Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Name not available" program in mixer playing advertisement sounds


  • This topic is locked This topic is locked
23 replies to this topic

#1 Jalopes

Jalopes

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:08 PM

Posted 13 February 2014 - 03:47 PM

Hey guys - just about an hour ago, I plugged my computer into my TV via HDMI cable, restarted, and suddenly was getting sounds, like TV commercials, playing while on the desktop. I looked at the sound mixer and determined it was coming from something called "Name not available", so I figured I had some malware issue. After looking it up, I found this site - evidently it's a pretty common problem, but I've also discerned that it isn't something I can just fix in a few minutes by myself. So here I am...

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.51.2
Run by Joseph at 15:37:22 on 2014-02-13
Microsoft Windows 8.1  6.3.9600.0.1252.1.1033.18.8075.5110 [GMT -5:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\TEMP\mrt1AEA.tmp\stdrt.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Windows\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ASUS\P4G\InsOnSrv.exe
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
C:\Program Files\ASUS\P4G\InsOnWMI.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files\CyberLink\Shared files\RichVideo64.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Users\Joseph\AppData\Roaming\Spotify\spotify.exe
C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Google Talk\googletalk.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Users\Joseph\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\SysWOW64\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus13.msn.com
uDefault_Page_URL = hxxp://asus13.msn.com
mWinlogon: Userinit = userinit.exe
BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: ClassicIEBHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
uRun: [Spotify] "C:\Users\Joseph\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [Spotify Web Helper] "C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [googletalk] "C:\Program Files (x86)\Google\Google Talk\googletalk.exe" /autostart
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [GoogleChromeAutoLaunch_2DB0707BF60F636CCFF1ED8D4C17586C] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
mRun: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mExplorerRun: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
StartupFolder: C:\Users\Joseph\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Joseph\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-System: DisableCAD = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
TCP: NameServer = 128.175.13.16 128.175.13.17
TCP: Interfaces\{0B64B5C1-2AF8-43FC-A54B-720FBD82A845} : DHCPNameServer = 128.175.13.16 128.175.13.17
TCP: Interfaces\{0B64B5C1-2AF8-43FC-A54B-720FBD82A845}\65562796A7F6E602D494649443531303C4029324646302355636572756 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{0B64B5C1-2AF8-43FC-A54B-720FBD82A845}\86F6D656 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{2FF62897-F31A-408D-9A8E-A5DC8B26A741} : DHCPNameServer = 128.175.13.16 128.175.13.17
TCP: Interfaces\{61EA591C-7842-4F6B-9C08-AA4506650A06} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{61EA591C-7842-4F6B-9C08-AA4506650A06}\3414545313 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{61EA591C-7842-4F6B-9C08-AA4506650A06}\65562796A7F6E602D494649443531303C4029324646302355636572756 : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\WINDOWS\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-BHO: ClassicIEBHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll
x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [IgfxTray] "C:\WINDOWS\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\WINDOWS\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\WINDOWS\System32\igfxpers.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-ExplorerRun: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-mPolicies-System: DisableCAD = dword:1
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-7-15 677360]
R0 intelpep;Intel® Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2013-12-10 39768]
R0 nvpciflt;nvpciflt;C:\WINDOWS\System32\drivers\nvpciflt.sys [2013-12-10 32544]
R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\drivers\PxHlpa64.sys [2013-12-31 56336]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2013-8-22 76800]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R2 AdobeActiveFileMonitor12.0;Adobe Active File Monitor V12;C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [2013-9-25 181152]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-6-19 277120]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service;C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2013-6-28 312448]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-8-26 1137016]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-8-26 1157496]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-2-13 731648]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-8-25 131544]
R2 Intel® Wireless Bluetooth® 4.0 Radio Management;Intel® Wireless Bluetooth® 4.0 Radio Management;C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-9-18 157128]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-8-25 169432]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15125280]
R2 plctrl;plctrl;C:\Program Files\ASUS\P4G\PLCTRL.sys [2013-6-19 18232]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2013-12-25 390672]
R2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2013-6-28 323584]
R3 AiCharger;ASUS Charger Driver;C:\WINDOWS\System32\drivers\AiCharger.sys [2012-4-18 17280]
R3 ATP;ASUS Input Device;C:\WINDOWS\System32\drivers\AsusTP.sys [2013-11-8 70928]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-6-28 179432]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-6-28 137928]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-8-22 224768]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\WINDOWS\System32\drivers\btmaux.sys [2013-7-22 140600]
R3 btmhsf;btmhsf;C:\WINDOWS\System32\drivers\btmhsf.sys [2013-10-15 1390904]
R3 HIDSwitch;ASUS Wireless Radio Control;C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-11-4 20280]
R3 iBtFltCoex;iBtFltCoex;C:\WINDOWS\System32\drivers\iBtFltCoex.sys [2013-10-15 69088]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2013-8-22 26008]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2013-8-22 16384]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2013-12-10 39200]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUVStor.sys [2013-8-25 315536]
R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2013-12-10 833752]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2013-8-22 124256]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2013-8-22 346872]
R3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\WINDOWS\System32\drivers\xusb22.sys [2013-8-22 87040]
S2 Adobe Licensing Console;Adobe Licensing Console;C:\Windows\SysWOW64\lnsecsl.exe [2014-2-5 905070]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2013-8-22 782176]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2013-8-22 37768]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2013-8-22 37768]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\WINDOWS\System32\drivers\btath_flt.sys [2013-6-28 89800]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2013-8-22 17624]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\WINDOWS\System32\drivers\btath_a2dp.sys [2013-6-28 347336]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\WINDOWS\System32\drivers\btath_avdt.sys [2013-6-28 116424]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\WINDOWS\System32\drivers\btath_lwflt.sys [2013-6-28 77464]
S3 BtFilter;BtFilter;C:\WINDOWS\System32\drivers\btfilter.sys [2013-6-28 589000]
S3 CMUSBDAC;USB Audio Class 1.0 and 2.0 DAC Device Driver;C:\WINDOWS\System32\drivers\CMUSBDAC.sys [2013-5-9 358400]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 iaLPSSi_GPIO;Intel® Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2013-8-22 24568]
S3 iaLPSSi_I2C;Intel® Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2013-8-22 99320]
S3 iaStorAV;Intel® SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2013-8-22 651248]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2014-2-13 111616]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2013-8-22 39320]
S3 IntcDAud;Intel® Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2013-12-10 449528]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-2-13 820184]
S3 L6PODHDBEAN;Service - Line 6 POD HD;C:\WINDOWS\System32\drivers\L6PODHDBEAN64.sys [2013-7-11 772864]
S3 lfsvc;Windows Location Framework Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 LSI_SAS3;LSI_SAS3;C:\WINDOWS\System32\drivers\lsi_sas3.sys [2013-8-22 81760]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc63.sys [2013-8-22 87040]
S3 NETwNe64;@oem45.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\WINDOWS\System32\drivers\NETwew00.sys [2013-10-17 3344864]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2013-8-22 924512]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2013-12-10 146776]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2013-8-22 37768]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2013-12-5 57176]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2013-8-22 26976]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\WINDOWS\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2013-8-22 37768]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2013-8-22 37768]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2013-8-22 230912]
.
=============== Created Last 30 ================
.
2014-02-13 20:27:52 96168 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2014-02-13 20:21:55 -------- d-----w- C:\WINDOWS\ERUNT
2014-02-13 20:08:23 -------- d-----w- C:\WINDOWS\pss
2014-02-13 19:46:47 -------- d-----w- C:\Users\Joseph\AppData\Local\CrashDumps
2014-02-13 19:30:50 -------- d-----w- C:\AdwCleaner
2014-02-13 19:14:52 -------- d-----w- C:\Users\Joseph\AppData\Roaming\Malwarebytes
2014-02-13 19:14:45 25928 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2014-02-13 19:14:45 -------- d-----w- C:\ProgramData\Malwarebytes
2014-02-13 19:14:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-13 16:27:11 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{03F556FB-B6DF-4CED-9473-A1C2D442568F}\mpengine.dll
2014-02-13 16:18:50 4604416 ----a-w- C:\WINDOWS\System32\d2d1.dll
2014-02-13 16:17:48 835584 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2014-02-13 16:17:48 1113040 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2014-02-12 18:43:26 10315576 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-02-11 00:30:33 -------- d-----w- C:\Users\Joseph\AppData\Roaming\Racket
2014-02-11 00:28:37 -------- d-----w- C:\Program Files\Racket
2014-02-06 01:52:16 -------- d-----w- C:\Program Files (x86)\ASIO4ALL v2
2014-02-06 01:52:09 225280 ----a-w- C:\WINDOWS\SysWow64\rewire.dll
2014-02-06 01:52:09 -------- d-----w- C:\Program Files (x86)\VstPlugins
2014-02-06 01:52:03 1554944 ----a-w- C:\WINDOWS\SysWow64\vorbis.acm
2014-02-06 01:52:02 -------- d-----w- C:\Program Files (x86)\Outsim
2014-02-06 01:50:26 -------- d-----w- C:\Program Files (x86)\Image-Line
2014-02-06 01:49:34 905070 ----a-w- C:\WINDOWS\SysWow64\lnsecsl.exe
2014-01-30 02:36:23 -------- d-----w- C:\Users\Joseph\AppData\Roaming\foobar2000
2014-01-30 02:36:22 -------- d-----w- C:\Program Files (x86)\foobar2000
2014-01-23 19:01:03 965000 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F946D4C0-8C4B-4E2F-BFBF-F773B01B9181}\gapaengine.dll
2014-01-23 01:08:23 -------- d-----w- C:\Program Files\VideoLAN
2014-01-19 05:55:38 -------- d-----w- C:\Program Files (x86)\Multimedia Fusion Developer 2
2014-01-19 05:29:00 -------- d-----w- C:\Users\Joseph\AppData\Roaming\Clickteam
2014-01-16 21:23:20 -------- d-----w- C:\Program Files (x86)\JDownloader
.
==================== Find3M  ====================
.
2014-02-13 20:21:11 74 ----a-w- C:\Users\Joseph\AppData\Roaming\sp_data.sys
2014-02-13 16:17:30 442880 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll
2014-02-06 11:30:46 2724864 ----a-w- C:\WINDOWS\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\WINDOWS\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\WINDOWS\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\WINDOWS\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\WINDOWS\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\WINDOWS\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
2014-02-06 10:11:37 5768704 ----a-w- C:\WINDOWS\System32\jscript9.dll
2014-02-06 10:01:36 61952 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\WINDOWS\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\WINDOWS\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\WINDOWS\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\WINDOWS\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2014-01-30 20:47:26 693240 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2014-01-30 20:47:26 105464 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2014-01-19 07:38:24 270496 ------w- C:\WINDOWS\System32\MpSigStub.exe
2014-01-09 08:25:10 2804224 ----a-w- C:\WINDOWS\System32\actxprxy.dll
2014-01-09 07:59:06 115712 ----a-w- C:\WINDOWS\System32\winbici.dll
2014-01-09 07:59:02 1020928 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll
2014-01-09 07:49:48 919040 ----a-w- C:\WINDOWS\System32\MrmCoreR.dll
2014-01-09 07:44:45 720384 ----a-w- C:\WINDOWS\System32\SkyDriveTelemetry.dll
2014-01-09 07:43:12 121344 ----a-w- C:\WINDOWS\System32\SkyDriveShell.dll
2014-01-09 07:29:28 105984 ----a-w- C:\WINDOWS\SysWow64\SkyDriveShell.dll
2014-01-09 07:28:45 628736 ----a-w- C:\WINDOWS\SysWow64\MrmCoreR.dll
2014-01-09 07:28:44 4217344 ----a-w- C:\WINDOWS\System32\SyncEngine.dll
2014-01-09 07:18:50 870912 ----a-w- C:\WINDOWS\System32\SkyDrive.exe
2014-01-07 07:03:30 18944 ----a-w- C:\WINDOWS\System32\pcaui.exe
2014-01-07 05:59:03 17408 ----a-w- C:\WINDOWS\SysWow64\pcaui.exe
2014-01-07 05:00:20 2397184 ----a-w- C:\WINDOWS\System32\d3d10warp.dll
2014-01-07 04:30:31 2071552 ----a-w- C:\WINDOWS\SysWow64\d3d10warp.dll
2014-01-04 20:50:05 1462216 ----a-w- C:\WINDOWS\System32\propsys.dll
2014-01-04 19:22:49 1202888 ----a-w- C:\WINDOWS\SysWow64\propsys.dll
2014-01-04 14:52:01 2414592 ----a-w- C:\WINDOWS\apppatch\AcGenral.dll
2014-01-04 14:30:03 13209088 ----a-w- C:\WINDOWS\System32\twinui.dll
2014-01-04 14:23:19 11702272 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2014-01-04 13:42:04 1105408 ----a-w- C:\WINDOWS\System32\SearchFolder.dll
2014-01-04 13:40:27 7416832 ----a-w- C:\WINDOWS\System32\Windows.UI.Search.dll
2014-01-04 13:36:27 830976 ----a-w- C:\WINDOWS\SysWow64\SearchFolder.dll
2014-01-04 13:28:24 4961792 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
2013-12-09 02:57:19 548864 ----a-w- C:\WINDOWS\System32\vbscript.dll
2013-12-09 01:51:12 454656 ----a-w- C:\WINDOWS\SysWow64\vbscript.dll
2013-12-09 00:27:24 2152448 ----a-w- C:\WINDOWS\System32\msxml3.dll
2013-12-09 00:19:46 570880 ----a-w- C:\WINDOWS\System32\msdrm.dll
2013-12-09 00:15:28 787968 ----a-w- C:\WINDOWS\System32\uDWM.dll
2013-12-08 23:55:50 444928 ----a-w- C:\WINDOWS\SysWow64\msdrm.dll
2013-12-08 23:54:19 1317376 ----a-w- C:\WINDOWS\SysWow64\msxml3.dll
2013-12-05 10:54:31 1341288 ----a-w- C:\WINDOWS\System32\gdi32.dll
2013-12-05 10:54:31 1067008 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2013-12-05 10:54:04 872840 ----a-w- C:\WINDOWS\System32\mfplat.dll
2013-12-05 10:54:04 698232 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2013-12-05 10:53:57 977408 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
2013-12-05 10:53:57 294400 ----a-w- C:\WINDOWS\System32\Windows.Devices.Sensors.dll
2013-12-05 10:53:57 225792 ----a-w- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
2013-12-05 10:53:57 1286552 ----a-w- C:\WINDOWS\System32\msctf.dll
2013-12-05 10:53:57 1217024 ----a-w- C:\WINDOWS\System32\Windows.Media.Streaming.dll
2013-12-05 10:53:57 1018960 ----a-w- C:\WINDOWS\SysWow64\msctf.dll
2013-12-05 10:53:40 18577408 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2013-12-05 10:53:40 13925888 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2013-12-05 10:53:19 869888 ----a-w- C:\WINDOWS\SysWow64\twinui.appcore.dll
2013-12-05 10:53:19 1085952 ----a-w- C:\WINDOWS\System32\twinui.appcore.dll
2013-12-05 10:51:32 828416 ----a-w- C:\WINDOWS\System32\BFE.DLL
2013-12-05 10:51:32 136536 ----a-w- C:\WINDOWS\System32\drivers\wfplwfs.sys
2013-12-05 10:51:32 1104384 ----a-w- C:\WINDOWS\System32\IKEEXT.DLL
2013-12-05 10:51:28 1943536 ----a-w- C:\WINDOWS\System32\crypt32.dll
2013-12-05 10:51:28 1581968 ----a-w- C:\WINDOWS\SysWow64\crypt32.dll
2013-12-05 10:49:32 155480 -c--a-w- C:\WINDOWS\System32\drivers\usbccgp.sys
2013-12-05 10:49:31 41472 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll
2013-11-27 15:36:30 3395920 ----a-w- C:\WINDOWS\System32\WSService.dll
2013-11-27 11:41:57 84480 ----a-w- C:\WINDOWS\System32\WSCollect.exe
2013-11-27 10:34:10 138240 ----a-w- C:\WINDOWS\System32\OEMLicense.dll
2013-11-27 09:54:03 103936 ----a-w- C:\WINDOWS\SysWow64\OEMLicense.dll
2013-11-27 08:48:43 249856 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-27 08:45:47 206336 ----a-w- C:\WINDOWS\System32\WSClient.dll
2013-11-27 08:40:50 189952 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-27 08:38:39 174592 ----a-w- C:\WINDOWS\SysWow64\WSClient.dll
2013-11-27 08:17:21 695808 ----a-w- C:\WINDOWS\SysWow64\WSShared.dll
2013-11-27 08:12:11 848384 ----a-w- C:\WINDOWS\System32\WSShared.dll
2013-11-23 04:34:43 393216 ----a-w- C:\WINDOWS\System32\WMPhoto.dll
2013-11-23 04:13:51 348160 ----a-w- C:\WINDOWS\SysWow64\WMPhoto.dll
2013-11-21 05:44:50 3936256 ----a-w- C:\WINDOWS\SysWow64\d2d1.dll
.
============= FINISH: 15:37:34.66 ===============
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:08 PM

Posted 13 February 2014 - 04:12 PM

Hello Jalopes,

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.

 

 

 

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 Jalopes

Jalopes
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:08 PM

Posted 13 February 2014 - 04:28 PM

Here is the FRST.txt...
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by Joseph (administrator) on JOEYLAPTOP on 13-02-2014 16:26:49
Running from C:\Users\Joseph\Desktop
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(                                                                                                    ) C:\WINDOWS\TEMP\mrt1AEA.tmp\stdrt.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Spotify Ltd) C:\Users\Joseph\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Spotify Ltd) C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Dropbox, Inc.) C:\Users\Joseph\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1064224 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1361112 2013-11-05] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818040 2013-09-19] (Motorola Solutions, Inc.)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2013-02-05] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUS InstantKey] - C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [13936 2013-06-04] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-06-28] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-3179185097-1399537554-2468577210-1001\...\Run: [Spotify] - C:\Users\Joseph\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-01-16] (Spotify Ltd)
HKU\S-1-5-21-3179185097-1399537554-2468577210-1001\...\Run: [Spotify Web Helper] - C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-16] (Spotify Ltd)
HKU\S-1-5-21-3179185097-1399537554-2468577210-1001\...\Run: [googletalk] - C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3289088 2007-11-20] (Google)
HKU\S-1-5-21-3179185097-1399537554-2468577210-1001\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKU\S-1-5-21-3179185097-1399537554-2468577210-1001\...\Run: [GoogleChromeAutoLaunch_2DB0707BF60F636CCFF1ED8D4C17586C] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866632 2014-02-01] (Google Inc.)
HKU\S-1-5-21-3179185097-1399537554-2468577210-1001\...\Run: [Gyazo] - C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
HKU\S-1-5-21-3179185097-1399537554-2468577210-1001\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-3179185097-1399537554-2468577210-1003\...\Run: [Spotify] - C:\Users\Joseph\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-01-16] (Spotify Ltd)
HKU\S-1-5-21-3179185097-1399537554-2468577210-1003\...\Run: [Spotify Web Helper] - C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-16] (Spotify Ltd)
HKU\S-1-5-21-3179185097-1399537554-2468577210-1003\...\Run: [googletalk] - C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3289088 2007-11-20] (Google)
HKU\S-1-5-21-3179185097-1399537554-2468577210-1003\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKU\S-1-5-21-3179185097-1399537554-2468577210-1003\...\Run: [GoogleChromeAutoLaunch_2DB0707BF60F636CCFF1ED8D4C17586C] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866632 2014-02-01] (Google Inc.)
HKU\S-1-5-21-3179185097-1399537554-2468577210-1003\...\Run: [Gyazo] - C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
Startup: C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Joseph\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 128.175.13.16 128.175.13.17
 
Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-05]
CHR Extension: (Docs Offline Background Page) - C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-05]
CHR Extension: (YouTube) - C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-05]
CHR Extension: (Google Search) - C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-05]
CHR Extension: (Speed Dial) - C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi [2013-12-06]
CHR Extension: (AdBlock) - C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-05]
CHR Extension: (Google Wallet) - C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-05]
CHR Extension: (Gmail) - C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-05]
 
==================== Services (Whitelisted) =================
 
S2 Adobe Licensing Console; C:\Windows\SysWOW64\lnsecsl.exe [905070 2014-02-05] (                                                                                                    )
R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-06-19] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] ()
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-06-28] (Windows ® Win 7 DDK provider)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-15] (Intel Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-15] (Intel Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-14] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-06-28] (Atheros)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-11-08] (ASUS Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-06-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
S3 CMUSBDAC; C:\Windows\system32\DRIVERS\CMUSBDAC.sys [358400 2013-05-09] (C-Media Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
S3 L6PODHDBEAN; C:\Windows\System32\Drivers\L6PODHDBEAN64.sys [772864 2013-07-11] (Line 6)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344864 2013-09-23] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-11-14] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [18232 2013-06-19] (ASUSTek Computer Inc.)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-12-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
S3 kbfiltr; \SystemRoot\System32\drivers\kbfiltr.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-13 16:26 - 2014-02-13 16:27 - 00019356 _____ () C:\Users\Joseph\Desktop\FRST.txt
2014-02-13 16:26 - 2014-02-13 16:26 - 02152960 _____ (Farbar) C:\Users\Joseph\Desktop\FRST64.exe
2014-02-13 16:26 - 2014-02-13 16:26 - 00000000 ____D () C:\FRST
2014-02-13 15:37 - 2014-02-13 15:37 - 00029269 _____ () C:\Users\Joseph\Desktop\dds.txt
2014-02-13 15:37 - 2014-02-13 15:37 - 00013167 _____ () C:\Users\Joseph\Desktop\attach.txt
2014-02-13 15:33 - 2014-02-13 15:33 - 00688992 ____R (Swearware) C:\Users\Joseph\Desktop\dds.com
2014-02-13 15:27 - 2014-02-13 15:29 - 00016535 _____ () C:\Users\Joseph\Desktop\MBRCheck_02.13.14_15.27.39.txt
2014-02-13 15:27 - 2014-02-13 15:27 - 00080384 _____ () C:\Users\Joseph\Desktop\MBRCheck.exe
2014-02-13 15:27 - 2014-02-13 15:27 - 00005175 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-13 15:27 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-02-13 15:27 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-02-13 15:27 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-02-13 15:27 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-02-13 15:24 - 2014-02-13 15:24 - 00000623 _____ () C:\Users\Joseph\Desktop\JRT.txt
2014-02-13 15:21 - 2014-02-13 15:21 - 01037530 _____ (Thisisu) C:\Users\Joseph\Desktop\JRT.exe
2014-02-13 15:21 - 2014-02-13 15:21 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-13 15:08 - 2014-02-13 15:08 - 00000000 ____D () C:\WINDOWS\pss
2014-02-13 14:46 - 2014-02-13 15:20 - 00000000 ____D () C:\Users\Joseph\AppData\Local\CrashDumps
2014-02-13 14:30 - 2014-02-13 14:31 - 00000000 ____D () C:\AdwCleaner
2014-02-13 14:14 - 2014-02-13 14:14 - 00001127 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-13 14:14 - 2014-02-13 14:14 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Malwarebytes
2014-02-13 14:14 - 2014-02-13 14:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-13 14:14 - 2014-02-13 14:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-13 14:14 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-13 14:13 - 2014-02-13 14:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Joseph\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-13 14:11 - 2014-02-13 14:11 - 04102163 _____ () C:\Users\Joseph\Desktop\tdsskiller.zip
2014-02-13 14:11 - 2014-02-13 14:11 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Joseph\Desktop\tdsskiller.exe
2014-02-13 14:03 - 2014-02-13 16:26 - 00104027 _____ () C:\WINDOWS\SysWOW64\key.dat
2014-02-13 11:19 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-13 11:19 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-13 11:19 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-13 11:19 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-13 11:19 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-13 11:19 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-13 11:19 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-13 11:19 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-13 11:19 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-13 11:19 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-13 11:19 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-13 11:19 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-13 11:19 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-13 11:19 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-13 11:19 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-13 11:19 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-13 11:19 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-13 11:19 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-13 11:19 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-13 11:19 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-13 11:19 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-13 11:19 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-13 11:19 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-13 11:19 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-13 11:19 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-13 11:19 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-13 11:19 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-13 11:19 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-13 11:19 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-13 11:19 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-13 11:19 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-13 11:19 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-13 11:19 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-13 11:19 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-13 11:19 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-13 11:19 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-13 11:19 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-13 11:18 - 2014-01-09 03:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-13 11:18 - 2014-01-09 02:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-13 11:18 - 2014-01-09 02:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-13 11:18 - 2014-01-09 02:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-13 11:18 - 2014-01-09 02:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-13 11:18 - 2014-01-09 02:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-13 11:18 - 2014-01-09 02:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-13 11:18 - 2014-01-09 02:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-13 11:18 - 2014-01-09 02:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-13 11:18 - 2014-01-09 02:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-13 11:18 - 2014-01-07 02:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-13 11:18 - 2014-01-07 00:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-13 11:18 - 2014-01-07 00:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-13 11:18 - 2014-01-06 23:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-13 11:18 - 2014-01-04 15:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-13 11:18 - 2014-01-04 14:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-13 11:18 - 2014-01-04 09:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-13 11:18 - 2014-01-04 09:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-13 11:18 - 2014-01-04 08:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-13 11:18 - 2014-01-04 08:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-13 11:18 - 2014-01-04 08:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-13 11:18 - 2014-01-04 08:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-13 11:18 - 2013-12-20 21:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-13 11:18 - 2013-12-20 21:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-13 11:18 - 2013-12-08 21:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-13 11:18 - 2013-12-08 20:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-13 11:18 - 2013-12-08 19:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-13 11:18 - 2013-12-08 19:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-13 11:18 - 2013-12-08 18:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-13 11:18 - 2013-12-08 18:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-13 11:18 - 2013-11-21 01:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-13 11:18 - 2013-11-21 00:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-13 11:17 - 2013-12-20 05:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-13 11:17 - 2013-12-20 01:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-12 19:45 - 2014-02-12 19:45 - 00094806 _____ () C:\Users\Joseph\lab0.rkt
2014-02-12 19:45 - 2014-02-12 19:45 - 00001747 _____ () C:\Users\Joseph\welp.rkt
2014-02-12 19:40 - 2014-02-12 19:40 - 02978816 _____ () C:\Users\Joseph\Desktop\Week1b-Atomic-Data-Design-Recipe.ppt
2014-02-12 19:38 - 2014-02-12 19:38 - 05734681 _____ () C:\Users\Joseph\Desktop\Week1a-lecture.pptx
2014-02-12 18:37 - 2014-02-12 18:37 - 00087803 _____ () C:\Users\Joseph\Desktop\lab0.rkt
2014-02-12 10:12 - 2014-02-12 10:12 - 00000619 _____ () C:\Users\Joseph\Documents\thing.rkt
2014-02-11 22:38 - 2014-02-11 22:38 - 26492918 _____ () C:\Users\Joseph\Desktop\pairprogramming.mp4
2014-02-10 19:30 - 2014-02-12 19:48 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Racket
2014-02-10 19:28 - 2014-02-10 19:30 - 00000000 ____D () C:\Program Files\Racket
2014-02-10 19:26 - 2014-02-10 19:27 - 58128353 _____ (PLT Design Inc.) C:\Users\Joseph\Desktop\racket-5.93-x86_64-win32.exe
2014-02-09 02:09 - 2014-02-09 02:09 - 00000053 _____ () C:\Users\Joseph\Desktop\uh.mid
2014-02-09 01:47 - 2014-02-09 01:48 - 08629170 _____ () C:\Users\Joseph\Desktop\Night Explore.wav
2014-02-09 01:34 - 2014-02-09 01:56 - 01982866 _____ () C:\Users\Joseph\Desktop\Night Explore.ogg
2014-02-09 01:15 - 2014-02-09 01:16 - 02804033 _____ () C:\Users\Joseph\Desktop\Exploring.ogg
2014-02-08 01:04 - 2014-02-08 01:04 - 00000000 ____D () C:\Users\Joseph\Desktop\MO3
2014-02-08 01:00 - 2014-02-08 01:02 - 08822324 _____ () C:\Users\Joseph\Desktop\MO3.rar
2014-02-08 00:16 - 2014-02-08 00:31 - 03715902 _____ () C:\Users\Joseph\Desktop\Boss Fight 2.ogg
2014-02-07 19:49 - 2014-02-07 19:49 - 00000000 _____ () C:\WINDOWS\SysWOW64\x64.txt
2014-02-07 19:16 - 2014-02-07 19:46 - 01537485 _____ () C:\Users\Joseph\Desktop\Boss Fight.ogg
2014-02-05 20:52 - 2014-02-05 20:52 - 00001168 _____ () C:\Users\Public\Desktop\FL Studio 10.lnk
2014-02-05 20:52 - 2014-02-05 20:52 - 00000000 ____D () C:\Users\Joseph\Documents\Image-Line
2014-02-05 20:52 - 2014-02-05 20:52 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-02-05 20:52 - 2014-02-05 20:52 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-02-05 20:52 - 2014-02-05 20:52 - 00000000 ____D () C:\Program Files (x86)\VstPlugins
2014-02-05 20:52 - 2014-02-05 20:52 - 00000000 ____D () C:\Program Files (x86)\Outsim
2014-02-05 20:52 - 2014-02-05 20:52 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2014-02-05 20:52 - 2009-09-15 04:14 - 01554944 _____ (HMS http://hp.vector.co.jp/authors/VA012897/) C:\WINDOWS\SysWOW64\vorbis.acm
2014-02-05 20:52 - 2006-06-20 03:56 - 00225280 _____ (Propellerhead Software AB) C:\WINDOWS\SysWOW64\rewire.dll
2014-02-05 20:50 - 2014-02-05 20:52 - 00000000 ____D () C:\Program Files (x86)\Image-Line
2014-02-05 20:49 - 2014-02-05 20:49 - 00905070 _____ ( ) C:\WINDOWS\SysWOW64\lnsecsl.exe
2014-01-29 21:36 - 2014-02-09 17:56 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\foobar2000
2014-01-29 21:36 - 2014-01-29 21:36 - 00001049 _____ () C:\Users\Public\Desktop\foobar2000.lnk
2014-01-29 21:36 - 2014-01-29 21:36 - 00000000 ____D () C:\Program Files (x86)\foobar2000
2014-01-26 17:03 - 2014-01-26 17:03 - 01302928 _____ () C:\WINDOWS\Minidump\012614-13609-01.dmp
2014-01-24 11:08 - 2014-01-24 11:08 - 01313528 _____ () C:\WINDOWS\Minidump\012414-25984-01.dmp
2014-01-22 20:08 - 2014-01-22 20:08 - 00000889 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-01-22 20:08 - 2014-01-22 20:08 - 00000000 ____D () C:\Program Files\VideoLAN
2014-01-19 00:55 - 2014-01-19 00:56 - 00000000 ____D () C:\Program Files (x86)\Multimedia Fusion Developer 2
2014-01-19 00:55 - 2014-01-19 00:55 - 00001148 _____ () C:\Users\Public\Desktop\Multimedia Fusion Developer 2.lnk
2014-01-19 00:29 - 2014-01-19 00:29 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Clickteam
2014-01-17 13:35 - 2014-01-17 13:35 - 00000000 ____D () C:\Users\Joseph\Desktop\Star Wars
2014-01-16 16:23 - 2014-01-16 23:59 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-01-16 16:23 - 2014-01-16 16:23 - 00002055 _____ () C:\Users\Joseph\Desktop\JDownloader.lnk
2014-01-16 15:41 - 2014-01-16 15:41 - 00007226 _____ () C:\Users\Joseph\Desktop\testthis.swf
2014-01-14 13:40 - 2013-12-08 19:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-14 13:40 - 2013-11-27 10:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-14 13:40 - 2013-11-27 06:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-14 13:40 - 2013-11-27 05:34 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-01-14 13:40 - 2013-11-27 04:54 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-14 13:40 - 2013-11-27 03:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 13:40 - 2013-11-27 03:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-14 13:40 - 2013-11-27 03:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 13:40 - 2013-11-27 03:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-14 13:40 - 2013-11-27 03:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-14 13:40 - 2013-11-27 03:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-14 01:33 - 2014-01-14 01:33 - 00014253 _____ () C:\Users\Joseph\Desktop\Walk downnnn.swf
 
==================== One Month Modified Files and Folders =======
 
2014-02-13 16:27 - 2014-02-13 16:26 - 00019356 _____ () C:\Users\Joseph\Desktop\FRST.txt
2014-02-13 16:26 - 2014-02-13 16:26 - 02152960 _____ (Farbar) C:\Users\Joseph\Desktop\FRST64.exe
2014-02-13 16:26 - 2014-02-13 16:26 - 00000000 ____D () C:\FRST
2014-02-13 16:26 - 2014-02-13 14:03 - 00104027 _____ () C:\WINDOWS\SysWOW64\key.dat
2014-02-13 16:25 - 2013-12-05 00:42 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Spotify
2014-02-13 16:25 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-13 15:52 - 2013-12-05 00:03 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3179185097-1399537554-2468577210-1003
2014-02-13 15:47 - 2013-12-05 02:57 - 01329901 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-13 15:46 - 2013-12-05 00:25 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-13 15:37 - 2014-02-13 15:37 - 00029269 _____ () C:\Users\Joseph\Desktop\dds.txt
2014-02-13 15:37 - 2014-02-13 15:37 - 00013167 _____ () C:\Users\Joseph\Desktop\attach.txt
2014-02-13 15:36 - 2013-12-05 12:33 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\ClassicShell
2014-02-13 15:33 - 2014-02-13 15:33 - 00688992 ____R (Swearware) C:\Users\Joseph\Desktop\dds.com
2014-02-13 15:29 - 2014-02-13 15:27 - 00016535 _____ () C:\Users\Joseph\Desktop\MBRCheck_02.13.14_15.27.39.txt
2014-02-13 15:27 - 2014-02-13 15:27 - 00080384 _____ () C:\Users\Joseph\Desktop\MBRCheck.exe
2014-02-13 15:27 - 2014-02-13 15:27 - 00005175 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-13 15:27 - 2013-12-10 20:08 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-13 15:27 - 2013-12-10 20:08 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-13 15:25 - 2013-09-29 23:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-13 15:24 - 2014-02-13 15:24 - 00000623 _____ () C:\Users\Joseph\Desktop\JRT.txt
2014-02-13 15:22 - 2013-12-06 00:10 - 00000000 ____D () C:\Users\Joseph\AppData\Local\Adobe
2014-02-13 15:22 - 2013-12-05 00:25 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-13 15:21 - 2014-02-13 15:21 - 01037530 _____ (Thisisu) C:\Users\Joseph\Desktop\JRT.exe
2014-02-13 15:21 - 2014-02-13 15:21 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-13 15:21 - 2013-12-04 23:54 - 00000074 _____ () C:\Users\Joseph\AppData\Roaming\sp_data.sys
2014-02-13 15:20 - 2014-02-13 14:46 - 00000000 ____D () C:\Users\Joseph\AppData\Local\CrashDumps
2014-02-13 15:20 - 2013-12-08 01:25 - 00000000 ___RD () C:\Users\Joseph\Google Drive
2014-02-13 15:20 - 2013-12-06 00:03 - 00000000 ___RD () C:\Users\Joseph\Dropbox
2014-02-13 15:20 - 2013-12-06 00:00 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Dropbox
2014-02-13 15:19 - 2013-12-10 20:17 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-02-13 15:19 - 2013-12-10 20:17 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-02-13 15:19 - 2013-12-05 00:25 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-13 15:19 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-13 15:08 - 2014-02-13 15:08 - 00000000 ____D () C:\WINDOWS\pss
2014-02-13 14:47 - 2013-12-05 00:43 - 00000000 ____D () C:\Users\Joseph\AppData\Local\Spotify
2014-02-13 14:45 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-13 14:44 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-13 14:31 - 2014-02-13 14:30 - 00000000 ____D () C:\AdwCleaner
2014-02-13 14:14 - 2014-02-13 14:14 - 00001127 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-13 14:14 - 2014-02-13 14:14 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Malwarebytes
2014-02-13 14:14 - 2014-02-13 14:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-13 14:14 - 2014-02-13 14:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-13 14:14 - 2014-02-13 14:13 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Joseph\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-13 14:11 - 2014-02-13 14:11 - 04102163 _____ () C:\Users\Joseph\Desktop\tdsskiller.zip
2014-02-13 14:11 - 2014-02-13 14:11 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Joseph\Desktop\tdsskiller.exe
2014-02-13 14:01 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-13 14:01 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-13 14:01 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-13 14:01 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-13 14:00 - 2013-12-05 02:43 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\vlc
2014-02-13 13:55 - 2013-12-05 00:38 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Skype
2014-02-13 13:23 - 2013-12-05 23:34 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Scirra
2014-02-12 19:48 - 2014-02-10 19:30 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Racket
2014-02-12 19:45 - 2014-02-12 19:45 - 00094806 _____ () C:\Users\Joseph\lab0.rkt
2014-02-12 19:45 - 2014-02-12 19:45 - 00001747 _____ () C:\Users\Joseph\welp.rkt
2014-02-12 19:45 - 2013-12-05 03:02 - 00000000 ____D () C:\Users\Joseph
2014-02-12 19:40 - 2014-02-12 19:40 - 02978816 _____ () C:\Users\Joseph\Desktop\Week1b-Atomic-Data-Design-Recipe.ppt
2014-02-12 19:39 - 2013-12-23 12:51 - 01211392 ___SH () C:\Users\Joseph\Desktop\Thumbs.db
2014-02-12 19:38 - 2014-02-12 19:38 - 05734681 _____ () C:\Users\Joseph\Desktop\Week1a-lecture.pptx
2014-02-12 18:37 - 2014-02-12 18:37 - 00087803 _____ () C:\Users\Joseph\Desktop\lab0.rkt
2014-02-12 13:41 - 2013-12-05 00:25 - 00003892 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 13:41 - 2013-12-05 00:25 - 00003656 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-12 10:12 - 2014-02-12 10:12 - 00000619 _____ () C:\Users\Joseph\Documents\thing.rkt
2014-02-11 22:38 - 2014-02-11 22:38 - 26492918 _____ () C:\Users\Joseph\Desktop\pairprogramming.mp4
2014-02-10 19:30 - 2014-02-10 19:28 - 00000000 ____D () C:\Program Files\Racket
2014-02-10 19:27 - 2014-02-10 19:26 - 58128353 _____ (PLT Design Inc.) C:\Users\Joseph\Desktop\racket-5.93-x86_64-win32.exe
2014-02-09 17:56 - 2014-01-29 21:36 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\foobar2000
2014-02-09 02:09 - 2014-02-09 02:09 - 00000053 _____ () C:\Users\Joseph\Desktop\uh.mid
2014-02-09 02:03 - 2013-12-05 23:57 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Audacity
2014-02-09 01:56 - 2014-02-09 01:34 - 01982866 _____ () C:\Users\Joseph\Desktop\Night Explore.ogg
2014-02-09 01:48 - 2014-02-09 01:47 - 08629170 _____ () C:\Users\Joseph\Desktop\Night Explore.wav
2014-02-09 01:16 - 2014-02-09 01:15 - 02804033 _____ () C:\Users\Joseph\Desktop\Exploring.ogg
2014-02-08 01:04 - 2014-02-08 01:04 - 00000000 ____D () C:\Users\Joseph\Desktop\MO3
2014-02-08 01:02 - 2014-02-08 01:00 - 08822324 _____ () C:\Users\Joseph\Desktop\MO3.rar
2014-02-08 00:31 - 2014-02-08 00:16 - 03715902 _____ () C:\Users\Joseph\Desktop\Boss Fight 2.ogg
2014-02-07 19:49 - 2014-02-07 19:49 - 00000000 _____ () C:\WINDOWS\SysWOW64\x64.txt
2014-02-07 19:49 - 2013-09-29 22:55 - 00012184 _____ () C:\WINDOWS\PFRO.log
2014-02-07 19:48 - 2013-12-05 13:23 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\uTorrent
2014-02-07 19:46 - 2014-02-07 19:16 - 01537485 _____ () C:\Users\Joseph\Desktop\Boss Fight.ogg
2014-02-07 00:38 - 2013-12-24 18:12 - 00000000 ____D () C:\Users\Joseph\Desktop\Potentially Useful Things
2014-02-07 00:38 - 2013-12-06 02:36 - 00000000 ____D () C:\Users\Joseph\Desktop\Creations
2014-02-06 07:16 - 2014-02-13 11:19 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 06:30 - 2014-02-13 11:19 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 06:30 - 2014-02-13 11:19 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 06:12 - 2014-02-13 11:19 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 06:07 - 2014-02-13 11:19 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 06:06 - 2014-02-13 11:19 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 05:57 - 2014-02-13 11:19 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 05:56 - 2014-02-13 11:19 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 05:49 - 2014-02-13 11:19 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 05:48 - 2014-02-13 11:19 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 05:48 - 2014-02-13 11:19 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 05:38 - 2014-02-13 11:19 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 05:32 - 2014-02-13 11:19 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 05:20 - 2014-02-13 11:19 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 05:17 - 2014-02-13 11:19 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 05:11 - 2014-02-13 11:19 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 05:01 - 2014-02-13 11:19 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 05:00 - 2014-02-13 11:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 04:57 - 2014-02-13 11:19 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 04:57 - 2014-02-13 11:19 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 04:52 - 2014-02-13 11:19 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 04:52 - 2014-02-13 11:19 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 04:50 - 2014-02-13 11:19 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 04:47 - 2014-02-13 11:19 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 04:46 - 2014-02-13 11:19 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 04:25 - 2014-02-13 11:19 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 04:25 - 2014-02-13 11:19 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 04:24 - 2014-02-13 11:19 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 04:22 - 2014-02-13 11:19 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 04:13 - 2014-02-13 11:19 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 04:09 - 2014-02-13 11:19 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 04:03 - 2014-02-13 11:19 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 03:55 - 2014-02-13 11:19 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 03:41 - 2014-02-13 11:19 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 03:40 - 2014-02-13 11:19 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 03:36 - 2014-02-13 11:19 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 03:34 - 2014-02-13 11:19 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-06 00:36 - 2013-08-22 09:46 - 00334014 _____ () C:\WINDOWS\setupact.log
2014-02-05 20:52 - 2014-02-05 20:52 - 00001168 _____ () C:\Users\Public\Desktop\FL Studio 10.lnk
2014-02-05 20:52 - 2014-02-05 20:52 - 00000000 ____D () C:\Users\Joseph\Documents\Image-Line
2014-02-05 20:52 - 2014-02-05 20:52 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-02-05 20:52 - 2014-02-05 20:52 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-02-05 20:52 - 2014-02-05 20:52 - 00000000 ____D () C:\Program Files (x86)\VstPlugins
2014-02-05 20:52 - 2014-02-05 20:52 - 00000000 ____D () C:\Program Files (x86)\Outsim
2014-02-05 20:52 - 2014-02-05 20:52 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2014-02-05 20:52 - 2014-02-05 20:50 - 00000000 ____D () C:\Program Files (x86)\Image-Line
2014-02-05 20:49 - 2014-02-05 20:49 - 00905070 _____ ( ) C:\WINDOWS\SysWOW64\lnsecsl.exe
2014-02-05 20:23 - 2013-12-27 01:53 - 00000952 _____ () C:\Users\Joseph\.lmmsrc.xml
2014-02-04 15:28 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-01-30 15:47 - 2013-08-22 10:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 15:47 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-29 21:36 - 2014-01-29 21:36 - 00001049 _____ () C:\Users\Public\Desktop\foobar2000.lnk
2014-01-29 21:36 - 2014-01-29 21:36 - 00000000 ____D () C:\Program Files (x86)\foobar2000
2014-01-26 17:03 - 2014-01-26 17:03 - 01302928 _____ () C:\WINDOWS\Minidump\012614-13609-01.dmp
2014-01-26 17:03 - 2013-12-06 16:18 - 719564991 _____ () C:\WINDOWS\MEMORY.DMP
2014-01-26 17:03 - 2013-12-06 16:18 - 00000000 ____D () C:\WINDOWS\Minidump
2014-01-26 15:58 - 2013-12-04 23:54 - 00000000 ____D () C:\Users\Joseph\AppData\Local\VirtualStore
2014-01-24 11:08 - 2014-01-24 11:08 - 01313528 _____ () C:\WINDOWS\Minidump\012414-25984-01.dmp
2014-01-22 20:08 - 2014-01-22 20:08 - 00000889 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-01-22 20:08 - 2014-01-22 20:08 - 00000000 ____D () C:\Program Files\VideoLAN
2014-01-21 13:41 - 2013-12-06 00:25 - 00000000 ____D () C:\Users\Joseph\Desktop\Old Things
2014-01-19 02:38 - 2013-12-06 12:49 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-01-19 00:56 - 2014-01-19 00:55 - 00000000 ____D () C:\Program Files (x86)\Multimedia Fusion Developer 2
2014-01-19 00:55 - 2014-01-19 00:55 - 00001148 _____ () C:\Users\Public\Desktop\Multimedia Fusion Developer 2.lnk
2014-01-19 00:29 - 2014-01-19 00:29 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Clickteam
2014-01-17 19:39 - 2013-05-01 04:35 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-01-17 13:35 - 2014-01-17 13:35 - 00000000 ____D () C:\Users\Joseph\Desktop\Star Wars
2014-01-16 23:59 - 2014-01-16 16:23 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-01-16 16:23 - 2014-01-16 16:23 - 00002055 _____ () C:\Users\Joseph\Desktop\JDownloader.lnk
2014-01-16 15:41 - 2014-01-16 15:41 - 00007226 _____ () C:\Users\Joseph\Desktop\testthis.swf
2014-01-16 14:08 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-01-15 17:41 - 2013-12-06 00:03 - 00001076 _____ () C:\Users\Joseph\Desktop\Dropbox.lnk
2014-01-15 17:41 - 2013-12-06 00:01 - 00000000 ____D () C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-15 17:41 - 2013-12-04 23:55 - 00000000 ___RD () C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-14 14:13 - 2013-12-05 00:39 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-01-14 14:11 - 2013-12-05 00:39 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-14 01:33 - 2014-01-14 01:33 - 00014253 _____ () C:\Users\Joseph\Desktop\Walk downnnn.swf
 
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
 
 
Some content of TEMP:
====================
C:\Users\Joseph\AppData\Local\Temp\AskSLib.dll
C:\Users\Joseph\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Joseph\AppData\Local\Temp\L6GPInst.dll
C:\Users\Joseph\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Joseph\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Joseph\AppData\Local\Temp\nvStInst.exe
C:\Users\Joseph\AppData\Local\Temp\readSTILog.dll
C:\Users\Joseph\AppData\Local\Temp\vlc-2.1.2-win64.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-05 21:41
 
==================== End Of Log ============================
 
 
...and the Addition.txt.
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by Joseph at 2014-02-13 16:27:32
Running from C:\Users\Joseph\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
 ASUS Console (Version: 1.0.2 - ASUS)
µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 12 (Version: 12.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 12 (Version: 12.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (x32 Version: 2.10 - Michael Tippach)
ASUS FaceKey (x32 Version: 4.1.0.0 - )
ASUS Instant Key (x32 Version: 1.1.2 - ASUS)
ASUS Power4Gear Hybrid (Version: 3.0.4 - ASUS)
ASUS Screen Saver (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (x32 Version: 2.2.7 - ASUS)
ASUS Splendid Video Enhancement Technology (x32 Version: 2.01.0010 - ASUS)
ASUS USB Charger Plus (x32 Version: 3.1.3 - ASUS)
ASUS Video DSP (x32 Version: 1.0.000 - )
ASUS Video Magic (x32 Version: 6.0.5005 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.5005 - CyberLink Corp.) Hidden
ASUS WebStorage Sync Agent (x32 Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (x32 Version: 10.0.4924.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4924.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (x32 Version: 2.0.12.309 - ASUSTEK)
ATK Package (x32 Version: 1.0.0030 - ASUS)
Audacity 2.0.5 (x32 Version: 2.0.5 - Audacity Team)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Canon MG4100 series MP Drivers (Version:  - )
Classic Shell (Version: 4.0.2 - IvoSoft)
Construct Classic r2 (x32 Version:  - Scirra)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3718_45957 - CyberLink Corp.)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3718_45957 - CyberLink Corp.) Hidden
CyberLink PowerDirector (x32 Version: 8.0.5817a - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.5817a - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (Version: 12.0.2412.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (x32 Version: 12.0.2412.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (x32 Version: 2.0.4203 - CyberLink Corp.)
CyberLink WaveEditor 2 (x32 Version: 2.0.4203 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolphin (x32 Version: 4.0.2 - Dolphin Development Team)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
FastStone Image Viewer 4.9 (x32 Version: 4.9 - FastStone Soft)
FL Studio 10 (x32 Version:  - Image-Line)
foobar2000 v1.3.1 (x32 Version: 1.3.1 - Peter Pawlowski)
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.10 (Version: 2.8.10 - The GIMP Team)
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.)
Google Talk (remove only) (x32 Version:  - )
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GTK2-Runtime (x32 Version: 2.24.10-2012-10-10-ash - Alexander Shaduri)
Gyazo 2.0.2 (x32 Version:  - Nota Inc.)
Hydrogen 0.9.6 preview release for windows (x32 Version:  - hydrogen-music.org)
IL Download Manager (x32 Version:  - Image-Line)
ImgBurn (x32 Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Management Engine Components (x32 Version: 9.0.0.1323 - Intel Corporation)
Intel® Processor Graphics (x32 Version: 10.18.10.3308 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 3.1.1309.0390 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.66956 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
LAME v3.99.3 (for Windows) (x32 Version:  - )
Line 6 Uninstaller (x32 Version:  - Line 6)
LMMS 0.4.15 (x32 Version: 0.4.15 - LMMS Developers)
Macromedia Extension Manager (x32 Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash 8 (x32 Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (x32 Version: 1.00.0000 - Macromedia)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Multimedia Fusion Developer 2 (x32 Version:  - )
Multimedia Fusion Developer 2 Extension Pack (HKCU Version:  - )
MyBitCast 2.0 (x32 Version: 2.0 - ASUS)
NewBlue Video Essentials for PowerDirector (Version: 3.0 - NewBlue)
NewBlue Video Essentials II for PowerDirector (Version: 3.0 - NewBlue)
NewBlue Video Essentials III for PowerDirector (Version: 3.0 - NewBlue)
NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.7.1 (Version: 1.7.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA Update 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9 - NVIDIA Corporation)
Paint XP version 1.2 (x32 Version: 1.2 - MSPAINTXP.COM)
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PRE12 STI 64Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.230 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (x32 Version: 10.0 - Qualcomm Atheros)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Racket v5.93 (x86_64) (x32 Version: 5.93 - PLT Design Inc.)
Realtek Ethernet Controller Driver (x32 Version: 8.21.909.2013 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 1.6.53 - NVIDIA Corporation) Hidden
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Premiere Elements 10 x64 Plugin (Version: 5.70.0001 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1 - SmartSound Software Inc.) Hidden
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
Swivel (x32 Version: 1.11 - Newgrounds.com, Inc.)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Trelby (x32 Version: 2.2.0.0 - Trelby.org)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
WildTangent Games (x32 Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse  (10/31/2013 1.0.0.191) (Version: 10/31/2013 1.0.0.191 - ASUS)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (x32 Version: 2.42.0 - ASUS)
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
 
==================== Restore Points  =========================
 
26-01-2014 00:27:48 Scheduled Checkpoint
03-02-2014 21:03:13 Scheduled Checkpoint
05-02-2014 18:52:57 Windows Modules Installer
12-02-2014 19:31:41 Scheduled Checkpoint
13-02-2014 20:27:15 Installed Java 7 Update 51
 
==================== Hosts content: ==========================
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1190592B-97C5-4427-8E10-68AF847866D5} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-06-05] (ASUSTek Computer Inc.)
Task: {1A173549-0953-48DA-A640-9BED9E501AFE} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2625AAB6-C87E-47F5-BFC6-195F4B1DC420} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-05] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {34A79316-3A62-4EB7-B322-7B140EEFFF2A} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {37960957-AFF3-4CF3-8837-AC09E9E93AC4} - System32\Tasks\{6779218E-A9F4-4CA1-9CC3-87237EB923C1} => Chrome.exe http://ui.skype.com/ui/0/6.11.0.102/en/abandoninstall?source=lightinstaller&amp;page=tsMain
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D44DD5A-89B5-4311-B5A7-79169988117D} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-06-03] (ASUS)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6496993F-2EA9-44AD-AE60-334A832CB610} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-06-19] (ASUS)
Task: {64DF5929-0AEC-4CA6-828A-ABCA192347C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-05] (Google Inc.)
Task: {6637E024-0D12-4F59-ABDA-C7FF1F985DBE} - System32\Tasks\AdobeAAMUpdater-1.0-JoeyLaptop-Joseph => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A167D59F-EFD2-4036-A4A7-032D3A843893} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-11-08] (AsusTek)
Task: {CA388186-EF53-4D1A-BD9F-00A26F10AF06} - System32\Tasks\ASUS Console => C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe [2013-07-09] (ASUSTek Computer Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FE8E78DF-AA17-41ED-A130-4B757DCD3DEE} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-06-03] (ASUSTeK Computer Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-06-19 22:49 - 2013-06-19 22:49 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-06-28 08:02 - 2013-06-28 08:02 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-06-28 08:00 - 2013-06-28 08:00 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-06-28 08:07 - 2013-06-28 08:07 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-12-05 00:43 - 2014-01-16 14:10 - 00603648 _____ () C:\Users\Joseph\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-02-13 15:19 - 2014-02-13 15:19 - 00307200 _____ () C:\WINDOWS\TEMP\mrt1AEA.tmp\MMFS2.dll
2014-02-13 15:19 - 2014-02-13 15:19 - 00012800 _____ () C:\WINDOWS\TEMP\mrt1AEA.tmp\Get.mfx
2014-02-13 15:19 - 2014-02-13 15:19 - 00059392 _____ () C:\WINDOWS\TEMP\mrt1AEA.tmp\Yaso.mfx
2013-04-29 16:17 - 2013-04-29 16:17 - 00587264 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-08-25 17:36 - 2009-04-17 05:01 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-12-05 00:43 - 2014-01-16 14:10 - 36967424 _____ () C:\Users\Joseph\AppData\Roaming\Spotify\Data\libcef.dll
2013-12-10 20:16 - 2013-11-14 06:58 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-12-05 00:43 - 2014-01-16 14:10 - 00887808 _____ () C:\Users\Joseph\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-12-05 00:43 - 2014-01-16 14:10 - 00109568 _____ () C:\Users\Joseph\AppData\Roaming\Spotify\Data\libegl.dll
2014-02-13 15:20 - 2014-02-13 15:20 - 00098816 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\win32api.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00110080 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\pywintypes27.dll
2014-02-13 15:20 - 2014-02-13 15:20 - 00364544 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\pythoncom27.dll
2014-02-13 15:20 - 2014-02-13 15:20 - 00044032 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\_socket.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 01153024 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\_ssl.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00320512 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\win32com.shell.shell.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00711680 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\_hashlib.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 01175040 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\wx._core_.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00805888 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\wx._gdi_.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00811008 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\wx._windows_.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 01062400 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\wx._controls_.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00735232 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\wx._misc_.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00128512 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\_elementtree.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00127488 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\pyexpat.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00557056 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\pysqlite2._sqlite.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00087040 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\_ctypes.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00119808 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\win32file.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00108544 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\win32security.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00018432 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\win32event.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00038912 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\win32inet.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00122368 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\wx._wizard.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00026624 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\_multiprocessing.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00070656 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\wx._html2.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00010240 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\select.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00686080 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\unicodedata.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00025600 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\win32pdh.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00521680 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\windows._lib_cacheinvalidation.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00011264 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\win32crypt.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00024064 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\win32pipe.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00035840 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\win32process.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00017408 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\win32profile.pyd
2014-02-13 15:20 - 2014-02-13 15:20 - 00022528 _____ () C:\Users\Joseph\AppData\Local\Temp\_MEI56842\win32ts.pyd
2013-10-18 18:55 - 2013-10-18 18:55 - 25100288 _____ () C:\Users\Joseph\AppData\Roaming\Dropbox\bin\libcef.dll
2013-08-25 17:14 - 2013-05-15 21:08 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-02-04 14:41 - 2014-02-01 18:41 - 00715592 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-04 14:41 - 2014-02-01 18:41 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
2014-02-04 14:41 - 2014-02-01 18:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-04 14:41 - 2014-02-01 18:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-04 14:41 - 2014-02-01 18:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/13/2014 03:27:54 PM) (Source: MsiInstaller) (User: JoeyLaptop)
Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'
 
Error: (02/13/2014 03:27:14 PM) (Source: MsiInstaller) (User: JoeyLaptop)
Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'
 
Error: (02/13/2014 03:27:07 PM) (Source: MsiInstaller) (User: JoeyLaptop)
Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'
 
Error: (02/13/2014 03:20:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: USBChargerPlus.exe, version: 3.1.3.1, time stamp: 0x51af834b
Faulting module name: USBChargerPlus.exe, version: 3.1.3.1, time stamp: 0x51af834b
Exception code: 0xc000041d
Fault offset: 0x000011a5
Faulting process id: 0x3fc
Faulting application start time: 0xUSBChargerPlus.exe0
Faulting application path: USBChargerPlus.exe1
Faulting module path: USBChargerPlus.exe2
Report Id: USBChargerPlus.exe3
Faulting package full name: USBChargerPlus.exe4
Faulting package-relative application ID: USBChargerPlus.exe5
 
Error: (02/13/2014 03:19:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: USBChargerPlus.exe, version: 3.1.3.1, time stamp: 0x51af834b
Faulting module name: USBChargerPlus.exe, version: 3.1.3.1, time stamp: 0x51af834b
Exception code: 0xc0000005
Fault offset: 0x000011a5
Faulting process id: 0x3fc
Faulting application start time: 0xUSBChargerPlus.exe0
Faulting application path: USBChargerPlus.exe1
Faulting module path: USBChargerPlus.exe2
Report Id: USBChargerPlus.exe3
Faulting package full name: USBChargerPlus.exe4
Faulting package-relative application ID: USBChargerPlus.exe5
 
Error: (02/13/2014 03:19:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/13/2014 03:12:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/13/2014 03:11:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/13/2014 03:11:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/13/2014 03:09:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (02/13/2014 04:25:51 PM) (Source: DCOM) (User: JoeyLaptop)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (02/13/2014 03:22:37 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/13/2014 03:20:09 PM) (Source: DCOM) (User: JoeyLaptop)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}JoeyLaptopJosephS-1-5-21-3179185097-1399537554-2468577210-1003LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/13/2014 03:20:09 PM) (Source: DCOM) (User: JoeyLaptop)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}JoeyLaptopJosephS-1-5-21-3179185097-1399537554-2468577210-1003LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/13/2014 03:20:09 PM) (Source: DCOM) (User: JoeyLaptop)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}JoeyLaptopJosephS-1-5-21-3179185097-1399537554-2468577210-1003LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/13/2014 03:20:09 PM) (Source: DCOM) (User: JoeyLaptop)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}JoeyLaptopJosephS-1-5-21-3179185097-1399537554-2468577210-1003LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/13/2014 03:20:09 PM) (Source: DCOM) (User: JoeyLaptop)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}JoeyLaptopJosephS-1-5-21-3179185097-1399537554-2468577210-1003LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/13/2014 03:20:09 PM) (Source: DCOM) (User: JoeyLaptop)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}JoeyLaptopJosephS-1-5-21-3179185097-1399537554-2468577210-1003LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/13/2014 03:20:09 PM) (Source: DCOM) (User: JoeyLaptop)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}JoeyLaptopJosephS-1-5-21-3179185097-1399537554-2468577210-1003LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/13/2014 03:20:09 PM) (Source: DCOM) (User: JoeyLaptop)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}JoeyLaptopJosephS-1-5-21-3179185097-1399537554-2468577210-1003LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (02/13/2014 03:27:54 PM) (Source: MsiInstaller)(User: JoeyLaptop)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
 
Error: (02/13/2014 03:27:14 PM) (Source: MsiInstaller)(User: JoeyLaptop)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
 
Error: (02/13/2014 03:27:07 PM) (Source: MsiInstaller)(User: JoeyLaptop)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
 
Error: (02/13/2014 03:20:12 PM) (Source: Application Error)(User: )
Description: USBChargerPlus.exe3.1.3.151af834bUSBChargerPlus.exe3.1.3.151af834bc000041d000011a53fc01cf28f8ed691d13C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exeC:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe3d505e8d-94ec-11e3-beb4-b4b676f7550c
 
Error: (02/13/2014 03:19:59 PM) (Source: Application Error)(User: )
Description: USBChargerPlus.exe3.1.3.151af834bUSBChargerPlus.exe3.1.3.151af834bc0000005000011a53fc01cf28f8ed691d13C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exeC:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe35eefeec-94ec-11e3-beb4-b4b676f7550c
 
Error: (02/13/2014 03:19:00 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0"C:\WINDOWS\system32\L6DriverControlPanel.cpl
 
Error: (02/13/2014 03:12:22 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0"C:\WINDOWS\system32\L6DriverControlPanel.cpl
 
Error: (02/13/2014 03:11:42 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0"C:\WINDOWS\system32\L6DriverControlPanel.cpl
 
Error: (02/13/2014 03:11:42 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0"C:\WINDOWS\system32\L6DriverControlPanel.cpl
 
Error: (02/13/2014 03:09:36 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0"C:\WINDOWS\system32\L6DriverControlPanel.cpl
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-02-04 14:38:39.687
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-04 14:38:39.675
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-04 14:38:38.922
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-04 14:38:38.836
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-03 14:23:35.276
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-03 14:23:34.064
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-03 14:22:51.476
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-03 14:22:51.324
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-01 15:11:46.494
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-01 15:11:46.483
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 37%
Total physical RAM: 8075.25 MB
Available physical RAM: 5084.75 MB
Total Pagefile: 16267.25 MB
Available Pagefile: 13154.92 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:276.95 GB) (Free:136.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:400.23 GB) (Free:364.91 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 2CBBAE4F)
 
Partition: GPT Partition Type
==================== End Of Log ============================


#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:08 PM

Posted 13 February 2014 - 05:04 PM

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Search button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Search.txt). Please post it to your reply.

 

 

Attached File  fixlist.txt   9bytes   1 downloads


Edited by fireman4it, 13 February 2014 - 05:06 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 Jalopes

Jalopes
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:08 PM

Posted 13 February 2014 - 05:15 PM

Pressing the search button gave me a message saying I didn't input a search term, so it didn't give me any results. I assumed I had to give it "fixlist.txt", so I did, and this was the result:

 

Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by Joseph at 2014-02-13 17:13:14
Running from C:\Users\Joseph\Desktop
Boot Mode: Normal
 
================== Search: "fixlist.txt" ===================
 
C:\Users\Joseph\Desktop\fixlist.txt
[2014-02-13 17:11] - [2014-02-13 17:11] - 0000009 ____A () 579F7ECA3F7FB952CC1C874F7601EF20
 
====== End Of Search ======


#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:08 PM

Posted 13 February 2014 - 05:27 PM

Please copy and paste the following into the Search box on FRST then click Search

 

rpcss.dll

 

It should produce a Search.txt on your desktop


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 Jalopes

Jalopes
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:08 PM

Posted 13 February 2014 - 05:28 PM

Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by Joseph at 2014-02-13 17:28:21
Running from C:\Users\Joseph\Desktop
Boot Mode: Normal
 
================== Search: "rpcss.dll" ===================
 
C:\Windows\WinSxS\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.3.9600.16384_none_5a893c0711d704b0\rpcss.dll
[2013-08-22 04:50] - [2013-08-22 04:50] - 0761344 ____A (Microsoft Corporation) 3FD5AE42EC87C6F532A931F96BE731DD
 
C:\Windows\System32\rpcss.dll
[2013-08-22 04:50] - [2013-08-22 04:50] - 0761344 ____A (Microsoft Corporation) 3FD5AE42EC87C6F532A931F96BE731DD
 
====== End Of Search ======


#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:08 PM

Posted 13 February 2014 - 09:16 PM

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

Attached File  fixlist.txt   163bytes   1 downloads

 

 

How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 Jalopes

Jalopes
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:08 PM

Posted 13 February 2014 - 10:02 PM

It definitely did something - when I look at the mixer now, I see another thing there that has the Google Chrome icon (my default browser) called "'Name not available' progr...". The initial "Name Not Available" thing is still there playing ads.

 

EDIT: Ha. Scratch that above thing - that was just Chrome on this topic. Derp, my bad. Name Not Available is still there, so as far as I know, there's been no change.

 

Here's the report:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-02-2014 01
Ran by Joseph at 2014-02-13 21:59:19 Run:1
Running from C:\Users\Joseph\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Replace: C:\Windows\WinSxS\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.3.9600.16384_none_5a893c0711d704b0\rpcss.dll C:\Windows\System32\rpcss.dll
*****************
 
C:\Windows\System32\rpcss.dll => Moved successfully.
C:\Windows\WinSxS\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.3.9600.16384_none_5a893c0711d704b0\rpcss.dll copied successfully to C:\Windows\System32\rpcss.dll
 
==== End of Fixlog ====

Edited by Jalopes, 13 February 2014 - 10:11 PM.


#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:08 PM

Posted 14 February 2014 - 01:24 AM

Is the computer still attached to the tv? There is still music playing or ads in the back ground?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 Jalopes

Jalopes
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:08 PM

Posted 14 February 2014 - 03:00 AM

The computer is no longer attached to the TV, it happens regardless of what display I'm using. Music/ads are still playing.



#12 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:08 PM

Posted 14 February 2014 - 11:03 AM

1.

Download 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.

  • Extract the ZIP archive and double-click "mbar.exe" to start the tool.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"

[/*]

 

 

 

2.

  •    
  • Download RogueKiller on the desktop
       
  • Close all the running processes
       
  • Under Vista/Seven, right click -> Run as Administrator
       
  • Otherwise just double-click on RogueKiller.exe
       
  • When prompted, Click Scan 
       
  • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
       
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#13 Jalopes

Jalopes
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:08 PM

Posted 14 February 2014 - 12:42 PM

After running RogueKiller, it found a couple of results, so I used the program to delete them. Following that the Name Not Available object in the mixer is no longer there, so I'm not hearing any ads.

 

Here are the reports:

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
 
Database version: v2014.02.14.06
 
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16518
Joseph :: JOEYLAPTOP [administrator]
 
2/14/2014 12:00:30 PM
mbar-log-2014-02-14 (12-00-30).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 291840
Time elapsed: 19 minute(s), 52 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.2.9200 Windows 8 x64
 
Account is Administrative
 
Internet Explorer version: 11.0.9600.16518
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 8467513344, free: 4791013376
 
Downloaded database version: v2014.02.14.06
Downloaded database version: v2013.12.18.01
=======================================
------------ Kernel report ------------
     02/14/2014 12:00:26
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\WdFilter.sys
\SystemRoot\System32\drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\AiCharger.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\NETwsw00.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\AsusTP.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\AsHIDSwitch64.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\Drivers\RtsUVStor.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\iBtFltCoex.sys
\SystemRoot\system32\DRIVERS\btmhsf.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\drivers\xusb22.sys
\SystemRoot\System32\drivers\btath_rcp.sys
\SystemRoot\System32\drivers\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
\SystemRoot\system32\DRIVERS\btmaux.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\??\C:\Program Files\ASUS\P4G\plctrl.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\Drivers\WdNisDrv.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffe0000235c060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000036\
Lower Device Object: 0xffffe000001dc460
Lower Device Driver Name: \Driver\iaStorA\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe0000235c060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe0000235cb20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe0000235c060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe00000fcd040, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffe000001dc460, DeviceName: \Device\00000036\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Read File: File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthenum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BthLEEnum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BthLEEnum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthpan.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BTHUSB.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BTHUSB.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\USBAUDIO.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBAUDIO.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbvideo.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\HdAudio.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\WSDPrint.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\WSDPrint.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rfcomm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 2CBBAE4F
 
GPT Protective MBR Partition information:
 
    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 1465149167
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
GPT Partition information:
 
    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 3059631465
    GPT Header CurrentLba = 1 BackupLba 1465149167
    GPT Header FirstUsableLba 34  LastUsableLba 1465149134
    GPT Header Guid 667f51e6-708f-48fa-aef0-93a8cff167d8
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128
 
    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 3059631465
    Backup GPT header CurrentLba = 1465149167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 1465149134
    Backup GPT header Guid 667f51e6-708f-48fa-aef0-93a8cff167d8
    Backup GPT header Contains 128 partition entries starting at LBA 1465149135
    Backup GPT header Partition entry size = 128
 
    Partition 0 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 4e5ef99b-a5c3-4b69-b435-5e3247cae2b
    FirstLBA 34  Last LBA 262177
    Attributes 0
    Partition Name                                     
 
    Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID 45a5fc10-7c67-4a8e-8547-9985834a50e0
    FirstLBA 264192  Last LBA 468991
    Attributes 0
    Partition Name                                     
 
    GPT Partition 1 is bootable
    Partition 2 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID c93594f0-82ac-4fcb-85bf-e91c87912761
    FirstLBA 468992  Last LBA 2312191
    Attributes 0
    Partition Name                                     
 
    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 826dc6cd-f928-4a04-a63f-fd658f43fa5d
    FirstLBA 2312192  Last LBA 583116799
    Attributes 0
    Partition Name                                     
 
    Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID f7998851-662-4a78-82bd-7b78312d835
    FirstLBA 583116800  Last LBA 583833599
    Attributes 1
    Partition Name                                     
 
    Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 9a0284d8-4fda-497d-91b-4bbb3c9af7f7
    FirstLBA 583833600  Last LBA 1423181823
    Attributes 0
    Partition Name                                     
 
    Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 86598fa1-19e1-4ee4-9dab-b1234e5227b8
    FirstLBA 1423181824  Last LBA 1465147391
    Attributes 0
    Partition Name                                     
 
Disk Size: 750156374016 bytes
Sector size: 512 bytes
 
Done!
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 
 
RogueKiller V8.8.7 _x64_ [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Joseph [Admin rights]
Mode : Scan -- Date : 02/14/2014 12:36:50
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] stdrt.exe -- C:\Windows\Temp\mrt1C80.tmp\stdrt.exe [-] -> KILLED [TermProc]
 
¤¤¤ Registry Entries : 6 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST750LX003-1AC154 +++++
--- User ---
[MBR] cf4fa25213fb0aa767bd20c2ff6a2aa1
[BSP] e3e22714290cca1117f5ec440301ae07 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 715404 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_02142014_123650.txt >>
 
 
 
RogueKiller V8.8.7 _x64_ [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Joseph [Admin rights]
Mode : Remove -- Date : 02/14/2014 12:37:11
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] stdrt.exe -- C:\Windows\Temp\mrt1C80.tmp\stdrt.exe [-] -> KILLED [TermProc]
 
¤¤¤ Registry Entries : 6 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST750LX003-1AC154 +++++
--- User ---
[MBR] cf4fa25213fb0aa767bd20c2ff6a2aa1
[BSP] e3e22714290cca1117f5ec440301ae07 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 715404 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_D_02142014_123711.txt >>
RKreport[0]_S_02142014_123650.txt
 
 
 


#14 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:08 PM

Posted 14 February 2014 - 01:11 PM

Do a couple of restarts and see if the music comes back if not let me know we will get our tools cleanedd up and let you on your way.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#15 Jalopes

Jalopes
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:08 PM

Posted 14 February 2014 - 01:15 PM

It came back on the first restart: http://gyazo.com/dcf3303333d08570fb3a8c23b2369734.png

 

So looks like I'm back at square one....






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users