b2c37a70b83c]

mbam.exe File Size: 7229752 BYTES FileVersion: 1.0.1.711 MD5: [3c13f26a4766752314a5413038bd86b4]

mbamcore.dll File Size: 1829176 BYTES FileVersion: 1.1.20.0 MD5: [b5de1455392f8aea137a79a539536086]

mbamdor.exe File Size: 54072 BYTES FileVersion: 1.0.1.0 MD5: [7bda05509585396989e523bede832e9b]

mbamext.dll File Size: 310584 BYTES FileVersion: 3.0.6.0 MD5: [62ea0c53933698aa29391c231af21bd0]

mbampt.exe File Size: 39736 BYTES FileVersion: 1.0.0.0 MD5: [6c6ced3ffd1b24b39ecdd7416694324d]

mbamscheduler.exe File Size: 1871160 BYTES FileVersion: 3.1.1.0 MD5: [0bb29de40c9d9529793dcdb59a43cf5b]

mbamservice.exe File Size: 969016 BYTES FileVersion: 3.0.8.1 MD5: [5f82d8188b370b0cf185d4ae2b9b4a0e]

mbamsrv.dll File Size: 4463928 BYTES FileVersion: 1.2.0.0 MD5: [5da6de166e1ca56638e931bfe631de53]

msvcp100.dll File Size: 421688 BYTES FileVersion: 10.0.40219.325 MD5: [e7a36dc43b2757bdad7f1ba934234834]

msvcr100.dll File Size: 774456 BYTES FileVersion: 10.0.40219.325 MD5: [cf5858509b748fe5cefe63d29289f7f3]

QtCore4.dll File Size: 2732856 BYTES FileVersion: 4.8.4.0 MD5: [82373bfed2c741677e22dccb16f29960]

QtGui4.dll File Size: 8575288 BYTES FileVersion: 4.8.4.0 MD5: [2c0fc2279552ff45ec0d7d9b113f8b92]

QtNetwork4.dll File Size: 909112 BYTES FileVersion: 4.8.4.0 MD5: [454b9f0364d41afa69690baebda01217]

unins000.dat File Size: 25783 BYTES FileVersion: N/A MD5: [a40d1f7d46dcd1a5d76b054bfb9261de]

unins000.exe File Size: 718037 BYTES FileVersion: 51.52.0.0 MD5: [d2796ecf50731e696f0c065d24c0827a]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\accessible

qtaccessiblewidgets4.dll File Size: 198968 BYTES FileVersion: 4.8.4.0 MD5: [9dc9f70942de132a762c974e7ee3bed6]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows

chameleon.chm File Size: 235882 BYTES FileVersion: N/A MD5: [c4190b71f037714aa77aba294434ba5b]

firefox.com File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12]

firefox.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12]

firefox.pif File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12]

firefox.scr File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12]

iexplore.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12]

mbam-chameleon.com File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12]

mbam-chameleon.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12]

mbam-chameleon.pif File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12]

mbam-chameleon.scr File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12]

mbam-killer.exe File Size: 1188664 BYTES FileVersion: 3.0.2.0 MD5: [d6d202229b5cd31085d744f5b5bcf2e3]

rundll32.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12]

svchost.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12]

windows.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12]

winlogon.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [625bb08813743947985b0deefc35ed12]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats

qgif4.dll File Size: 32568 BYTES FileVersion: 4.8.4.0 MD5: [a99351607fe64cf112d7284b738e0b6a]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages

lang_ar.qm File Size: 139423 BYTES FileVersion: N/A MD5: [9771d098e918204a99fa0068f431e6ba]

lang_bg.qm File Size: 147865 BYTES FileVersion: N/A MD5: [d250b37179f313e58267f7946e0522d4]

lang_ca.qm File Size: 149256 BYTES FileVersion: N/A MD5: [0cc2735ee2f231ea5d964c323ca73e08]

lang_cs.qm File Size: 142601 BYTES FileVersion: N/A MD5: [8426f7126d2851a1e6ca1f1f7e45d2ec]

lang_da.qm File Size: 143131 BYTES FileVersion: N/A MD5: [6fe13d4a5a44a3390bf9940404eeb6c7]

lang_de.qm File Size: 151959 BYTES FileVersion: N/A MD5: [9517c7c9865b5641c5c250c84b51a6d1]

lang_el.qm File Size: 152327 BYTES FileVersion: N/A MD5: [4cd483236d99cf40e9d8cf534bac05e7]

lang_en.qm File Size: 137689 BYTES FileVersion: N/A MD5: [d34a8afc30bb472c443f7f088513ff04]

lang_es.qm File Size: 149211 BYTES FileVersion: N/A MD5: [1ee5f6535d02c94812e54e3ed65de6ac]

lang_et.qm File Size: 141939 BYTES FileVersion: N/A MD5: [f6faee4a33654bb27dcf2f9d4cf955ef]

lang_fi.qm File Size: 145730 BYTES FileVersion: N/A MD5: [9f4ff431ec70747591ef0e0eaf3ed2cb]

lang_fr.qm File Size: 153965 BYTES FileVersion: N/A MD5: [8dd69dd62ee617dc3ca4f25ab2c70af8]

lang_he.qm File Size: 134117 BYTES FileVersion: N/A MD5: [3ad149f1778e6e8f8f89ecfe67a1e62e]

lang_hu.qm File Size: 147806 BYTES FileVersion: N/A MD5: [7c3ae4dde80fa8759968b218a03a7a73]

lang_id.qm File Size: 145710 BYTES FileVersion: N/A MD5: [c2a0325d9dfb5c5fce7a4832837896e7]

lang_it.qm File Size: 148249 BYTES FileVersion: N/A MD5: [4766a519a653d8e6f6ad32094a2a059b]

lang_ja.qm File Size: 122782 BYTES FileVersion: N/A MD5: [339134f906b770b833653682264bdc23]

lang_ko.qm File Size: 119240 BYTES FileVersion: N/A MD5: [5042df441910dfe9f6a55d3c005b00c7]

lang_lt.qm File Size: 146950 BYTES FileVersion: N/A MD5: [5c0fca31ff0a6d2b3f6d1722940a2dc6]

lang_lv.qm File Size: 146072 BYTES FileVersion: N/A MD5: [8623ed6977cd81c0d520f5fd84788d93]

lang_nl.qm File Size: 147725 BYTES FileVersion: N/A MD5: [1b391d5599be4724018624a27014eb75]

lang_no.qm File Size: 144153 BYTES FileVersion: N/A MD5: [2d53348f8e74f26f065e0c83e8fff7fe]

lang_pl.qm File Size: 147483 BYTES FileVersion: N/A MD5: [ce39bae20f8a2b42f93f2f5a5c6dd63e]

lang_pt_BR.qm File Size: 146906 BYTES FileVersion: N/A MD5: [b337c75fa23ba36176719d54c0269560]

lang_pt_PT.qm File Size: 144956 BYTES FileVersion: N/A MD5: [b41016907930a96a11aadb348fd9a1b6]

lang_ro.qm File Size: 146821 BYTES FileVersion: N/A MD5: [69c447559268a873808d5ae48b425ad9]

lang_ru.qm File Size: 148179 BYTES FileVersion: N/A MD5: [51d4d0c155de54f24b09be7040a7ff15]

lang_sk.qm File Size: 144330 BYTES FileVersion: N/A MD5: [3a00a97315c24e6820f8939920ef14b4]

lang_sl.qm File Size: 144582 BYTES FileVersion: N/A MD5: [47db99ccdd98936e6a38957321c71317]

lang_sv.qm File Size: 145435 BYTES FileVersion: N/A MD5: [a2b33c0364aad3e9d7daafdd4f286ee1]

lang_th.qm File Size: 137957 BYTES FileVersion: N/A MD5: [6a24ece552172d805cd428853255d294]

lang_tr.qm File Size: 144262 BYTES FileVersion: N/A MD5: [18b7fec7611c038780ee77044e523f70]

lang_vi.qm File Size: 144480 BYTES FileVersion: N/A MD5: [708062759498e791186bbe64b7246d0c]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins

fixdamage.exe File Size: 821560 BYTES FileVersion: 1.1.0.1010 MD5: [a8181ce03e9624f2c4606af3984e345e]

C:\Users\J\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware

actions.ref File Size: 422 BYTES FileVersion: N/A MD5: [1c466b6582685ba56b835ededad7b58f]

domains.ref File Size: 38 BYTES FileVersion: N/A MD5: [8c30b536b67543eb68e68b9640d4d498]

exclusions.dat File Size: 514 BYTES FileVersion: N/A MD5: [94549fc64dc8aaf8089d82e9d0ae8e72]

ips.ref File Size: 33 BYTES FileVersion: N/A MD5: [8a1c580788ea8de3f32862c2c1cf373c]

rules.ref File Size: 11038849 BYTES FileVersion: N/A MD5: [333295fc6713496f32d49e9d9b6a4526]

swissarmy.ref File Size: 24631 BYTES FileVersion: N/A MD5: [3d21748225ce61b489f5b705035b65c4]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration

build.conf File Size: 4599 BYTES FileVersion: N/A MD5: [ad68c7572a6faa671ade4da544b11f46]

database.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]

gatekeeper.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]

license.conf File Size: 554 BYTES FileVersion: N/A MD5: [f15c51a21ec25d4e09a8da5e2beb14ab]

manifest.conf File Size: 1801 BYTES FileVersion: N/A MD5: [973d017e6822e8fc2db9e3fc635212c8]

marketing.conf File Size: 1434 BYTES FileVersion: N/A MD5: [19533c40d9c9778b2ab423dbcf063d80]

net.conf File Size: 6094 BYTES FileVersion: N/A MD5: [8216f1e4f1013127183186ae6555753c]

notifications.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]

scheduler.conf File Size: 2221 BYTES FileVersion: N/A MD5: [e37eb7b0fd2275404b1e632674ea1f0e]

settings.conf File Size: 2049 BYTES FileVersion: N/A MD5: [6f169e149c57c57997199ed84062cf18]

statistics.conf File Size: 597 BYTES FileVersion: N/A MD5: [7bf7a34edcbe9bd9cf47da27b098144c]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\Restore

build.conf File Size: 4157 BYTES FileVersion: N/A MD5: [9aea3bfa13567e5ba9d9fa9861a19a12]

database.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]

gatekeeper.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]

license.conf File Size: 23 BYTES FileVersion: N/A MD5: [0ec01df616b565180556881d8042255b]

manifest.conf File Size: 1568 BYTES FileVersion: N/A MD5: [4c40858877212acf0acd81e37ff2a99b]

marketing.conf File Size: 1434 BYTES FileVersion: N/A MD5: [19533c40d9c9778b2ab423dbcf063d80]

net.conf File Size: 5344 BYTES FileVersion: N/A MD5: [973e9c5714cc0c56a7b9c83d876754dd]

notifications.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]

scheduler.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]

settings.conf File Size: 1725 BYTES FileVersion: N/A MD5: [06c52d7137dac16e1661f7cf004f2e4d]

statistics.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

mbam-log-2015-01-07 (20-33-48).xml File Size: 2488 BYTES FileVersion: N/A MD5: [3269a0af96dc443f9faa3f8f51e553d9]

protection-log-2015-01-07.xml File Size: 6299 BYTES FileVersion: N/A MD5: [c4d17c62d2951f9ee573f4385d901cca]

protection-log-2015-01-08.xml File Size: 14660 BYTES FileVersion: N/A MD5: [512203256d723eb5981b7ebbe2b5d73a]

protection-log-2015-01-09.xml File Size: 20480 BYTES FileVersion: N/A MD5: [c13fdd92a9ebc02a5d818d2e002d645b]

protection-log-2015-01-10.xml File Size: 14674 BYTES FileVersion: N/A MD5: [e3cd72e1881b5f5fec543648b3e8a2f6]

protection-log-2015-01-11.xml File Size: 20865 BYTES FileVersion: N/A MD5: [179cca540f9cab603e1ba10effdb8209]

protection-log-2015-01-12.xml File Size: 9409 BYTES FileVersion: N/A MD5: [e991c521e2d853493e2f9679e84a4c7e]

protection-log-2015-01-13.xml File Size: 15562 BYTES FileVersion: N/A MD5: [1b01926eb828254d5327fc71cf24e845]

protection-log-2015-01-14.xml File Size: 10916 BYTES FileVersion: N/A MD5: [4060c4eaaef8211329e078a0cac7c0bf]

protection-log-2015-01-15.xml File Size: 11744 BYTES FileVersion: N/A MD5: [c9288a90c71b9cf2efca93399163bcaa]

protection-log-2015-01-16.xml File Size: 4437 BYTES FileVersion: N/A MD5: [e62ff30b2476ff98fdf77982ede86b2a]

protection-log-2015-01-17.xml File Size: 15779 BYTES FileVersion: N/A MD5: [e0b3494783d8c5e9a3d9cd2f44983d6e]

protection-log-2015-01-18.xml File Size: 23082 BYTES FileVersion: N/A MD5: [d94429d71f3e673191cba0da829873f8]

protection-log-2015-01-19.xml File Size: 24940 BYTES FileVersion: N/A MD5: [3c11e23cdc503d16133b0ccdc737532f]

protection-log-2015-01-20.xml File Size: 10578 BYTES FileVersion: N/A MD5: [611231356ce2ef0f621de907cbd790ba]

protection-log-2015-01-21.xml File Size: 9410 BYTES FileVersion: N/A MD5: [06b50813c2f0ce30c6923e92a5661877]

protection-log-2015-01-22.xml File Size: 8531 BYTES FileVersion: N/A MD5: [078d0d4c603e5b5d94b35614179fb493]

protection-log-2015-01-23.xml File Size: 11457 BYTES FileVersion: N/A MD5: [64a4e97f42492df55de33d4ff3c97082]

protection-log-2015-01-24.xml File Size: 22012 BYTES FileVersion: N/A MD5: [18f1bedc4d7a5efbd8f836ec8154d789]

protection-log-2015-01-25.xml File Size: 17004 BYTES FileVersion: N/A MD5: [041afde74c89e06128c20aa47bc727e0]

protection-log-2015-01-26.xml File Size: 5316 BYTES FileVersion: N/A MD5: [b485aa51a6d44a7d0874b0a77b67c6c2]

protection-log-2015-01-27.xml File Size: 11458 BYTES FileVersion: N/A MD5: [8eb9e83e2cce343bc150a38ff4c6dc83]

protection-log-2015-01-28.xml File Size: 11458 BYTES FileVersion: N/A MD5: [9adc94dae077f9e48985f43b25f43000]

protection-log-2015-01-29.xml File Size: 12656 BYTES FileVersion: N/A MD5: [d5f941032210381bf06aa199cfb69034]

protection-log-2015-01-30.xml File Size: 6877 BYTES FileVersion: N/A MD5: [de80d2ee5a0ae5e0780c5c11141f0d1a]

protection-log-2015-01-31.xml File Size: 15028 BYTES FileVersion: N/A MD5: [e84ea7a84ccf0807d52f91b411104784]

protection-log-2015-02-01.xml File Size: 10566 BYTES FileVersion: N/A MD5: [682621179127b7c31812aaf19611a3cc]

protection-log-2015-02-02.xml File Size: 5312 BYTES FileVersion: N/A MD5: [3852204061421f4483c68bd20b6c8c3a]

protection-log-2015-02-03.xml File Size: 9708 BYTES FileVersion: N/A MD5: [1cc60c1b58698a828b0170c3cef4f910]

protection-log-2015-02-04.xml File Size: 14971 BYTES FileVersion: N/A MD5: [e918c19ae8c065d92aa134e7c7c18ce7]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine

0594648224.data File Size: 727 BYTES FileVersion: N/A MD5: [88b5751ff664dff44b019af7c638f2e2]

0594648224.quar File Size: 300032 BYTES FileVersion: N/A MD5: [42897233b59450d6b1fe4bead5a2b5a0]

Malware Exclusions:

===================

Category: Folder, Exclusion: C:\Users\J\Downloads\Sony Vegas Pro 13.0 build 310 (64 bit) (patch KHG) [ChingLiu]

Web Exclusions:

================

Category: IP, Exclusion: 94.242.198.146

Category: IP, Exclusion: 121.10.239.211

Category: IP, Exclusion: 217.23.187.202

Category: IP, Exclusion: 89.114.9.132

Category: IP, Exclusion: 202.105.176.135

Quarantined Items:

===================

Vendor: PUP.Optional.OpenCandy, Date: 2015/01/09 23:32:46, Type: File, Location: C:\Users\J\AppData\Local\Temp\utt6B34.tmp

===============================================================

END OF FILE

Edited by AdvancedSetup
removed code tags
Link to post
Share on other sites

  • Root Admin

I don't see any obvious signs of an infection but that doesn't mean it's not. What antivirus are you using?

The following indicates a possible hardware or driver issue that needs to be corrected for data integrity.
I doubt it will help or fix it but you could try doing a Full disk check and see if these entries in the Event Logs go away or not.

From an elevated admin command prompt you can type the following and then reboot to let it run

CHKDSK C: /R


 

Error: (02/04/2015 09:24:36 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:24:36 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:24:36 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:24:36 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:24:36 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:24:36 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:13:21 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:13:21 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:13:21 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (02/04/2015 09:13:21 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Link to post
Share on other sites

Currently not using anything as that's another issue. I was using Avast!, but it literally kills my FPS in certain games. I am currently running a semi fresh install of W7 Ultimate, and honestly have no clue what could've caused this. It couldn't be a hardware issue with my new SSD, could it? Going to sleep now, will leave the CMD up. Thank you for the assistance.

Link to post
Share on other sites

Alright. I ran the chkdsk command. This is the log from Event Viewer:

 

cskdsk:

 

 

 
 
Checking file system on C:
The type of the file system is NTFS.
 
A disk check has been scheduled.
Windows will now check the disk.                         
 
CHKDSK is verifying files (stage 1 of 5)...
  150528 file records processed.                                          File verification completed.
  321 large file records processed.                                      0 bad file records processed.                                        2 EA records processed.                                              44 reparse records processed.                                       CHKDSK is verifying indexes (stage 2 of 5)...
  193528 index entries processed.                                         Index verification completed.
  0 unindexed files scanned.                                           0 unindexed files recovered.                                       CHKDSK is verifying security descriptors (stage 3 of 5)...
  150528 file SDs/SIDs processed.                                         Cleaning up 173 unused index entries from index $SII of file 0x9.
Cleaning up 173 unused index entries from index $SDH of file 0x9.
Cleaning up 173 unused security descriptors.
Security descriptor verification completed.
  21501 data files processed.                                            CHKDSK is verifying Usn Journal...
  37658232 USN bytes processed.                                             Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  150512 files processed.                                                 File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  4512450 free clusters processed.                                         Free space verification is complete.
Windows has checked the file system and found no problems.
 
 117088255 KB total disk space.
  98693012 KB in 125271 files.
     84792 KB in 21502 indexes.
         0 KB in bad sectors.
    260647 KB in use by the system.
     65536 KB occupied by the log file.
  18049804 KB available on disk.
 
      4096 bytes in each allocation unit.
  29272063 total allocation units on disk.
   4512451 allocation units available on disk.
 
Internal Info:
00 4c 02 00 60 3d 02 00 e9 53 04 00 00 00 00 00  .L..`=...S......
53 01 00 00 2c 00 00 00 00 00 00 00 00 00 00 00  S...,...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
 
Windows has finished checking your disk.
Please wait while your computer restarts.
 
 
Is the next step to run those three log programs again?
Link to post
Share on other sites

  • Root Admin

Yes, reboot the computer again and either look in the Event Logs or run the following.

Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.

Link to post
Share on other sites

MiniToolBox:

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by J (administrator) on 05-02-2015 at 07:36:36
Running from "C:\Users\J\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : longspeak
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : D8-50-E6-DB-3F-54
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a57e:a35c:e218:f6b7%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.11(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, February 05, 2015 7:34:12 AM
   Lease Expires . . . . . . . . . . : Thursday, February 12, 2015 7:34:12 AM
   Default Gateway . . . . . . . . . : 10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 249057510
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-32-19-2E-D8-50-E6-DB-3F-54
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{E1E18236-0DB4-4AD5-B926-2162E11A2296}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:38f3:1cc2:f5ff:fff4(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::38f3:1cc2:f5ff:fff4%13(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    google.com
Addresses:  2607:f8b0:400f:803::200e
 216.58.217.46
 
 
Pinging google.com [216.58.217.46] with 32 bytes of data:
Reply from 216.58.217.46: bytes=32 time=14ms TTL=55
Reply from 216.58.217.46: bytes=32 time=18ms TTL=55
 
Ping statistics for 216.58.217.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 14ms, Maximum = 18ms, Average = 16ms
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=67ms TTL=49
Reply from 98.138.253.109: bytes=32 time=94ms TTL=49
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 67ms, Maximum = 94ms, Average = 80ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...d8 50 e6 db 3f 54 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.11     20
         10.0.0.0    255.255.255.0         On-link         10.0.0.11    276
        10.0.0.11  255.255.255.255         On-link         10.0.0.11    276
       10.0.0.255  255.255.255.255         On-link         10.0.0.11    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.0.11    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.0.11    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:6ab8:38f3:1cc2:f5ff:fff4/128
                                    On-link
 11    276 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::38f3:1cc2:f5ff:fff4/128
                                    On-link
 11    276 fe80::a57e:a35c:e218:f6b7/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/05/2015 07:36:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/05/2015 07:35:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/05/2015 07:35:36 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/04/2015 10:09:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/04/2015 09:57:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/04/2015 07:43:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/04/2015 07:37:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/04/2015 07:36:43 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Program Files\AVAST Software\Avast\Setup\Instup.exe Files\AVAST Software\Avast\Setup\Instup.exe" /control_panel /instop:uninstall; Description = avast! antivirus system restore point; Error = 0x8007043c).
 
Error: (02/04/2015 07:25:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/04/2015 07:07:20 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (02/05/2015 07:34:57 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (02/05/2015 07:34:57 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (02/05/2015 07:34:57 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (02/05/2015 07:34:57 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (02/05/2015 07:34:57 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801
 
Error: (02/05/2015 07:34:57 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801
 
Error: (02/05/2015 07:34:47 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (02/05/2015 07:34:47 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (02/05/2015 07:34:47 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801
 
Error: (02/05/2015 07:33:31 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
 
 
Microsoft Office Sessions:
=========================
Error: (02/05/2015 07:36:00 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/05/2015 07:35:44 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\$Recycle.Bin\S-1-5-21-1053089240-525954451-3889578908-1000\$RGW67O7.exe
 
Error: (02/05/2015 07:35:36 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\J\Downloads\esetsmartinstaller_enu.exe
 
Error: (02/04/2015 10:09:43 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/04/2015 09:57:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/04/2015 07:43:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/04/2015 07:37:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/04/2015 07:36:43 PM) (Source: System Restore)(User: )
Description: C:\Program Files\AVAST Software\Avast\Setup\Instup.exe Files\AVAST Software\Avast\Setup\Instup.exe" /control_panel /instop:uninstallavast! antivirus system restore point0x8007043c
 
Error: (02/04/2015 07:25:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/04/2015 07:07:20 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
 
=========================== Installed Programs ============================
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Google Chrome (HKLM-x32\...\{C3FF5ACB-174A-3E07-AE2A-62063FBCC9B1}) (Version: 66.30.49247 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Logitech Gaming Software (Version: 8.30.28 - Logitech Inc.) Hidden
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA Control Panel 347.09 (Version: 347.09 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.172.1357 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.2 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 16.18.9 (Version: 16.18.9 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA ShadowPlay 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.27 (Version: 1.2.27 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
ShareX 9.6.1 (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 9.6.1 - ShareX Developers)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spotify (HKCU\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.3.3 (HKLM\...\SteelSeries Engine 3) (Version: 3.3.3 - SteelSeries ApS)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
 
========================= Devices: ================================
 
Name: Network Controller
Description: Network Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 30%
Total physical RAM: 8089.43 MB
Available physical RAM: 5645.7 MB
Total Pagefile: 16177.05 MB
Available Pagefile: 13166.57 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.66 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:111.66 GB) (Free:8.31 GB) NTFS
2 Drive d: () (Fixed) (Total:534.55 GB) (Free:445.81 GB) NTFS
4 Drive g: () (Removable) (Total:14.83 GB) (Free:8.99 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\LONGSPEAK
 
Administrator            Guest                    J                        
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.