Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Server Busy error.


  • This topic is locked This topic is locked
82 replies to this topic

#1 JAFA5586

JAFA5586

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 13 October 2014 - 10:35 PM

System specs:
 
CPU: i7-4700HQ 2.4 Ghz
OS: Windows 8.1 64 bit
RAM: 2 x 8G DDR3
A/V: Norton Internet Security
 
 
Problem:
The classic Server Busy pop up box appears. Cancel is greyed out. Switch to brings me to the start menu with no recourse. Retry closes the box for it to reappear instantly. 
 
I've got no problems if I run my pc in safe mode. 
 
I've got a weird laptop build in that, once I get the server busy box, I have to wait until my battery drains in order to reset. Hard resetting doesn't work. 
 
My laptop sometimes hangs on the shutdown screen too.
 
What I've already done:
 
Used system restore - to reload where my machine was a couple of days ago. 
 
Used Roguekiller  (see attached files)
 
Used Hijackthis. (see attached files)
 
Used AdwCleaner (see attached files)
 
Used JRT (see attached files)
 
-----------------------------------------------------------------------------------------------------------------------------
 
I'd really like to know what to do next. If this problem keeps persisting I'm getting to the point where I'll just backup all my files and reformat.

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 1:35:40 PM, on 14/10/2014
Platform: Unknown Windows (WinNT 6.03.1408)
MSIE: Internet Explorer v11.0 (11.00.9600.17278)


Boot mode: Safe mode with network support

Running processes:
D:\DaemonToolsPro\DAEMON Tools Pro\DTShellHlp.exe
C:\Users\Hieu\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://localoem.msn.com/?pc=SBJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3319597&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPF984B980-89C7-41B3-8537-0716A15204FC&SSPV=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [SmartUpdate] C:\Program Files\GIGABYTE\Smart Update\urgent.exe
O4 - HKLM\..\RunOnce: [SwPwrBtn] C:\Program Files\GIGABYTE\Smart Switch\run.bat
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\DaemonToolsPro\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_BB026D5C2D06291261B0358E86F721D2] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: Dropbox.lnk = Hieu\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: GBOSDV3.lnk = C:\Program Files\GIGABYTE\SmartManagerV3\OSD\GBOSDV2.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: GIGABYTE SM Service (ElevateService) - Unknown owner - C:\Program Files\GIGABYTE\SmartManagerV3\ElevateService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel® Wireless Bluetooth® 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update_Service - GIGABYTE - C:\Program Files\GIGABYTE\Smart Update\Update_Service.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11440 bytes

# AdwCleaner v4.000 - Report created 14/10/2014 at 13:39:11
# Updated 12/10/2014 by Xplode
# Database :
# Operating System : Windows 8.1 (64 bits)
# Username : Hieu - TIGERSIX
# Running from : C:\Users\Hieu\Desktop\adwcleaner_4.000.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\Hieu\AppData\Local\Temp\Uninstall.exe
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
Folder Found : C:\ProgramData\Uniblue
Folder Found : C:\ProgramData\Uniblue\DriverScanner
Folder Found : C:\Users\Hieu\AppData\Local\apn
Folder Found : C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
Folder Found : C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Folder Found : C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Folder Found : C:\Users\Hieu\Documents\Optimizer Pro

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\eSupport.com
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\eSupport.com
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17278

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com/?ctid=CT3319597&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPF984B980-89C7-41B3-8537-0716A15204FC&SSPV=

-\\ Google Chrome v38.0.2125.101

Found [Search Provider] : hxxp://www.supercheapauto.com.au/search-results.aspx?keywords={searchTerms}&look.x=0&look.y=0

*************************

AdwCleaner[R0].txt - [3776 octets] - [14/10/2014 13:39:11]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3836 octets] ##########

RogueKiller V10.0.1.0 (x64) [Oct 10 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9600 ) 64 bits version
Started in : Safe mode with network support
User : Hieu [Administrator]
Mode : Delete -- Date : 10/14/2014 14:28:25

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 4 ¤¤¤
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 1 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 activate.adobe.com

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000035f]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MQ01ABD100 +++++
--- User ---
[MBR] 2c84f8842ba3fa6504ff458de88d6f90
[BSP] 55ddb411cff3f0224f58ff05cbad385f : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: LITEONIT LMT-256M6M OPAL +++++
--- User ---
[MBR] 8572b112922a555fc8de4da911fc8ea9
[BSP] c6ec570f6081b280bbe88b130b8e9b68 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_10142014_125531.log - RKreport_SCN_10142014_125447.log - RKreport_SCN_10142014_142742.log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.2 (10.09.2014:1)
OS: Windows 8.1 x64
Ran by Hieu on Tue 14/10/2014 at 13:42:31.35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\WINDOWS\Tasks\RtlLanOptimizerVistaStart.job



~~~ Folders

Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Hieu\appdata\local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 14/10/2014 at 13:43:12.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Attached Files


Edited by Oh My!, 26 October 2014 - 02:08 PM.
Posted logs


BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:35 AM

Posted 18 October 2014 - 10:40 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/551881 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 JAFA5586

JAFA5586
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 23 October 2014 - 09:10 AM

I can't run DDS.com.

 

As stated in my OP

 

CPU: i7-4700HQ 2.4 Ghz

OS: Windows 8.1 64 bit

RAM: 2 x 8G DDR3

A/V: Norton Internet Security

 

In event viewer I got an error 10005 from DCOM - it was trying to activate WSearch.

 

I've downloaded and run Malwarebytes. 



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:35 PM

Posted 26 October 2014 - 02:06 PM

Greetings JAFA5586 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop <<< Important
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 JAFA5586

JAFA5586
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 27 October 2014 - 12:47 AM

Gary

 

Please find the Fastbar contents below and the system summary attached.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2014
Ran by Hieu (administrator) on TIGERSIX on 27-10-2014 16:30:06
Running from C:\Users\Hieu\Desktop
Loaded Profile: Hieu (Available profiles: Hieu)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(DT Soft Ltd) D:\DaemonToolsPro\DAEMON Tools Pro\DTShellHlp.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-23] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-05-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2014-05-08] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4876528 2014-01-17] (Intel® Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\RunOnce: [SmartUpdate] => C:\Program Files\GIGABYTE\Smart Update\urgent.exe [344064 2014-07-08] (GIGABYTE)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2360196803-1004120692-2307574895-1003\...\Run: [DAEMON Tools Pro Agent] => D:\DaemonToolsPro\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-2360196803-1004120692-2307574895-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2360196803-1004120692-2307574895-1003\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-07] (Samsung)
HKU\S-1-5-21-2360196803-1004120692-2307574895-1003\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2360196803-1004120692-2307574895-1003\...\Run: [GoogleChromeAutoLaunch_BB026D5C2D06291261B0358E86F721D2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-01] (Google Inc.)
HKU\S-1-5-21-2360196803-1004120692-2307574895-1003\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S1].txt [1390 2014-10-24] ()
HKU\S-1-5-21-2360196803-1004120692-2307574895-1003\...\MountPoints2: {b765f1c3-0c89-11e4-bf9b-94de80a17482} - "F:\LaunchU3.exe" -a
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-05] (NVIDIA Corporation)
AppInit_DLLs:  ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174296 2014-03-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148016 2014-03-05] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GBOSDV3.lnk
ShortcutTarget: GBOSDV3.lnk -> C:\Program Files\GIGABYTE\SmartManagerV3\OSD\GBOSDV2.exe (GIGABYTE TECHNOLOGY CO., LTD.)
Startup: C:\Users\Hieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hieu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://localoem.msn.com/?pc=SBJB
SearchScopes: HKLM - {F9C1EE8B-5968-43F7-A03C-5EF0B726B3D2} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=SBJB;
SearchScopes: HKLM-x32 - {F9C1EE8B-5968-43F7-A03C-5EF0B726B3D2} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=SBJB;
SearchScopes: HKCU - {A838B467-E37A-404E-9ABF-5F70E349DC90} URL = http://www.bing.com/search?q={searchTerms}&amp;form=IE11TR&amp;src=IE11TR&amp;pc=SBJB;
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> D:\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> D:\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Hieu\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2014-02-22]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2014-10-23]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3319597&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPF984B980-89C7-41B3-8537-0716A15204FC&SSPV=
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3319597&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPF984B980-89C7-41B3-8537-0716A15204FC&SSPV="
CHR Profile: C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-02-22]
CHR Extension: (Google Docs) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-22]
CHR Extension: (One Click Google Hangout) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aokjakdncnbbfhhammcdkbblmcglpobn [2014-09-18]
CHR Extension: (Google Drive) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-22]
CHR Extension: (Sad Panda) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2014-04-10]
CHR Extension: (Adblock Plus) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-04]
CHR Extension: (Google Search) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-22]
CHR Extension: (The Price Geek) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\definofoeccggpjeifncfpnpneheolob [2014-02-22]
CHR Extension: (Google Calendar) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-09-03]
CHR Extension: (Google Sheets) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-08-26]
CHR Extension: (Readium) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl [2014-02-22]
CHR Extension: (EditThisCookie) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2014-02-22]
CHR Extension: (Hola Better Internet) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-10-25]
CHR Extension: (File Search Engine (by FileDiva)) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjkinckdmleladaolhpagacjbkjfgfce [2014-02-22]
CHR Extension: (Norton Identity Safe) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-12]
CHR Extension: (Two-Click JDownloader) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljhooappahaeilmbekgcokgjjplambgo [2014-02-22]
CHR Extension: (Poppit!) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-02-22]
CHR Extension: (Norton Identity Safe) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\njgpiocdhdmnglomggfjkkonjjfahnom [2014-04-29]
CHR Extension: (Google Wallet) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-22]
CHR Extension: (Gmail) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-22]
CHR Profile: C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-07-15]
CHR Extension: (Google Docs) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-15]
CHR Extension: (Google Drive) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-15]
CHR Extension: (Google Cast) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-08-08]
CHR Extension: (Google Search) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-15]
CHR Extension: (Drive Template Gallery) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\edccfahmoapjmcaahncgcekjodejmhkg [2014-07-15]
CHR Extension: (Google+ Photos) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efjnaogkjbogokcnohkmnjdojkikgobo [2014-08-08]
CHR Extension: (Gmail Offline) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-07-15]
CHR Extension: (Google Calendar) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-07-15]
CHR Extension: (Harvest Time Tracker) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fbpiglieekigmkeebmeohkelfpjjlaia [2014-08-08]
CHR Extension: (Google Sheets) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-07-15]
CHR Extension: (Save to Google Drive) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-07-15]
CHR Extension: (Google Keep – notes and lists) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-07-15]
CHR Extension: (Pixlr Editor) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2014-07-15]
CHR Extension: (Norton Identity Safe) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-12]
CHR Extension: (Google Maps) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-08-08]
CHR Extension: (Hangouts) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-07-15]
CHR Extension: (Google Wallet) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-15]
CHR Extension: (Trello) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oflhioojkbelepjlnafgmgkkjhojphcg [2014-07-15]
CHR Extension: (Gmail) - C:\Users\Hieu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-15]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 ElevateService; C:\Program Files\GIGABYTE\SmartManagerV3\ElevateService.exe [19456 2014-01-24] () [File not signed]
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-23] (Intel Corporation)
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-17] (Intel Corporation)
S4 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S4 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
S4 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
S4 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [161736 2013-04-16] (Intel Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-05-01] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-05-01] (NVIDIA Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 Update_Service; C:\Program Files\GIGABYTE\Smart Update\Update_Service.exe [136704 2014-07-08] (GIGABYTE) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ACPIGBT; C:\Windows\System32\drivers\ACPIGBT.sys [17408 2013-07-04] (Gigabyte United Inc.) [File not signed]
S1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20141016.001\BHDrvx64.sys [1587416 2014-10-04] (Symantec Corporation)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1366328 2013-03-29] (Motorola Solutions, Inc.)
S1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2014-02-25] (DT Soft Ltd)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
S1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20141022.002\IDSvia64.sys [633560 2014-10-10] (Symantec Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20141022.017\ENG64.SYS [129752 2014-10-13] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20141022.017\EX64.SYS [2137304 2014-10-13] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3349984 2014-02-25] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-04-01] (NVIDIA Corporation)
S3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1506000.020\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-22] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-07] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2014-10-14] ()
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-27 16:30 - 2014-10-27 16:30 - 00024953 _____ () C:\Users\Hieu\Desktop\FRST.txt
2014-10-27 16:29 - 2014-10-27 16:30 - 00000000 ____D () C:\FRST
2014-10-27 14:18 - 2014-10-27 14:18 - 02113024 _____ (Farbar) C:\Users\Hieu\Desktop\FRST64.exe
2014-10-27 01:18 - 2014-10-27 01:18 - 01130955 _____ () C:\Users\Hieu\Downloads\Extract-The-Fall-of-Altdorf.mobi
2014-10-26 23:07 - 2014-10-26 23:07 - 00000000 ____D () C:\Users\Hieu\Documents\My Digital Editions
2014-10-26 02:30 - 2014-10-26 02:47 - 66404405 _____ () C:\Users\Hieu\Downloads\[クリーミートリップス] アーツオブブラック ~魔女の箱庭~.zip
2014-10-24 00:57 - 2014-10-24 00:58 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-24 00:57 - 2014-10-24 00:57 - 00001127 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-24 00:57 - 2014-10-24 00:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-24 00:57 - 2014-10-24 00:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-24 00:57 - 2014-10-24 00:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-24 00:57 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-24 00:57 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-24 00:57 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-24 00:48 - 2014-10-24 00:49 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Hieu\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-24 00:47 - 2014-10-24 00:47 - 00000777 _____ () C:\Users\Hieu\Desktop\JRT.txt
2014-10-24 00:46 - 2014-10-22 05:25 - 01706144 _____ (Thisisu) C:\Users\Hieu\Desktop\JRT_NEW.exe
2014-10-24 00:38 - 2014-10-24 00:38 - 01962496 _____ () C:\Users\Hieu\Desktop\adwcleaner_4.001.exe
2014-10-23 19:48 - 2014-10-23 19:49 - 00688992 _____ (Swearware) C:\Users\Hieu\Downloads\dds.com
2014-10-15 04:38 - 2014-10-15 04:38 - 00000000 ____D () C:\Users\Hieu\Documents\BitLord
2014-10-14 13:42 - 2014-10-14 13:42 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-14 13:39 - 2014-10-24 00:45 - 00000000 ____D () C:\AdwCleaner
2014-10-14 13:37 - 2014-10-14 13:38 - 00000000 ____D () C:\Users\Hieu\Desktop\backups
2014-10-14 13:35 - 2014-10-14 13:35 - 00011442 _____ () C:\Users\Hieu\Desktop\hijackthis.log
2014-10-14 12:39 - 2014-10-14 14:25 - 00037624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-10-14 12:39 - 2014-10-14 12:39 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-10-14 12:36 - 2014-10-14 12:37 - 18495064 _____ () C:\Users\Hieu\Desktop\RogueKillerX64.exe
2014-10-14 12:24 - 2014-10-14 12:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\Hieu\Desktop\HijackThis.exe
2014-10-13 23:41 - 2014-10-13 23:41 - 00665360 _____ () C:\WINDOWS\Minidump\101314-7546-01.dmp
2014-10-13 02:56 - 2014-10-13 02:56 - 00000000 ____D () C:\Users\Hieu\Desktop\Quest for Infamy
2014-10-12 20:48 - 2014-10-12 20:48 - 00000000 ____D () C:\Users\Hieu\AppData\Local\Setup Integrity Check
2014-10-11 22:38 - 2014-10-13 22:31 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2014-10-11 22:38 - 2014-10-11 22:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-10-11 18:41 - 2014-10-13 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Space Run
2014-10-11 12:05 - 2014-10-11 12:05 - 00000218 _____ () C:\Users\Hieu\AppData\Local\recently-used.xbel
2014-10-02 00:10 - 2014-10-13 22:31 - 00000000 ____D () C:\Users\Hieu\AppData\Roaming\Wasteland 2
2014-10-02 00:10 - 2014-10-13 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2014-09-30 13:47 - 2014-09-30 13:47 - 00000610 _____ () C:\Users\Public\Desktop\eSupport UndeletePlus.lnk
2014-09-29 01:35 - 2014-09-29 01:35 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-27 14:02 - 2013-11-14 18:28 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-27 07:02 - 2014-02-23 03:46 - 00000000 ____D () C:\Users\Hieu\AppData\Roaming\vlc
2014-10-26 23:07 - 2014-02-25 21:59 - 00000000 ____D () C:\Users\Hieu\AppData\Local\CrashDumps
2014-10-26 01:58 - 2014-02-22 17:11 - 00000000 ____D () C:\Users\Hieu\AppData\Roaming\BitLord
2014-10-24 04:48 - 2013-11-14 18:20 - 00137572 _____ () C:\WINDOWS\PFRO.log
2014-10-23 23:19 - 2014-07-15 13:00 - 00000000 ____D () C:\Users\Hieu\AppData\Roaming\Dropbox
2014-10-23 23:19 - 2014-04-07 18:10 - 00000000 ____D () C:\WINDOWS\pss
2014-10-23 23:19 - 2014-02-25 14:07 - 00000000 ____D () C:\Users\Hieu
2014-10-23 23:19 - 2013-08-23 01:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-23 23:18 - 2014-02-25 14:15 - 00000000 ___DO () C:\Users\Hieu\SkyDrive
2014-10-23 23:18 - 2014-02-23 16:49 - 00002902 _____ () C:\WINDOWS\System32\Tasks\AutoKMS
2014-10-23 23:18 - 2014-02-23 16:49 - 00000292 _____ () C:\WINDOWS\Tasks\AutoKMS.job
2014-10-23 23:18 - 2014-02-22 15:24 - 00002212 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-23 23:18 - 2014-02-22 15:23 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-23 23:18 - 2013-07-25 06:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-23 22:43 - 2014-02-22 15:23 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-23 19:48 - 2014-02-25 14:03 - 01146780 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-23 19:48 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-23 19:46 - 2014-02-22 15:05 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2360196803-1004120692-2307574895-1003
2014-10-23 19:42 - 2013-08-23 00:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-23 19:41 - 2014-03-06 21:11 - 00000000 ____D () C:\Users\Hieu\AppData\Local\Adobe
2014-10-23 19:22 - 2013-08-23 00:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-14 20:44 - 2013-08-23 01:46 - 00376907 _____ () C:\WINDOWS\setupact.log
2014-10-14 18:02 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-14 12:24 - 2014-02-22 13:51 - 00000000 ____D () C:\Users\Hieu\AppData\Local\VirtualStore
2014-10-14 02:29 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-10-13 23:41 - 2014-02-25 14:04 - 1014161886 _____ () C:\WINDOWS\MEMORY.DMP
2014-10-13 23:41 - 2014-02-25 14:04 - 00000000 ____D () C:\WINDOWS\Minidump
2014-10-13 22:31 - 2014-05-02 02:39 - 00000000 ____D () C:\House_Party
2014-10-13 22:31 - 2014-02-22 21:10 - 00000000 ____D () C:\ProgramData\DAEMON Tools Pro
2014-10-13 22:31 - 2014-02-22 17:45 - 00000000 ____D () C:\ProgramData\Norton
2014-10-13 22:31 - 2014-02-22 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-13 22:31 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\registration
2014-10-13 13:58 - 2014-03-07 18:36 - 00000000 ____D () C:\Users\Hieu\AppData\Roaming\NVIDIA
2014-10-13 05:07 - 2014-02-25 14:15 - 00140800 ___SH () C:\Users\Hieu\Desktop\Thumbs.db
2014-10-09 21:35 - 2014-02-26 00:47 - 00000000 ____D () C:\Users\Hieu\AppData\Roaming\CDisplayEx
2014-10-07 15:43 - 2014-02-25 15:18 - 00647680 ___SH () C:\Users\Hieu\Downloads\Thumbs.db
2014-10-03 03:04 - 2013-07-25 08:25 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-02 00:10 - 2013-07-25 11:14 - 00045453 _____ () C:\WINDOWS\DirectX.log
2014-10-01 22:31 - 2013-08-23 01:44 - 05207360 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-30 13:33 - 2014-02-22 13:50 - 00000000 ____D () C:\Users\Hieu\AppData\Local\Packages
2014-09-29 23:35 - 2014-02-28 18:20 - 00000000 ____D () C:\ProgramData\Army Builder
2014-09-29 23:21 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-29 23:11 - 2012-07-26 19:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-09-29 01:30 - 2014-02-22 17:49 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-09-29 01:30 - 2014-02-22 17:49 - 00002530 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-09-29 01:30 - 2014-02-22 17:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-09-29 01:30 - 2014-02-22 17:48 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-09-28 05:19 - 2012-07-26 18:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
 
Some content of TEMP:
====================
C:\Users\Hieu\AppData\Local\Temp\AskSLib.dll
C:\Users\Hieu\AppData\Local\Temp\CH.dll
C:\Users\Hieu\AppData\Local\Temp\CH2.dll
C:\Users\Hieu\AppData\Local\Temp\Copy.dll
C:\Users\Hieu\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpufr3pg.dll
C:\Users\Hieu\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Hieu\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Hieu\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Hieu\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Hieu\AppData\Local\Temp\nvStInst.exe
C:\Users\Hieu\AppData\Local\Temp\Quarantine.exe
C:\Users\Hieu\AppData\Local\Temp\sqlite3.dll
C:\Users\Hieu\AppData\Local\Temp\vlc-2.1.4-win64.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-09 12:49
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2014
Ran by Hieu at 2014-10-27 16:30:24
Running from C:\Users\Hieu\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
AmCap version 9.01 (HKLM-x32\...\{0F45BECF-4C85-4301-A8A4-D2E2AE2A2C08}_is1) (Version: 9.01 - Gigabyte, Inc.)
Army Builder 3.4 (HKLM-x32\...\{43867B63-C464-4570-823D-D92DC08E3400}_is1) (Version: 3.4 - Lone Wolf Development, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitLord 2.3 (HKLM-x32\...\BitLord) (Version: 2.3.2-254 - House of Life)
CDisplayEx 1.10.6 (HKLM\...\CDisplayEx_is1) (Version:  - cdisplayex.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dishonored (HKLM-x32\...\Dishonored_is1) (Version:  - Audioslave)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
DriverToolkit version 8.3.0.0 (HKLM-x32\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.3.0.0 - Megaify Software)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
EPSON PX710W Series Printer Uninstall (HKLM\...\EPSON PX710W Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON TX710W Series Printer Uninstall (HKLM\...\EPSON TX710W Series) (Version:  - SEIKO EPSON Corporation)
eSupport UndeletePlus 3.0.3.521 (HKLM-x32\...\eSupport UndeletePlus_is1) (Version:  - Copyright © 2011 eSupport.com • All Rights Reserved)
ETDWare PS/2-X64 11.14.3.1_WHQL (HKLM\...\Elantech) (Version: 11.14.3.1 - ELAN Microelectronic Corp.)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GIGABYTE Smart Recovery Generator 1.0.20130705 (HKLM-x32\...\GIGABYTE Smart Recovery Generator) (Version: 1.0.20130705 - GIGABYTE TECHNOLOGY CO.,LTD.)
GIGABYTE Voice Search 2.6.0 (HKLM-x32\...\GIGABYTE Voice Search) (Version: 2.6.0 - GIGABYTE TECHNOLOGY CO.,LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
House Party (HKLM-x32\...\House Party1.1) (Version: 1.1 - megalol777)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® PRO/Wireless Driver (Version: 17.00.3000.1542 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 16.10.0.0136 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1305-148929CC1385}) (Version: 3.0.1305.0340 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Wireless Bluetooth® 4.0 (HKLM-x32\...\{F6E38BB5-03FB-4886-AEEA-56D17597AAFC}) (Version: 17.0.1414.03 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{21de8cfa-6d1e-4bb2-bbe2-0bc64e82d547}) (Version: 17.0.3 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 17.0.3.0372 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
LanOptimizer (HKLM-x32\...\{B416A23D-C2BD-4956-8BAE-5C3BAFF1AC1E}) (Version: 1.00.0000 - Realtek)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 RC Redistributable (x64) - 11.0.50522 (HKLM-x32\...\{54ab72e3-5db0-419f-ab49-a3ae7464756c}) (Version: 11.0.50522.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Mobi File Reader (HKLM-x32\...\{FFA8548C-9BC2-427F-9F81-E64F620A30CB}_is1) (Version:  - mobifilereader.com)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.6.0.32 - Symantec Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PlagueInc 1.0 (HKLM-x32\...\PlagueInc 1.0) (Version: 1.0 - Cat-A-Cat)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21233 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.16.614.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7101 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
SDK Debuggers (x32 Version: 8.100.26629 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
Smart Manager V3 Ver 3.7.2 (HKLM\...\Smart Manager V3) (Version: Ver 3.7.2 - GIGABYTE)
Smart Switch v1.4.7 (HKLM-x32\...\Smart Switch) (Version: v1.4.7 - GIGABYTE TECHNOLOGY CO.,LTD.)
Smart Update v2.2.1 (HKLM-x32\...\Smart Update) (Version: v2.2.1 - GIGABYTE TECHNOLOGY CO.,LTD.)
Software Updater (HKLM-x32\...\{A737E18A-5171-40D0-8034-7DD243420081}) (Version: 4.1.1 - SEIKO EPSON CORPORATION)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Wasteland 2 (HKLM-x32\...\Wasteland 2_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, ProZorg_tm)
Windows Live 软件包 (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Software Development Kit EULA (x32 Version: 8.100.25984 - Microsoft Corporations) Hidden
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{57334b90-51ab-4979-a6e4-ab0f7632479a}) (Version: 8.100.26654 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
사진 갤러리 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2360196803-1004120692-2307574895-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hieu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2360196803-1004120692-2307574895-1003_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2360196803-1004120692-2307574895-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hieu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2360196803-1004120692-2307574895-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hieu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2360196803-1004120692-2307574895-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hieu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2360196803-1004120692-2307574895-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hieu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2360196803-1004120692-2307574895-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hieu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2360196803-1004120692-2307574895-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hieu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2360196803-1004120692-2307574895-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hieu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2360196803-1004120692-2307574895-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hieu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
27-09-2014 18:19:27 Windows Update
01-10-2014 13:10:20 Installed DirectX
09-10-2014 02:01:14 Scheduled Checkpoint
12-10-2014 10:09:35 Installed DirectX
13-10-2014 11:22:22 Restore Operation
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-23 00:25 - 2014-05-16 22:40 - 00000854 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0152C3CF-064F-4EBA-AA20-1D47F0C4710B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {04AD0E36-6DA0-4BB8-AA38-6450F2722002} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {225B21B0-F517-424F-885E-D82F0F57F1BB} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {238272CA-E52F-43EC-B0FD-A6E766117F13} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-hieutrunglam@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {261B6920-98C1-44BC-8683-38318C9A827D} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {36837A21-485D-4A30-AED7-83A1076C1782} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-02-23] ()
Task: {36A99281-7CCC-4956-898B-18631326A522} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-09-01] (Dolby Laboratories Inc.)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {62FB26BD-46B0-489A-A09E-CB975DA99BFE} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-31] (Symantec Corporation)
Task: {66030EE4-6DF7-4192-A572-094160FF0D69} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {73D8FCBC-813E-4ED1-B34D-AD6126E82934} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22] (Google Inc.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {83FC25AC-9461-41FA-8756-4CFF8D5750C8} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8E907939-43C6-4FC6-ABD0-E8A560C7FC17} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22] (Google Inc.)
Task: {8EE90D28-DC14-497B-8F5E-99A3AACBBC36} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B85442E5-7785-413C-AF5C-0431E6FA6DE9} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {BD18A6A2-D070-4760-95F5-FA399B2FC6C3} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {C2861B19-F728-414C-8277-5BA7883F8321} - System32\Tasks\RtlLanOptimizerVistaStart => C:\Program Files (x86)\Realtek\LanOptimizer\LanOptimizer.exe [2013-01-18] (Realtek Semiconductor)
Task: {CABDA101-04A6-45F1-BC40-643281E55E40} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-31] (Symantec Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FB9F0D1F-5DDE-4BD4-92BE-ED664CB93D54} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-02-23 16:26 - 2014-02-22 20:49 - 00107520 _____ () D:\DaemonToolsPro\DAEMON Tools Pro\BRD.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Hieu\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Audiosrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MMCSS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Sound, video and game controllers"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMPPALR3 => 2
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: BTHSSecurityMgr => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: ElevateService => 2
MSCONFIG\Services: EvtEng => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: Intel® Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel® Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel® ME Service => 2
MSCONFIG\Services: Intel® Wireless Bluetooth® 4.0 Radio Management => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: Update_Service => 2
MSCONFIG\Services: ZeroConfigService => 2
HKCU\...\StartupApproved\Run: => "KiesAirMessage"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-2360196803-1004120692-2307574895-500 - Administrator - Disabled)
Guest (S-1-5-21-2360196803-1004120692-2307574895-501 - Limited - Disabled)
Hieu (S-1-5-21-2360196803-1004120692-2307574895-1003 - Administrator - Enabled) => C:\Users\Hieu
HomeGroupUser$ (S-1-5-21-2360196803-1004120692-2307574895-1007 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/26/2014 11:07:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DigitalEditions.exe, version: 3.0.0.0, time stamp: 0x52b0ff73
Faulting module name: rmsdk_wrapper.dll, version: 0.0.0.0, time stamp: 0x52b0ff62
Exception code: 0xc0000005
Fault offset: 0x00091921
Faulting process id: 0x550
Faulting application start time: 0xDigitalEditions.exe0
Faulting application path: DigitalEditions.exe1
Faulting module path: DigitalEditions.exe2
Report Id: DigitalEditions.exe3
Faulting package full name: DigitalEditions.exe4
Faulting package-relative application ID: DigitalEditions.exe5
 
 
System errors:
=============
Error: (10/27/2014 04:30:25 PM) (Source: DCOM) (EventID: 10005) (User: TIGERSIX)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (10/27/2014 04:30:25 PM) (Source: DCOM) (EventID: 10005) (User: TIGERSIX)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (10/27/2014 04:30:24 PM) (Source: DCOM) (EventID: 10005) (User: TIGERSIX)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (10/27/2014 04:30:24 PM) (Source: DCOM) (EventID: 10005) (User: TIGERSIX)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (10/27/2014 04:30:07 PM) (Source: DCOM) (EventID: 10005) (User: TIGERSIX)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (10/27/2014 04:30:07 PM) (Source: DCOM) (EventID: 10005) (User: TIGERSIX)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (10/27/2014 04:29:45 PM) (Source: DCOM) (EventID: 10005) (User: TIGERSIX)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (10/27/2014 04:29:37 PM) (Source: DCOM) (EventID: 10005) (User: TIGERSIX)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (10/27/2014 04:29:37 PM) (Source: DCOM) (EventID: 10005) (User: TIGERSIX)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (10/27/2014 04:29:37 PM) (Source: DCOM) (EventID: 10005) (User: TIGERSIX)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
 
Microsoft Office Sessions:
=========================
Error: (10/26/2014 11:07:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DigitalEditions.exe3.0.0.052b0ff73rmsdk_wrapper.dll0.0.0.052b0ff62c00000050009192155001cff1156adb124eC:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exeC:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\rmsdk_wrapper.dllae243b62-5d08-11e4-803a-94de80a17482
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 5%
Total physical RAM: 16300.97 MB
Available physical RAM: 15325.02 MB
Total Pagefile: 32684.97 MB
Available Pagefile: 31809.27 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (SSD Alpha) (Fixed) (Total:217.45 GB) (Free:139.81 GB) NTFS
Drive d: (Warehouse Alpha) (Fixed) (Total:931.51 GB) (Free:393.31 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4263E73F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 4263E6D1)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

Attached Files


Edited by JAFA5586, 27 October 2014 - 12:48 AM.


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:35 PM

Posted 27 October 2014 - 10:54 AM

Your logs indicate you have pirated software on your computer. I am going to request the program be removed prior to our working on your infections. If you are willing to do that please let me know the program has been removed.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 JAFA5586

JAFA5586
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 27 October 2014 - 11:29 AM

Software has been removed. 



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:35 PM

Posted 27 October 2014 - 11:50 AM

Thanks, please tell me if your symptoms remain while in Normal Boot.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 JAFA5586

JAFA5586
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 28 October 2014 - 10:15 AM

In Normal boot, the symptom changes to BSOD (power driver state failure)



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:35 PM

Posted 28 October 2014 - 10:30 AM

OK, please boot into Safe Mode and attach the file dated today from this location:

C:\WINDOWS\Minidump
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 JAFA5586

JAFA5586
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 28 October 2014 - 11:34 PM

Gary

 

I'm having trouble uploading my crash dump file. It's bigger than maximum allowable attachements

 



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:35 PM

Posted 29 October 2014 - 08:19 AM

Let's do the next best thing.

===================================================

BlueScreenView

----------
  • Download BlueScreenView and save it to your desktop
  • Double click the BlueScreenView.exe file then click OK
  • Select Run, Next, then Next again
  • Click Install
  • When the scanning is complete, select Edit and Select All
  • Then click File and Save Selected Items
  • Save the report as BSOD.txt
  • Open BSOD.txt in Notepad, copy the entire content and paste it into your next reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • BSOD report

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 JAFA5586

JAFA5586
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 29 October 2014 - 03:10 PM

==================================================
Dump File         : 102914-14265-01.dmp
Crash Time        : 29/10/2014 2:11:34 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe001`8f6f0440
Parameter 3       : ffffd001`5ef5b930
Parameter 4       : ffffe001`93946a20
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+153ca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153ca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\102914-14265-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 714,136
Dump File Time    : 29/10/2014 2:12:56 AM
==================================================
 
==================================================
Dump File         : 101314-7546-01.dmp
Crash Time        : 13/10/2014 10:37:10 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`c37a0060
Parameter 3       : fffff801`d9c60930
Parameter 4       : ffffe000`c4b06b80
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+153ca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153ca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\101314-7546-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 665,360
Dump File Time    : 13/10/2014 11:41:19 PM
==================================================
 
==================================================
Dump File         : 091714-8359-01.dmp
Crash Time        : 17/09/2014 4:34:59 AM
Bug Check String  : 
Bug Check Code    : 0x00000116
Parameter 1       : ffffe001`48f4e4d0
Parameter 2       : fffff801`bdbc9e2c
Parameter 3       : ffffffff`c000009a
Parameter 4       : 00000000`00000004
Caused By Driver  : dxgkrnl.sys
Caused By Address : dxgkrnl.sys+101fac
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153ca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\091714-8359-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 473,624
Dump File Time    : 17/09/2014 4:35:44 AM
==================================================
 
==================================================
Dump File         : 091714-7843-01.dmp
Crash Time        : 17/09/2014 4:28:56 AM
Bug Check String  : 
Bug Check Code    : 0x00000116
Parameter 1       : ffffe001`7b1124d0
Parameter 2       : fffff800`fae64e2c
Parameter 3       : ffffffff`c000009a
Parameter 4       : 00000000`00000004
Caused By Driver  : dxgkrnl.sys
Caused By Address : dxgkrnl.sys+101fac
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153ca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\091714-7843-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 478,992
Dump File Time    : 17/09/2014 4:30:07 AM
==================================================
 
==================================================
Dump File         : 083014-8156-01.dmp
Crash Time        : 30/08/2014 10:18:25 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`bc798880
Parameter 3       : ffffd000`771db930
Parameter 4       : ffffe000`c5e79010
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+153fa0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153fa0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\083014-8156-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,135,808
Dump File Time    : 30/08/2014 10:25:42 PM
==================================================
 
==================================================
Dump File         : 082614-12734-01.dmp
Crash Time        : 26/08/2014 9:02:35 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`ef146060
Parameter 3       : fffff800`43250930
Parameter 4       : ffffe000`f461b550
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+153fa0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153fa0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\082614-12734-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 505,472
Dump File Time    : 26/08/2014 9:03:33 PM
==================================================
 
==================================================
Dump File         : 082114-10343-01.dmp
Crash Time        : 21/08/2014 9:44:38 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe001`099223c0
Parameter 3       : ffffd001`06339930
Parameter 4       : ffffe001`114359a0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+153fa0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153fa0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\082114-10343-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 785,312
Dump File Time    : 21/08/2014 10:43:39 PM
==================================================
 
==================================================
Dump File         : 081914-15343-01.dmp
Crash Time        : 19/08/2014 11:30:16 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe001`c698b630
Parameter 3       : ffffd001`af3e2c80
Parameter 4       : ffffe001`ce293b50
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+153fa0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153fa0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\081914-15343-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 442,368
Dump File Time    : 19/08/2014 11:50:33 PM
==================================================
 
==================================================
Dump File         : 060214-8234-01.dmp
Crash Time        : 2/06/2014 4:37:38 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`bfe95390
Parameter 3       : ffffd000`fffea930
Parameter 4       : ffffe000`c7ffb010
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+153fa0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153fa0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\060214-8234-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,266,584
Dump File Time    : 2/06/2014 1:00:08 PM
==================================================
 
==================================================
Dump File         : 053014-8640-01.dmp
Crash Time        : 30/05/2014 2:49:31 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`5d1005b0
Parameter 3       : ffffd000`d9e73930
Parameter 4       : ffffe000`5fedccd0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+153fa0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153fa0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\053014-8640-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,132,488
Dump File Time    : 30/05/2014 2:31:03 PM
==================================================
 
==================================================
Dump File         : 052914-7968-01.dmp
Crash Time        : 29/05/2014 6:26:58 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe001`b8b3a060
Parameter 3       : ffffd000`33f86930
Parameter 4       : ffffe001`be3f8010
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+153fa0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153fa0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\052914-7968-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 991,920
Dump File Time    : 29/05/2014 12:55:06 PM
==================================================
 
==================================================
Dump File         : 052814-7093-01.dmp
Crash Time        : 28/05/2014 2:50:22 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe001`b976e060
Parameter 3       : ffffd000`ee186930
Parameter 4       : ffffe001`be9df910
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+153fa0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153fa0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\052814-7093-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,428,672
Dump File Time    : 28/05/2014 11:53:29 AM
==================================================
 
==================================================
Dump File         : 052714-7734-01.dmp
Crash Time        : 27/05/2014 4:47:55 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe001`de2f0060
Parameter 3       : ffffd001`15c73930
Parameter 4       : ffffe001`e58fc2c0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+153fa0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153fa0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\052714-7734-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,377,640
Dump File Time    : 27/05/2014 4:49:49 PM
==================================================
 
==================================================
Dump File         : 052514-6593-01.dmp
Crash Time        : 25/05/2014 1:08:00 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`368ef060
Parameter 3       : fffff801`ede51930
Parameter 4       : ffffe000`3545c010
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+153fa0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153fa0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\052514-6593-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,095,544
Dump File Time    : 25/05/2014 4:34:17 PM
==================================================
 
==================================================
Dump File         : 052014-7859-01.dmp
Crash Time        : 20/05/2014 3:40:06 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`63f7d060
Parameter 3       : ffffd001`39b86930
Parameter 4       : ffffe000`6a2e7d00
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+153fa0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153fa0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\052014-7859-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 988,720
Dump File Time    : 21/05/2014 12:36:06 AM
==================================================
 
==================================================
Dump File         : 051314-7093-01.dmp
Crash Time        : 13/05/2014 1:22:47 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe001`9511d4b0
Parameter 3       : ffffd000`75473930
Parameter 4       : ffffe001`933bbc10
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+153fa0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+153fa0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\051314-7093-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,058,856
Dump File Time    : 13/05/2014 1:24:08 AM
==================================================
 
==================================================
Dump File         : 041514-6625-01.dmp
Crash Time        : 15/04/2014 9:32:57 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02578060
Parameter 3       : ffffd000`207f1840
Parameter 4       : ffffe000`0acd53a0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\041514-6625-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,061,456
Dump File Time    : 15/04/2014 9:34:01 PM
==================================================
 
==================================================
Dump File         : 041214-6203-01.dmp
Crash Time        : 11/04/2014 11:19:12 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`023ad060
Parameter 3       : ffffd000`20772840
Parameter 4       : ffffe000`0a106ca0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\041214-6203-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 933,872
Dump File Time    : 12/04/2014 5:16:18 PM
==================================================
 
==================================================
Dump File         : 040914-6093-01.dmp
Crash Time        : 9/04/2014 7:31:50 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02575760
Parameter 3       : ffffd000`20772840
Parameter 4       : ffffe000`0104d7a0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\040914-6093-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 931,888
Dump File Time    : 10/04/2014 12:11:43 AM
==================================================
 
==================================================
Dump File         : 040914-6343-01.dmp
Crash Time        : 9/04/2014 2:12:00 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02574060
Parameter 3       : ffffd000`2086c840
Parameter 4       : ffffe000`00ba12f0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\040914-6343-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 930,848
Dump File Time    : 9/04/2014 6:14:13 PM
==================================================
 
==================================================
Dump File         : 040914-5921-01.dmp
Crash Time        : 9/04/2014 4:49:22 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02578060
Parameter 3       : ffffd000`2086c840
Parameter 4       : ffffe000`0ab5f7c0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\040914-5921-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 933,256
Dump File Time    : 9/04/2014 4:50:28 AM
==================================================
 
==================================================
Dump File         : 040914-6078-01.dmp
Crash Time        : 9/04/2014 1:58:42 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02576060
Parameter 3       : ffffd000`20772840
Parameter 4       : ffffe000`01625680
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\040914-6078-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 912,488
Dump File Time    : 9/04/2014 2:00:09 AM
==================================================
 
==================================================
Dump File         : 040714-6656-01.dmp
Crash Time        : 7/04/2014 6:47:30 PM
Bug Check String  : DRIVER_VERIFIER_IOMANAGER_VIOLATION
Bug Check Code    : 0x000000c9
Parameter 1       : 00000000`0000023e
Parameter 2       : fffff800`01b68324
Parameter 3       : ffffcf80`2354cea0
Parameter 4       : 00000000`00000000
Caused By Driver  : dtsoftbus01.sys
Caused By Address : dtsoftbus01.sys+1324
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\040714-6656-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 262,192
Dump File Time    : 7/04/2014 5:50:06 PM
==================================================
 
==================================================
Dump File         : 040314-5562-01.dmp
Crash Time        : 3/04/2014 12:07:16 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02576620
Parameter 3       : ffffd000`208ea840
Parameter 4       : ffffe000`010950e0
Caused By Driver  : hal.dll
Caused By Address : hal.dll+64ff
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\040314-5562-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 921,944
Dump File Time    : 3/04/2014 12:07:47 AM
==================================================
 
==================================================
Dump File         : 040114-5421-01.dmp
Crash Time        : 1/04/2014 9:37:09 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02395060
Parameter 3       : ffffd000`206b5840
Parameter 4       : ffffe000`0a187be0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\040114-5421-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 640,112
Dump File Time    : 1/04/2014 9:37:45 PM
==================================================
 
==================================================
Dump File         : 040114-6015-01.dmp
Crash Time        : 1/04/2014 12:21:51 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`05a9a880
Parameter 3       : fffff803`8780b840
Parameter 4       : ffffe000`01967c10
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\040114-6015-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,046,168
Dump File Time    : 1/04/2014 2:59:14 PM
==================================================
 
==================================================
Dump File         : 040114-5781-02.dmp
Crash Time        : 1/04/2014 12:00:33 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02576830
Parameter 3       : fffff803`81bf1840
Parameter 4       : ffffe000`00ef7cc0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\040114-5781-02.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,020,600
Dump File Time    : 1/04/2014 12:01:23 PM
==================================================
 
==================================================
Dump File         : 040114-5781-01.dmp
Crash Time        : 1/04/2014 11:26:55 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02567060
Parameter 3       : ffffd000`20772840
Parameter 4       : ffffe000`00b8c420
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\040114-5781-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,016,240
Dump File Time    : 1/04/2014 11:28:05 AM
==================================================
 
==================================================
Dump File         : 033114-5984-01.dmp
Crash Time        : 31/03/2014 5:21:30 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02576060
Parameter 3       : ffffd000`20772840
Parameter 4       : ffffe000`00adf890
Caused By Driver  : hal.dll
Caused By Address : hal.dll+64ff
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\033114-5984-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 993,752
Dump File Time    : 31/03/2014 5:22:55 PM
==================================================
 
==================================================
Dump File         : 033014-7015-01.dmp
Crash Time        : 30/03/2014 12:55:38 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02556720
Parameter 3       : ffffd000`20772840
Parameter 4       : ffffe000`01240010
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\033014-7015-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,020,056
Dump File Time    : 30/03/2014 12:56:57 AM
==================================================
 
==================================================
Dump File         : 032814-5703-01.dmp
Crash Time        : 28/03/2014 11:15:53 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`025bb060
Parameter 3       : ffffd000`20678840
Parameter 4       : ffffe000`016a2010
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\032814-5703-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,049,024
Dump File Time    : 28/03/2014 11:20:12 PM
==================================================
 
==================================================
Dump File         : 032414-5000-01.dmp
Crash Time        : 24/03/2014 1:39:50 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`0259f880
Parameter 3       : fffff801`00e18840
Parameter 4       : ffffe000`0a3ebe10
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\032414-5000-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 971,280
Dump File Time    : 24/03/2014 1:40:26 AM
==================================================
 
==================================================
Dump File         : 031814-7093-01.dmp
Crash Time        : 18/03/2014 5:17:44 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02571880
Parameter 3       : ffffd000`20678840
Parameter 4       : ffffe000`01badbe0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\031814-7093-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 905,856
Dump File Time    : 18/03/2014 5:18:18 PM
==================================================
 
==================================================
Dump File         : 031514-6375-01.dmp
Crash Time        : 15/03/2014 4:20:04 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02575060
Parameter 3       : ffffd000`2086c840
Parameter 4       : ffffe000`01805010
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\031514-6375-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,000,256
Dump File Time    : 15/03/2014 11:50:36 AM
==================================================
 
==================================================
Dump File         : 031414-5484-01.dmp
Crash Time        : 14/03/2014 3:45:58 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02398780
Parameter 3       : ffffd000`20678840
Parameter 4       : ffffe000`0961a2d0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\031414-5484-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,016,176
Dump File Time    : 14/03/2014 5:47:43 PM
==================================================
 
==================================================
Dump File         : 031314-5984-01.dmp
Crash Time        : 13/03/2014 6:58:35 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`025565c0
Parameter 3       : ffffd000`20806b90
Parameter 4       : ffffe000`00a8d910
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\031314-5984-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 1,033,528
Dump File Time    : 13/03/2014 6:59:16 PM
==================================================
 
==================================================
Dump File         : 031214-5218-01.dmp
Crash Time        : 12/03/2014 1:24:43 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02574060
Parameter 3       : ffffd000`2073c840
Parameter 4       : ffffe000`081650b0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\031214-5218-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 664,112
Dump File Time    : 12/03/2014 1:25:23 AM
==================================================
 
==================================================
Dump File         : 030414-7171-01.dmp
Crash Time        : 4/03/2014 3:05:26 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`02573060
Parameter 3       : ffffd000`2068db90
Parameter 4       : ffffe000`05d61c10
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\030414-7171-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 922,288
Dump File Time    : 4/03/2014 3:05:58 AM
==================================================
 
==================================================
Dump File         : 030414-6625-01.dmp
Crash Time        : 4/03/2014 2:37:18 AM
Bug Check String  : 
Bug Check Code    : 0x00000133
Parameter 1       : 00000000`00000001
Parameter 2       : 00000000`00001e00
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000000
Caused By Driver  : hal.dll
Caused By Address : hal.dll+538b0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\030414-6625-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 298,840
Dump File Time    : 4/03/2014 2:37:52 AM
==================================================
 
==================================================
Dump File         : 030314-5578-01.dmp
Crash Time        : 3/03/2014 3:50:33 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : ffffe000`025c2060
Parameter 3       : ffffd000`2068db90
Parameter 4       : ffffe000`008a53a0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\030314-5578-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 977,384
Dump File Time    : 3/03/2014 3:51:04 PM
==================================================
 
==================================================
Dump File         : 022614-6500-01.dmp
Crash Time        : 26/02/2014 1:27:33 AM
Bug Check String  : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code    : 0x0000000a
Parameter 1       : 00000000`00000010
Parameter 2       : 00000000`00000002
Parameter 3       : 00000000`00000001
Parameter 4       : fffff801`846b5c38
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dca0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\022614-6500-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 290,408
Dump File Time    : 26/02/2014 1:28:04 AM
==================================================
 
==================================================
Dump File         : 022614-6375-01.dmp
Crash Time        : 26/02/2014 1:17:40 AM
Bug Check String  : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code    : 0x0000000a
Parameter 1       : 00000000`00000010
Parameter 2       : 00000000`00000002
Parameter 3       : 00000000`00000001
Parameter 4       : fffff801`9cc36c38
Caused By Driver  : BHDrvx64.sys
Caused By Address : BHDrvx64.sys+e809c
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\022614-6375-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 291,352
Dump File Time    : 26/02/2014 1:18:12 AM
==================================================
 
==================================================
Dump File         : 022514-6781-01.dmp
Crash Time        : 25/02/2014 2:04:07 PM
Bug Check String  : 
Bug Check Code    : 0x00000113
Parameter 1       : 00000000`00000019
Parameter 2       : 00000000`00000002
Parameter 3       : 00000000`000010de
Parameter 4       : 00000000`000011e2
Caused By Driver  : watchdog.sys
Caused By Address : watchdog.sys+39ca
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dca0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\022514-6781-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 287,464
Dump File Time    : 25/02/2014 2:04:57 PM
==================================================


#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:35 PM

Posted 29 October 2014 - 06:10 PM

Please attempt a System Restore to see if you can get the computer to boot normally.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:35 PM

Posted 01 November 2014 - 11:00 AM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users