Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Default Browser check keeps popping up, Windows Aero disabled


  • Please log in to reply
15 replies to this topic

#1 hk101

hk101

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 28 January 2014 - 09:46 PM

Hi, for about a month or so, my windows dwm isn't working (dwm service is on) and my computer keeps constantly getting infected with virusus/trojans and some pups. My browser also keeps asking me to be a default program. All of these viruses/trojans pop up under my appdata folder. I would like some assistance in deleting the infections. Thanks in advance!

 

Edit: I'm using Windows 7 64-bit.


Edited by hk101, 28 January 2014 - 09:50 PM.


BC AdBot (Login to Remove)

 


#2 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:53 AM

Posted 02 February 2014 - 11:14 PM

Hello hk101 and welcome to BleepingComputer.
:welcome:

Please download AdwCleaner by Xplode and save to your Desktop.
  • Run the program.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

In your next reply please include:
Adwcleaner log
JRT log
FSS log

Thank you.

If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#3 hk101

hk101
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 04 February 2014 - 08:48 PM

AdwCleaner Log:

 

# AdwCleaner v3.018 - Report created 04/02/2014 at 20:46:31
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Howard - HOWARD-PC
# Running from : C:\Users\Howard\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Splashtop
Folder Deleted : C:\Program Files (x86)\Splashtop
Folder Deleted : C:\Users\Howard\AppData\Local\Splashtop
File Deleted : C:\Users\Howard\AppData\Roaming\Mozilla\Firefox\Profiles\imbcpayj.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKCU\Software\Splashtop Inc.
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\Splashtop Inc.

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Howard\AppData\Roaming\Mozilla\Firefox\Profiles\imbcpayj.default\prefs.js ]

Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", false);
Line Deleted : user_pref("extensions.79dD9Klnc.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.protocol.indexOf('hxxp')>-1 && window.self==window.top[...]
Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Line Deleted : user_pref("extensions.F74.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self==window.top){var script=document.createElement('script');script.type=[...]
Line Deleted : user_pref("extensions.Xk4BEjCz0.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};(function(){if(window.self==window.top&&!document.getElementById('shk85shssma'[...]
Line Deleted : user_pref("extensions.crossrider.bic", "143c21e90f5f0f91ef330b1656569b61");
Line Deleted : user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sale A Day\",\"autordr\":1,\"n\":\"3\",\"td\":1.5},\"1and1Internet\":{\"name\":\"1&1 Internet Inc.\",\[...]
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Howard\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4849 octets] - [07/01/2014 00:05:11]
AdwCleaner[R1].txt - [3607 octets] - [04/02/2014 20:45:44]
AdwCleaner[S0].txt - [3546 octets] - [04/02/2014 20:46:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3606 octets] ##########
 



#4 hk101

hk101
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 04 February 2014 - 08:52 PM

JRT.txt

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x64
Ran by Howard on Tue 02/04/2014 at 20:48:55.88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\youtubeadblocker"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted the following from C:\Users\Howard\AppData\Roaming\mozilla\firefox\profiles\imbcpayj.default\prefs.js

user_pref("extensions.F74.url", "hxxp://getjpiproxy.info/sync2/?q=hfZ9ofV9CShEAen0rjU9rGhTB6lKDzt4olljtNtVh7n0rjrFrjsGrdwHrHwFtMFHhd9FrHwFrTrErjk5rTaMDMlGojUMAe4Uojw6rjwGpjk6q
Emptied folder: C:\Users\Howard\AppData\Roaming\mozilla\firefox\profiles\imbcpayj.default\minidumps [32 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/04/2014 at 20:51:54.62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#5 hk101

hk101
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 04 February 2014 - 08:53 PM

FSS.txt

 

Farbar Service Scanner Version: 02-02-2014
Ran by Howard (administrator) on 04-02-2014 at 20:53:10
Running from "C:\Users\Howard\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



#6 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:53 AM

Posted 05 February 2014 - 07:57 AM

:step1: Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

 

==================================================

 

:step2:I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

==================================================

 

:step3: We need to download Temp File Cleaner (TFC) by OldTimer:

  • Please download TFC.exe by Oldtimer at one of the two links: Link 1 Link 2
  • Save and close all running applications
  • Double-click on TFC.exe to run the program
  • Click on Start to begin the cleaning process
    note: this program may close running applications, make your screen disappear temporarily, or require a reboot of your PC - this is normal and part of the cleanup
  • When the scan is complete, if you were not asked to reboot the computer, please do so now

More Information can be found about the tool here: http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/

================================================================

:step4:

Please download Minitoolbox and save to your desktop.

Close all programs, run minitoolbox and select these boxes:

  • Flush DNS
  • Report IE proxy settings
  • Reset IE proxy settings
  • Report FF proxy settings
  • Reset proxy settings
  • List Content of Hosts
  • List last 10 Event Viewer Errors
  • List Installed Programs
  • List Devices (Only Problems)
  • List User, partitions and memory size.

Click GO and wait, please post the log here.

 

==================================

 

Also, what browser is asking to be default? What is your currently default browser?

 

What we need in your next reply:
MBAM log
ESET log

Amount of data TFC deleted. (It will appear when the cleanup finished.)

Minitoolbox log
How's your computer running?

Answer to my question.

 

Thank you.


Edited by Sirawit, 05 February 2014 - 07:58 AM.

If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#7 hk101

hk101
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 08 February 2014 - 12:15 AM

Both browsers IE and Firefox sometimes asks to be the default browser. My computer still has aero (dwm) issues. Starting/stopping the dwm service isn't working either. Sometimes viruses/trojans keep popping up in Malwarebytes since the aero/dwm issues started.

 

Malwarebytes Log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.05.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Howard :: HOWARD-PC [administrator]

2/5/2014 11:41:16 PM
mbam-log-2014-02-05 (23-41-16).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 254258
Time elapsed: 1 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\Software\Higher Aurum (PUP.Optional.HigherAurum.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Howard\AppData\Local\Microsoft\Windows\WebCache\V01013A2.log (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Users\Howard\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.

(end)


________________________________________

ESET Log:

I can't seem to find and export results to a file. I acutally see no results and no detected items.

_______________________________________

 

TFC Log:

 

 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: hedev
->Temp folder emptied: 0 bytes
 
User: Howard
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1686438 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 36851356 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 876 bytes
 
User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 926 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
 
Emptying RecycleBin. Do not interrupt.
 
RecycleBin emptied: 0 bytes
Process complete!
 
Total Files Cleaned = 37.00 mb

_____________________________________
 

Minitoolbox Log:

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Howard (administrator) on 08-02-2014 at 00:10:35
Running from "C:\Users\Howard\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost


========================= Event log errors: ===============================

Application errors:
==================
Error: (02/07/2014 09:59:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/07/2014 09:59:41 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/07/2014 07:56:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2014 07:56:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/07/2014 07:56:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2014 09:57:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2014 00:08:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2014 00:08:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2014 00:08:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/05/2014 07:44:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/08/2014 00:08:21 AM) (Source: Service Control Manager) (User: )
Description: The UMVPFSrv service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/07/2014 09:42:36 PM) (Source: Service Control Manager) (User: )
Description: The Emsisoft Anti-Malware 8.0 - Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (02/07/2014 07:54:58 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3

Error: (02/07/2014 07:54:58 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (02/06/2014 09:55:26 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3

Error: (02/06/2014 09:55:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (02/05/2014 07:44:02 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3

Error: (02/05/2014 07:44:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-01-24 22:37:44.592
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-24 22:37:44.577
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-24 22:37:44.545
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-24 22:37:44.530
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-12-21 23:12:42.522
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-12-21 23:12:42.507
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-12-21 23:12:42.491
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-12-21 23:12:42.460
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-26 23:56:20.674
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-26 23:56:20.654
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 12 Plugin (Version: 12.0.0.43)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
Age of Empires II: HD Edition
Age of Mythology
AMD Accelerated Video Transcoding (Version: 13.30.100.40131)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Control Center (Version: 2014.0131.1535.27922)
AMD Catalyst Install Manager (Version: 8.0.916.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.81129.1203)
AMD Wireless Display v3.0 (Version: 1.0.0.14)
AMD Wireless Display v3.0 (Version: 1.0.0.15)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Battlefield 4™ (Version: 1.1.0.0)
Battlelog Web Plugins (Version: 2.3.2)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2014.0131.1535.27922)
Catalyst Control Center InstallProxy (Version: 2014.0131.1535.27922)
Catalyst Control Center Localization All (Version: 2014.0131.1535.27922)
CCC Help Chinese Standard (Version: 2014.0131.1534.27922)
CCC Help Chinese Traditional (Version: 2014.0131.1534.27922)
CCC Help Czech (Version: 2014.0131.1534.27922)
CCC Help Danish (Version: 2014.0131.1534.27922)
CCC Help Dutch (Version: 2014.0131.1534.27922)
CCC Help English (Version: 2014.0131.1534.27922)
CCC Help Finnish (Version: 2014.0131.1534.27922)
CCC Help French (Version: 2014.0131.1534.27922)
CCC Help German (Version: 2014.0131.1534.27922)
CCC Help Greek (Version: 2014.0131.1534.27922)
CCC Help Hungarian (Version: 2014.0131.1534.27922)
CCC Help Italian (Version: 2014.0131.1534.27922)
CCC Help Japanese (Version: 2014.0131.1534.27922)
CCC Help Korean (Version: 2014.0131.1534.27922)
CCC Help Norwegian (Version: 2014.0131.1534.27922)
CCC Help Polish (Version: 2014.0131.1534.27922)
CCC Help Portuguese (Version: 2014.0131.1534.27922)
CCC Help Russian (Version: 2014.0131.1534.27922)
CCC Help Spanish (Version: 2014.0131.1534.27922)
CCC Help Swedish (Version: 2014.0131.1534.27922)
CCC Help Thai (Version: 2014.0131.1534.27922)
CCC Help Turkish (Version: 2014.0131.1534.27922)
ccc-utility64 (Version: 2014.0131.1535.27922)
Cities XL Platinum
Core Temp 1.0 RC5 (Version: 1.0)
Curse Client (Version: 5.1.1.792)
DC Universe Online (Version: 1.0.3.183)
DC Universe Online Live
Diablo III (Version: 1.0.8.16603)
Dota 2
Dropbox (Version: 2.0.26)
Emsisoft Anti-Malware (Version: 8.1)
ESET Online Scanner v3
ESN Sonar (Version: 0.70.4)
Far Cry 2 Fortune's Edition (Version: 2.0.0.8)
Google Chrome (Version: 32.0.1700.107)
Google Talk Plugin (Version: 4.9.1.16010)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4805.320)
Google Update Helper (Version: 1.3.22.3)
Higher Aurum 2013.11.07.204308 (Version: 2013.11.07.204308)
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
HydraVision (Version: 4.2.252.0)
iCloud (Version: 3.0.2.163)
iFunbox (v2.6.2375.747), iFunbox DevTeam (Version: v2.6.2375.747)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
League of Legends (Version: 3.0.0)
Left 4 Dead 2
LogMeIn Hamachi (Version: 2.1.0.374)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)
Mozilla Maintenance Service (Version: 26.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML4 Parser (Version: 1.0.0)
Notepad++ (Version: 6.5.3)
Open Broadcaster Software
Origin (Version: 9.3.2.2730)
Path of Exile
PlanetSide 2 (Version: 1.0.3.183)
Project 64 version 2.0.0.14 (Version: 2.0.0.14)
Project64 1.6 (Version: 1.6)
PunkBuster Services (Version: 0.993)
Realtek Ethernet Controller Driver (Version: 7.67.1226.2012)
RIFT
RIFT™
RollerCoaster Tycoon 3 Platinum
RollerCoaster Tycoon 3 Platinum (Version: 1.00.000)
Skype™ 5.10 (Version: 5.10.116)
Smite (Version: 0.1.1706.0)
Spiral Knights
Splashtop Streamer (Version: 2.4.0.1)
Starbound
StarCraft II (Version: 2.0.10.26585)
Steam (Version: 1.0.0.0)
System Requirements Lab CYRI (Version: 6.0.3.0)
TERA (Version: 1.6)
TP-LINK TL-WN725N_WN723N Driver (Version: 1.3.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.8 (Version: 2.0.8)
WinRAR 5.00 beta 7 (64-bit) (Version: 5.00.7)

========================= Devices: ================================

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 8136.59 MB
Available physical RAM: 5779.95 MB
Total Pagefile: 16271.35 MB
Available Pagefile: 13847.36 MB
Total Virtual: 4095.88 MB
Available Virtual: 3957.99 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:111.69 GB) (Free:18.99 GB) NTFS
3 Drive e: (Data Drive) (Fixed) (Total:1863.01 GB) (Free:1643.65 GB) NTFS

========================= Users: ========================================

User accounts for \\HOWARD-PC

Administrator            Guest                    Howard                   


**** End of log ****
 



#8 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:53 AM

Posted 08 February 2014 - 04:43 AM

ESET does not produce log if it not found infections. :)
 
If you want IE or firefox to stop asking to be default browser, check these links: IE Firefox
 
:step1:
Please run Microsoft Fixit from here : http://support.microsoft.com/mats/aero_effects_not_working/en-us
 
Follow the prompt and tell me what it tell after fix.
 
:step2:
Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22004342.gif


Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22004343.gif


Go to Step 4 and under "System Restore" click on Create button:

p22004346.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22004347.gif

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
 
Thank you.

Edited by Sirawit, 08 February 2014 - 04:43 AM.

If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#9 hk101

hk101
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 08 February 2014 - 01:55 PM

Microsoft Fixit:

Mirror drivers don't support Aero effects.

 

Tweaking.com Log:

 

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: HOWARD-PC
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\Howard
Current Profile SID: S-1-5-21-1536115734-1969270634-2887730929-1000
Current Profile Classes: S-1-5-21-1536115734-1969270634-2887730929-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Howard\AppData\Local
--------------------------------------------------------------------------------

Starting Repairs...
   Start (2/8/2014 1:46:31 PM)

01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (2/8/2014 1:46:31 PM)
   Running Repair Under Current User Account
   Done (2/8/2014 1:46:37 PM)

01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (2/8/2014 1:46:37 PM)
   Running Repair Under System Account
   Done (2/8/2014 1:47:14 PM)

01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (2/8/2014 1:47:14 PM)
   Running Repair Under System Account
   Done (2/8/2014 1:47:33 PM)

03 - Register System Files
   Start (2/8/2014 1:47:33 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:47:44 PM)

04 - Repair WMI
   Start (2/8/2014 1:47:44 PM)
   Running Repair Under Current User Account
   Done (2/8/2014 1:49:07 PM)

05 - Repair Windows Firewall
   Start (2/8/2014 1:49:07 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:49:24 PM)

06 - Repair Internet Explorer
   Start (2/8/2014 1:49:24 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:49:35 PM)

07 - Repair MDAC/MS Jet
   Start (2/8/2014 1:49:35 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:49:40 PM)

08 - Repair Hosts File
   Start (2/8/2014 1:49:40 PM)
   Running Repair Under System Account
   Done (2/8/2014 1:49:43 PM)

09 - Remove Policies Set By Infections
   Start (2/8/2014 1:49:43 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:49:47 PM)

11 - Repair Icons
   Start (2/8/2014 1:49:47 PM)
   Running Repair Under System Account
   Done (2/8/2014 1:49:50 PM)

12 - Repair Winsock & DNS Cache
   Start (2/8/2014 1:49:50 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:50:03 PM)

14 - Repair Proxy Settings
   Start (2/8/2014 1:50:03 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:50:08 PM)

16 - Repair Windows Updates
   Start (2/8/2014 1:50:08 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:50:21 PM)

17 - Repair CD/DVD Missing/Not Working
   Start (2/8/2014 1:50:21 PM)
   iTunes was found, adding UpperFilters for iTunes Reg Key
   UpperFilters added?: True
   Done (2/8/2014 1:50:21 PM)

18 - Repair Volume Shadow Copy Service
   Start (2/8/2014 1:50:21 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:50:27 PM)

20 - Repair MSI (Windows Installer)
   Start (2/8/2014 1:50:28 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:50:36 PM)

22.01 - Repair bat Association
   Start (2/8/2014 1:50:37 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:50:41 PM)

22.02 - Repair cmd Association
   Start (2/8/2014 1:50:41 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:50:46 PM)

22.03 - Repair com Association
   Start (2/8/2014 1:50:46 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:50:51 PM)

22.04 - Repair Directory Association
   Start (2/8/2014 1:50:51 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:50:56 PM)

22.05 - Repair Drive Association
   Start (2/8/2014 1:50:56 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:51:00 PM)

22.06 - Repair exe Association
   Start (2/8/2014 1:51:00 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:51:05 PM)

22.07 - Repair Folder Association
   Start (2/8/2014 1:51:05 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:51:10 PM)

22.08 - Repair inf Association
   Start (2/8/2014 1:51:10 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:51:15 PM)

22.09 - Repair lnk (Shortcuts) Association
   Start (2/8/2014 1:51:15 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:51:19 PM)

22.10 - Repair msc Association
   Start (2/8/2014 1:51:19 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:51:24 PM)

22.11 - Repair reg Association
   Start (2/8/2014 1:51:24 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:51:29 PM)

22.12 - Repair scr Association
   Start (2/8/2014 1:51:29 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:51:34 PM)

23 - Repair Windows Safe Mode
   Start (2/8/2014 1:51:34 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:51:38 PM)

24 - Repair Print Spooler
   Start (2/8/2014 1:51:38 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:51:51 PM)

25 - Restore Important Windows Services
   Start (2/8/2014 1:51:52 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:51:56 PM)

26 - Set Windows Services To Default Startup
   Start (2/8/2014 1:51:56 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2/8/2014 1:52:03 PM)

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

Cleaning up empty logs...

All Selected Repairs Done.
   Done (2/8/2014 1:52:03 PM)
   Total Repair Time: 00:05:32


...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account
 



#10 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:53 AM

Posted 09 February 2014 - 09:23 AM

How To Publish a Snapshot using Speccy

 

Guide Overview

The purpose of this guide is to teach you how to post your computer's specifications to the forum with minimal effort on your part. This is often helpful when troubleshooting problems, and the person helping you needs to see the details of your computer's hardware.

Tools Needed

  • Speccy - First, you will need a program called Speccy. From Piriform's website: "Speccy is an advanced system information tool for your PC." This is a very useful utility that every PC user should have in their arsenal.

 

Instructions

  • Go to Piriform's website, and click the big download.png button.

    Next, click Download from Piriform (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version.

    You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.
  • After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy.
  • Once inside Speccy, it will look similar to this (with your computer's specifications, of course):
    JmYsp.png

    Now, in the menu bar at the top left, click File > Publish Snapshot

    You will see the following prompt:
    publish.png

    Click Yes > then Copy to Clipboard

    copydi.png

    Now, once you are back in the forum topic you are posting in, click the replyji.png button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box.

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#11 hk101

hk101
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 09 February 2014 - 03:14 PM

http://speccy.piriform.com/results/RRNCUCamHjSNKxTdLK3QmSE

 


Edited by Elise, 11 February 2014 - 03:01 AM.
log removed for security reasons


#12 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:53 AM

Posted 10 February 2014 - 01:39 AM

Please download new graphics driver from here.

Install it and restart the machine, check if your Aero effects comes back or not.

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#13 hk101

hk101
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 10 February 2014 - 07:07 PM

I installed it, still have Aero problems.



#14 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:53 AM

Posted 11 February 2014 - 04:28 AM

Can you uninstall Logmein Hamachi, restart your machine and see that the problem fixed? This program sometimes is a culprit of incompatible.

(Mirror Driver don't support aero effects.)

 

EDIT: See here : http://answers.microsoft.com/en-us/windows/forum/windows_7-desktop/mirror-drivers-dont-support-aero-effects/821bbafd-cfad-4ebe-95be-fd1e41454d09

 

Thank you.


Edited by Sirawit, 11 February 2014 - 04:29 AM.

If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#15 hk101

hk101
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 12 February 2014 - 09:21 PM

Seems like Logmein is giving me issues. I uninstalled it and Aero is working fine. Looks like there aren't anymore problems. Thanks!!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users