Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ESLWire Steam Scam (Computer Infected?)


  • Please log in to reply
21 replies to this topic

#1 batchelormaxdb

batchelormaxdb

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:32 AM

Posted 13 July 2015 - 03:45 PM

Hello, I am extremely worried that my computer may be infected. About a month ago I installed a file from a website that was supposed to allow me to receive an anti-cheat for a steam game. Turns out, it did nothing but install a bunch of hidden files. Later on in that day a tab in chrome opened up on its own, to my email. Inside the email was a link to trade all of my steam items to a complete stranger, my mouse moved on its own and clicked rapidly, opening and closing tabs, then it was disabled. I have since tried to remove this file that I downloaded, but I have no clue where to look for it, or if there are any other files on my computer that it may have hidden. I do not care for my steam items, but I would like for this to be removed. I have ran MalwareBytes, and Avast, but they have found nothing.

 

Please help. :)



BC AdBot (Login to Remove)

 


#2 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:02:32 PM

Posted 13 July 2015 - 04:08 PM

Hello and welcome,

 

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

§  Flush DNS

§  Report IE Proxy Settings

§  Reset IE Proxy Settings

§  Report FF Proxy Settings

§  Reset FF Proxy Settings

§  List content of Hosts

§  List IP configuration

§  List Winsock Entries

§  List last 10 Event Viewer log

§  List Installed Programs

§  List Devices

§  List Users, Partitions and Memory size.

§  List Minidump Files

§  List Restore Points

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

---------------

Download Security Check from here or here and save it to your Desktop.

§  Double-click SecurityCheck.exe

§  Follow the onscreen instructions inside of the black box.

§  Notepad document should open automatically called checkup.txt; please post the contents of that document.

------

ESET Online Scanner

§  Click here to download the installer for ESET Online Scanner and save it to your Desktop.

§  Disable all your antivirus and antimalware software - see how to do that here.

§  Right click on esetsmartinstaller_enu.exe and select Run as Administrator.

§  Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.

§  Select Enable detection of potentially unwanted applications.

§  Click Advanced Settings, then place a checkmark in the following:

o    Remove found threats

o    Scan archives

o    Scan for potentially unsafe applications

o    Enable Anti-Stealth technology

§  Click Start to begin scanning.

§  ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.

§  When the scan is done, click List threats (only available if ESET Online Scanner found something).

§  Click Export, then save the file to your desktop.

Click Back, then Finish to exit ESET Online Scanner.

-----

Download  Malwarebytes Anti-Rootkit (MBAR) to your desktop.

 

§  Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.

§  Double click on downloaded file. OK self extracting prompt.

§  MBAR will start. Click "Next" to continue.

§  Click in the following screen "Update" to obtain the latest malware definitions.

§  Once the update is complete select "Next" and click "Scan".

§  When the scan is finished and no malware has been found select "Exit".

§  If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.

§  Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:

§  "mbar-log-{date} (xx-xx-xx).txt"

§  "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

-----

Please download AdwCleaner by Xplode onto your desktop.

§  Close all open programs and internet browsers.

§  Double click on adwcleaner.exe to run the tool.

§  Click on Scan button.

§  When the scan has finished click on Clean button.

§  Your computer will be rebooted automatically. A text file will open after the restart.

§  Please post the contents of that logfile with your next reply.

§  You can find the logfile at C:\AdwCleaner[S0].txt as well.

------

Please download Junkware Removal Tool to your desktop.

§  Shut down your protection software now to avoid potential conflicts.

§  Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

§  The tool will open and start scanning your system.

§  Please be patient as this can take a while to complete depending on your system's specifications.

§  On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

§  Post the contents of JRT.txt into your next message.

----

 


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#3 batchelormaxdb

batchelormaxdb
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:32 AM

Posted 14 July 2015 - 01:50 AM

Alright, I have ran everything you asked me to. :)
 
Here is MiniToolbox:
 
MiniToolBox by Farbar  Version: 01-07-2015
Ran by batchelormaxdb (administrator) on 13-07-2015 at 14:26:11
Running from "C:\Users\batchelormaxdb\Downloads"
Microsoft Windows 8 Pro  (X64)
Model: MS-7918 Manufacturer: MSI
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Killer e2200 Gigabit Ethernet Controller (NDIS 6.30) = Ethernet (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : MAX
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.wa.comcast.net.
 
Ethernet adapter Ethernet:
 
   Connection-specific DNS Suffix  . : hsd1.wa.comcast.net.
   Description . . . . . . . . . . . : Killer e2200 Gigabit Ethernet Controller (NDIS 6.30)
   Physical Address. . . . . . . . . : 44-8A-5B-D1-B0-2B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:1c2:4801:276:896c:67f0:aa39:c4ae(Preferred) 
   Lease Obtained. . . . . . . . . . : Monday, July 13, 2015 12:04:16 PM
   Lease Expires . . . . . . . . . . : Thursday, July 16, 2015 10:48:32 PM
   IPv6 Address. . . . . . . . . . . : 2601:1c2:4801:276:eccf:e3d3:7df4:3a76(Preferred) 
   Temporary IPv6 Address. . . . . . : 2601:1c2:4801:276:a172:3ac5:fee2:227d(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::eccf:e3d3:7df4:3a76%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.15(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, July 12, 2015 7:32:41 PM
   Lease Expires . . . . . . . . . . : Monday, July 20, 2015 12:04:05 PM
   Default Gateway . . . . . . . . . : fe80::ba9b:c9ff:feb6:dfd2%12
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 256150107
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-74-54-2B-44-8A-5B-D1-B0-2B
   DNS Servers . . . . . . . . . . . : 2001:558:feed::1
                                       2001:558:feed::2
                                       75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.hsd1.wa.comcast.net.:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.wa.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  2001:558:feed::1
 
Name:    google.com
Addresses:  2607:f8b0:400a:806::200e
 173.194.33.167
 173.194.33.165
 173.194.33.164
 173.194.33.174
 173.194.33.160
 173.194.33.169
 173.194.33.161
 173.194.33.162
 173.194.33.168
 173.194.33.163
 173.194.33.166
 
 
Pinging google.com [2607:f8b0:400a:804::1002] with 32 bytes of data:
Reply from 2607:f8b0:400a:804::1002: time=16ms 
Reply from 2607:f8b0:400a:804::1002: time=17ms 
 
Ping statistics for 2607:f8b0:400a:804::1002:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 16ms, Maximum = 17ms, Average = 16ms
Server:  cdns01.comcast.net
Address:  2001:558:feed::1
 
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [2001:4998:44:204::a7] with 32 bytes of data:
Reply from 2001:4998:44:204::a7: time=71ms 
Reply from 2001:4998:44:204::a7: time=70ms 
 
Ping statistics for 2001:4998:44:204::a7:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 70ms, Maximum = 71ms, Average = 70ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...44 8a 5b d1 b0 2b ......Killer e2200 Gigabit Ethernet Controller (NDIS 6.30)
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.15     10
         10.0.0.0    255.255.255.0         On-link         10.0.0.15    266
        10.0.0.15  255.255.255.255         On-link         10.0.0.15    266
       10.0.0.255  255.255.255.255         On-link         10.0.0.15    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.0.15    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.0.15    266
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12    266 ::/0                     fe80::ba9b:c9ff:feb6:dfd2
  1    306 ::1/128                  On-link
 12    266 2601:1c2:4801:276::/64   On-link
 12    266 2601:1c2:4801:276:896c:67f0:aa39:c4ae/128
                                    On-link
 12    266 2601:1c2:4801:276:a172:3ac5:fee2:227d/128
                                    On-link
 12    266 2601:1c2:4801:276:eccf:e3d3:7df4:3a76/128
                                    On-link
 12    266 fe80::/64                On-link
 12    266 fe80::eccf:e3d3:7df4:3a76/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 6.7.A.3.4.F.D.7.3.D.3.E.F.C.C.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR MAX-2.local.
 
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.15:5353   11 6.7.A.3.4.F.D.7.3.D.3.E.F.C.C.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR MAX.local.
 
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 D.7.2.2.2.E.E.F.5.C.A.3.2.7.1.A.6.7.2.0.1.0.8.4.2.C.1.0.1.0.6.2.ip6.arpa. PTR MAX-2.local.
 
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.15:5353   11 D.7.2.2.2.E.E.F.5.C.A.3.2.7.1.A.6.7.2.0.1.0.8.4.2.C.1.0.1.0.6.2.ip6.arpa. PTR MAX.local.
 
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 6.7.A.3.4.F.D.7.3.D.3.E.F.C.C.E.6.7.2.0.1.0.8.4.2.C.1.0.1.0.6.2.ip6.arpa. PTR MAX-2.local.
 
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.15:5353   11 6.7.A.3.4.F.D.7.3.D.3.E.F.C.C.E.6.7.2.0.1.0.8.4.2.C.1.0.1.0.6.2.ip6.arpa. PTR MAX.local.
 
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 15.0.0.10.in-addr.arpa. PTR MAX-2.local.
 
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.15:5353   11 15.0.0.10.in-addr.arpa. PTR MAX.local.
 
Error: (07/13/2015 00:26:45 PM) (Source: Bonjour Service) (User: )
Description: Local Hostname MAX.local already in use; will try MAX-2.local instead
 
Error: (07/13/2015 00:26:45 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   16 MAX.local. AAAA 2601:01C2:4801:0276:ECCF:E3D3:7DF4:3A76
 
 
System errors:
=============
Error: (07/12/2015 11:42:08 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
 
Error: (07/12/2015 11:42:07 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
 
Error: (07/12/2015 04:06:38 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.
 
Error: (07/11/2015 08:42:49 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0
 
Error: (07/11/2015 04:29:36 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
 
Error: (07/11/2015 04:29:35 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
 
Error: (07/11/2015 03:16:51 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
 
Error: (07/10/2015 04:38:39 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
 
Error: (07/09/2015 10:09:20 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
 
Error: (07/09/2015 09:29:34 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
 
 
Microsoft Office Sessions:
=========================
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 6.7.A.3.4.F.D.7.3.D.3.E.F.C.C.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR MAX-2.local.
 
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.15:5353   11 6.7.A.3.4.F.D.7.3.D.3.E.F.C.C.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR MAX.local.
 
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 D.7.2.2.2.E.E.F.5.C.A.3.2.7.1.A.6.7.2.0.1.0.8.4.2.C.1.0.1.0.6.2.ip6.arpa. PTR MAX-2.local.
 
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.15:5353   11 D.7.2.2.2.E.E.F.5.C.A.3.2.7.1.A.6.7.2.0.1.0.8.4.2.C.1.0.1.0.6.2.ip6.arpa. PTR MAX.local.
 
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 6.7.A.3.4.F.D.7.3.D.3.E.F.C.C.E.6.7.2.0.1.0.8.4.2.C.1.0.1.0.6.2.ip6.arpa. PTR MAX-2.local.
 
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.15:5353   11 6.7.A.3.4.F.D.7.3.D.3.E.F.C.C.E.6.7.2.0.1.0.8.4.2.C.1.0.1.0.6.2.ip6.arpa. PTR MAX.local.
 
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 15.0.0.10.in-addr.arpa. PTR MAX-2.local.
 
Error: (07/13/2015 00:26:46 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.15:5353   11 15.0.0.10.in-addr.arpa. PTR MAX.local.
 
Error: (07/13/2015 00:26:45 PM) (Source: Bonjour Service)(User: )
Description: Local Hostname MAX.local already in use; will try MAX-2.local instead
 
Error: (07/13/2015 00:26:45 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   16 MAX.local. AAAA 2601:01C2:4801:0276:ECCF:E3D3:7DF4:3A76
 
 
=========================== Installed Programs ============================
 
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.90 - Adobe Systems Incorporated)
ArcheAge (HKLM-x32\...\Steam App 304030) (Version:  - XLGAMES)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Drive (HKLM-x32\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
Gyazo 3.1 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Daybreak Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel® Chipset Device Software (HKLM-x32\...\{4a87bd28-a855-4a8d-b133-60ca8ccffd30}) (Version: 10.0.17 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{08B90A20-95D3-4725-84B9-AF6553E06C4F}) (Version: 5.0.10.2850 - Intel Corporation)
Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.177 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4727.1003 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.67 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.3 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.025 - MSI)
Nether (HKLM-x32\...\Steam App 247730) (Version:  - Phosphor Games)
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 150516.109666 - Square Enix Ltd)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{CCD797F1-171F-4B3A-BD30-4F59F653E1A0}) (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{F45761DC-2470-47FF-9E9B-F4016568C29A}) (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (HKLM\...\{4692B750-DE88-4DCF-9163-745AF5604B24}) (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.24565 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7245 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.9.2834.0 - Hi-Rez Studios)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.06 - Creative Technology Limited)
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version:  - Three Rings)
Spotify (HKCU\...\Spotify) (Version: 1.0.8.59.gee82e7e6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\Steam App 323370) (Version:  - En Masse Entertainment)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
 
========================= Devices: ================================
 
Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C01\1
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\1
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\2
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\5
 
Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: 
Device ID: HID\VID_1532&PID_0203&MI_01&COL02\7&34D3CB3A&0&0001
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\INT3394\2&DABA3FF&1
 
Name: Intel® Core™ i7-4770 CPU @ 3.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4770_CPU_@_3.40GHZ\_1
 
Name: Intel® Core™ i7-4770 CPU @ 3.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4770_CPU_@_3.40GHZ\_2
 
Name: Intel® Core™ i7-4770 CPU @ 3.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4770_CPU_@_3.40GHZ\_3
 
Name: Intel® Core™ i7-4770 CPU @ 3.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4770_CPU_@_3.40GHZ\_4
 
Name: Intel® Core™ i7-4770 CPU @ 3.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4770_CPU_@_3.40GHZ\_5
 
Name: Intel® Core™ i7-4770 CPU @ 3.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4770_CPU_@_3.40GHZ\_6
 
Name: Intel® Core™ i7-4770 CPU @ 3.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4770_CPU_@_3.40GHZ\_7
 
Name: Intel® Core™ i7-4770 CPU @ 3.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4770_CPU_@_3.40GHZ\_8
 
Name: Killer e2200 Gigabit Ethernet Controller (NDIS 6.30)
Description: Killer e2200 Gigabit Ethernet Controller (NDIS 6.30)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros
Service: Ke2200
Device ID: PCI\VEN_1969&DEV_E091&SUBSYS_79181462&REV_13\4&2FDA04A&0&00E2
 
Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0B\0
 
Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0B\1
 
Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0B\2
 
Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0B\3
 
Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0B\4
 
Name: Logitech Gaming USB Device
Description: Logitech Gaming USB Device
Class Guid: 
Manufacturer: 
Service: 
Device ID: {5D41F0D0-D781-42FA-8785-D3DE4AC67658}\VID_046D&PID_C24C&REV_8300&MI_00&USBFILT\7&D23047F&0&00
 
Name: ACPI Processor Aggregator
Description: ACPI Processor Aggregator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: acpipagr
Device ID: ACPI\ACPI000C\2&DABA3FF&1
 
Name: Root Print Queue
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\PRINTQUEUES
 
Name: NVIDIA GeForce GTX 960
Description: NVIDIA GeForce GTX 960
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Device ID: PCI\VEN_10DE&DEV_1401&SUBSYS_29663842&REV_A1\4&176C8DF9&0&0008
 
Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: volmgr
Device ID: ROOT\VOLMGR\0000
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&6A02F83&0
 
Name: Logitech Gaming HID Device
Description: Logitech Gaming HID Device
Class Guid: 
Manufacturer: 
Service: 
Device ID: {A94D85F1-0D06-4254-A172-2ADBECB23AB9}\VID_046D&PID_C24C&REV_8300&MI_00&LGSHIDFILT\8&D5C8AE9&0&00
 
Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Device ID: HID\VID_046D&PID_C24C&MI_01\7&30FA4241&0&0000
 
Name: Microsoft Basic Display Driver
Description: Microsoft Basic Display Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: BasicDisplay
Device ID: ROOT\BASICDISPLAY\0000
 
Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0E\2&DABA3FF&1
 
Name: Intel® USB 3.0 eXtensible Host Controller - 0100 (Microsoft)
Description: Intel® 9 Series Chipset Family USB xHCI Host Controller  - 8CB1
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Generic USB xHCI Host Controller
Service: USBXHCI
Device ID: PCI\VEN_8086&DEV_8CB1&SUBSYS_79181462&REV_00\3&11583659&0&A0
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{C8BC752A-53E5-11E2-BE65-806E6F6E6963}#000000056D200000
 
Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: ROOT\MS_NDISWANIP\0000
 
Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_046D&PID_C24C&MI_01\6&1532E4EC&0&0001
 
Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\THERMALZONE\TZ00
 
Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\THERMALZONE\TZ01
 
Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Device ID: ROOT\MS_SSTPMINIPORT\0000
 
Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Device ID: ROOT\MS_AGILEVPNMINIPORT\0000
 
Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\0
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&5E82B1B&0
 
Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Device ID: USB\VID_8087&PID_8001\5&24FBAA04&0&1
 
Name: Printer Port Logical Interface
Description: Printer Port Logical Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: LPTENUM\MICROSOFTRAWPORT\5&276CEDBF&0&LPT1
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
 
Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Device ID: HID\VID_1532&PID_0203&MI_01&COL03\7&34D3CB3A&0&0002
 
Name: Intel® Management Engine Interface 
Description: Intel® Management Engine Interface 
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Device ID: PCI\VEN_8086&DEV_8CBA&SUBSYS_79181462&REV_00\3&11583659&0&B0
 
Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid
Device ID: HID\VID_046D&PID_C231\2&1652C37&0&0000
 
Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0103\0
 
Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus
Device ID: ROOT\COMPOSITEBUS\0000
 
Name: Microsoft Virtual Drive Enumerator
Description: Microsoft Virtual Drive Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vdrvroot
Device ID: ROOT\VDRVROOT\0000
 
Name: Microsoft Storage Spaces Controller
Description: Microsoft Storage Spaces Controller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: spaceport
Device ID: ROOT\SPACEPORT\0000
 
Name: Intel® 4th Gen Core processor DRAM Controller - 0C00
Description: Intel® 4th Gen Core processor DRAM Controller - 0C00
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: PCI\VEN_8086&DEV_0C00&SUBSYS_79181462&REV_06\3&11583659&0&00
 
Name: Communications Port (COM1)
Description: Communications Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard port types)
Service: Serial
Device ID: ACPI\PNP0501\1
 
Name: Microsoft Kernel Debug Network Adapter
Description: Microsoft Kernel Debug Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Device ID: ROOT\KDNIC\0000
 
Name: Microsoft XPS Document Writer
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{AF023001-E0B1-4934-B8E8-D92D736469BE}
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT1
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT2
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT3
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT4
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT5
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT6
 
Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0B00\4&17FD5F55&0
 
Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: ROOT\MS_NDISWANIPV6\0000
 
Name: Intel® 9 Series Chipset Family SMBus Host Controller  - 8CA2
Description: Intel® 9 Series Chipset Family SMBus Host Controller  - 8CA2
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
Device ID: PCI\VEN_8086&DEV_8CA2&SUBSYS_79181462&REV_00\3&11583659&0&FB
 
Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0000\4&17FD5F55&0
 
Name: USB Root Hub (xHCI)
Description: USB Root Hub (xHCI)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB HUBs)
Service: USBHUB3
Device ID: USB\ROOT_HUB30\4&25002717&0&0
 
Name: Intel® 9 Series Chipset Family PCI Express Root Port 1 - 8C90
Description: Intel® 9 Series Chipset Family PCI Express Root Port 1 - 8C90
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: PCI\VEN_8086&DEV_8C90&SUBSYS_79181462&REV_D0\3&11583659&0&E0
 
Name: HID Keyboard Device
Description: HID Keyboard Device
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: kbdhid
Device ID: HID\VID_1532&PID_0203&MI_00\7&301F62F6&0&0000
 
Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Device ID: USB\VID_8087&PID_8009\5&20E8EC&0&1
 
Name: Speakers (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.0.00000000}.{33EDF50C-D2F9-4741-B5A8-CB21A973E269}
 
Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Device ID: HID\VID_1532&PID_0203&MI_01&COL04\7&34D3CB3A&0&0003
 
Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: ROOT\UMBUS\0000
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\INT3F0D\4&17FD5F55&0
 
Name: Intel® Z97 Chipset LPC Controller  - 8CC4
Description: Intel® Z97 Chipset LPC Controller  - 8CC4
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: msisadrv
Device ID: PCI\VEN_8086&DEV_8CC4&SUBSYS_79181462&REV_00\3&11583659&0&F8
 
Name: Logitech Gaming Virtual Mouse
Description: Logitech Gaming Virtual Mouse
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: LGVirHid
Device ID: LOGIDEVICE\VID_046D&PID_C231\1&79F5D87&0&49713
 
Name: Microsoft Device Association Root Enumerator
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MSDAS\{CE958E9A-424F-4C88-86F4-11314821E75A}
 
Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL
Device ID: ROOT\ACPI_HAL\0000
 
Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0200\4&17FD5F55&0
 
Name: PCI Express Root Complex
Description: PCI Express Root Complex
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: ACPI\PNP0A08\0
 
Name: ST1000DM003-1CH162
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: SCSI\DISK&VEN_&PROD_ST1000DM003-1CH1\4&BB36D01&0&010000
 
Name: Razer BlackWidow Chroma
Description: Razer BlackWidow Chroma
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Razer Inc
Service: HidUsb
Device ID: USB\VID_1532&PID_0203&MI_00\6&122A57DF&0&0000
 
Name: Send To OneNote 2013
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{241F9927-E453-4DC3-B019-3D78FBCBD40E}
 
Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI
Device ID: ACPI_HAL\PNP0C08\0
 
Name: Microsoft Basic Render Driver
Description: Microsoft Basic Render Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BasicRender
Device ID: ROOT\BASICRENDER\0000
 
Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Device ID: PCI\VEN_10DE&DEV_0FBA&SUBSYS_29663842&REV_A1\4&176C8DF9&0&0108
 
Name: Logitech Optical Gaming Mouse G400s
Description: Logitech Optical Gaming Mouse G400s
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Logitech
Service: mouhid
Device ID: HID\VID_046D&PID_C24C&MI_00\7&D23047F&0&0000
 
Name: Printer Port (LPT1)
Description: Printer Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard port types)
Service: Parport
Device ID: ACPI\PNP0400\4&17FD5F55&0
 
Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Device ID: ROOT\MS_PPTPMINIPORT\0000
 
Name: Intel® 82801 PCI Bridge - 244E
Description: Intel® 82801 PCI Bridge - 244E
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_244E&SUBSYS_79181462&REV_D0\3&11583659&0&E3
 
Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\FIXEDBUTTON\2&DABA3FF&1
 
Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*ISATAP\0000
 
Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*ISATAP\0001
 
Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: ROOT\MS_NDISWANBH\0000
 
Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Device ID: HID\VID_1532&PID_0203&MI_01&COL05\7&34D3CB3A&0&0004
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{C8BC752A-53E5-11E2-BE65-806E6F6E6963}#0000000000007E00
 
Name: Realtek Digital Output (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.0.00000000}.{775A771C-6BCE-4718-8AF6-7D3CE6CC309A}
 
Name: Intel® 9 Series Chipset Family SATA AHCI Controller  - 8C82
Description: Intel® 9 Series Chipset Family SATA AHCI Controller  - 8C82
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard SATA AHCI Controller
Service: storahci
Device ID: PCI\VEN_8086&DEV_8C82&SUBSYS_79181462&REV_00\3&11583659&0&FA
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\10
 
Name: Logitech Gaming Virtual Keyboard
Description: Logitech Gaming Virtual Keyboard
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: LGVirHid
Device ID: LOGIDEVICE\VID_046D&PID_C232\1&79F5D87&0&49714
 
Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\MXM2
 
Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C04\4&17FD5F55&0
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{C8BC752A-53E5-11E2-BE65-806E6F6E6963}#0000000002800000
 
Name: Intel® Smart Connect Technology Device
Description: Intel® Smart Connect Technology Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: ISCT
Device ID: ACPI\INT33A0\0
 
Name: Intel® 9 Series Chipset Family USB Enhanced Host Controller  - 8CAD
Description: Intel® 9 Series Chipset Family USB Enhanced Host Controller  - 8CAD
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci
Device ID: PCI\VEN_8086&DEV_8CAD&SUBSYS_79181462&REV_00\3&11583659&0&D0
 
Name: Razer BlackWidow Chroma
Description: Razer BlackWidow Chroma
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Razer Inc
Service: HidUsb
Device ID: USB\VID_1532&PID_0203&MI_01\6&122A57DF&0&0001
 
Name: PLDS DVD+-RW DH-16ACS
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Device ID: SCSI\CDROM&VEN_PLDS&PROD_DVD+-RW_DH-16ACS\4&BB36D01&0&000000
 
Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Device ID: ROOT\UNNAMED_DEVICE\0000
 
Name: Microphone (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.1.00000000}.{833C86E7-82A2-46C0-A86C-16EF356F0B9D}
 
Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0C\AA
 
Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Device ID: ROOT\MS_L2TPMINIPORT\0000
 
Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor
Device ID: DISPLAY\FNI0000\5&34D2970&0&UID1048849
 
Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: PCI\VEN_1B21&DEV_1080&SUBSYS_78161462&REV_03\4&142B10B&0&00E3
 
Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Device ID: ROOT\MS_PPPOEMINIPORT\0000
 
Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
Device ID: ACPI\INT0800\4&17FD5F55&0
 
Name: Razer BlackWidow Chroma
Description: Razer BlackWidow Chroma
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: Razer Inc
Service: kbdhid
Device ID: HID\VID_1532&PID_0203&MI_01&COL01\7&34D3CB3A&0&0000
 
Name: Intel® 9 Series Chipset Family High Definition Audio Controller  - 8CA0
Description: Intel® 9 Series Chipset Family High Definition Audio Controller  - 8CA0
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Device ID: PCI\VEN_8086&DEV_8CA0&SUBSYS_D9181462&REV_00\3&11583659&0&D8
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\111
 
Name: Intel® 9 Series Chipset Family USB Enhanced Host Controller  - 8CA6
Description: Intel® 9 Series Chipset Family USB Enhanced Host Controller  - 8CA6
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci
Device ID: PCI\VEN_8086&DEV_8CA6&SUBSYS_79181462&REV_00\3&11583659&0&E8
 
Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios
Device ID: ROOT\MSSMBIOS\0000
 
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0900&SUBSYS_1462D918&REV_1000\4&1FBA59CC&0&0001
 
Name: Intel® 9 Series Chipset Family PCI Express Root Port 3  - 8C94
Description: Intel® 9 Series Chipset Family PCI Express Root Port 3  - 8C94
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: PCI\VEN_8086&DEV_8C94&SUBSYS_79181462&REV_D0\3&11583659&0&E2
 
Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\TBFP
 
Name: Intel® Xeon® processor E3-1200 v3/4th Gen Core processor PCI Express x16 Controller - 0C01
Description: Intel® Xeon® processor E3-1200 v3/4th Gen Core processor PCI Express x16 Controller - 0C01
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: PCI\VEN_8086&DEV_0C01&SUBSYS_79181462&REV_06\3&11583659&0&08
 
Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_1532&PID_0203&MI_02\6&122A57DF&0&0002
 
Name: LCD TV-4 (2- NVIDIA High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.0.00000000}.{8FC0A3D4-2641-4C5F-948B-8FDB9756C35D}
 
Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0100\4&17FD5F55&0
 
Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum
Device ID: ROOT\SYSTEM\0000
 
Name: Logitech GamePanel Virtual Bus Enumerator
Description: Logitech GamePanel Virtual Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: LGBusEnum
Device ID: ROOT\SYSTEM\0001
 
Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_046D&PID_C24C\5&18F65433&0&6
 
Name: Fax
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{8B164225-43E2-473F-B32C-CD2DA77617C7}
 
Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Device ID: ROOT\RDPBUS\0000
 
Name: Razer BlackWidow Chroma
Description: Razer BlackWidow Chroma
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Razer Inc
Service: mouhid
Device ID: HID\VID_1532&PID_0203&MI_02\7&10FC8D78&0&0000
 
Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_1532&PID_0203\5&18F65433&0&5
 
Name: Logitech Gaming USB Mouse G400s
Description: Logitech Gaming USB Mouse G400s
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Logitech
Service: HidUsb
Device ID: USB\VID_046D&PID_C24C&MI_00\6&1532E4EC&0&0000
 
Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Device ID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0072&SUBSYS_38422966&REV_1001\5&3B1C63B5&0&0001
 
Name: HID Keyboard Device
Description: HID Keyboard Device
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: kbdhid
Device ID: HID\VID_046D&PID_C232\2&1928B87C&0&0000
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 40%
Total physical RAM: 8143.63 MB
Available physical RAM: 4833.11 MB
Total Virtual: 9359.63 MB
Available Virtual: 5423.82 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:909.81 GB) (Free:451.14 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\MAX
 
Administrator            batchelormaxdb           Guest                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
26-06-2015 18:32:44 Windows Update
01-07-2015 01:37:57 avast! antivirus system restore point
05-07-2015 09:58:31 Installed DirectX
12-07-2015 23:14:52 Scheduled Checkpoint
 
**** End of log ****
 
Here is securitycheck:
 
 Results of screen317's Security Check version 1.005  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
avast! Antivirus   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 10 Flash Player out of Date! 
  Adobe Flash Player  10.3.183.90 Flash Player out of Date!  
 Google Chrome (43.0.2357.130) 
 Google Chrome (43.0.2357.132) 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast ng ngservice.exe 
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 
Malwarebytes:
 
mbar-log:
 
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
 
Database version:
  main:    v2015.07.13.06
  rootkit: v2015.07.10.01
 
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.17377
batchelormaxdb :: MAX [administrator]
 
7/13/2015 5:34:37 PM
mbar-log-2015-07-13 (17-34-37).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 343154
Time elapsed: 12 minute(s), 17 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
System-log:
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.2.9200 Windows 8 x64
 
Account is Administrative
 
Internet Explorer version: 10.0.9200.17377
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.400000 GHz
Memory total: 8539213824, free: 4685172736
 
Downloaded database version: v2015.07.13.06
Downloaded database version: v2015.07.10.01
Downloaded database version: v2015.07.01.02
=======================================
Initializing...
------------ Kernel report ------------
     07/13/2015 17:34:31
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\system32\drivers\tpm.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\bwcW8x64.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\e22w8x64.sys
\SystemRoot\System32\drivers\serial.sys
\SystemRoot\System32\drivers\serenum.sys
\SystemRoot\System32\drivers\parport.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\acpipagr.sys
\SystemRoot\System32\drivers\ISCTD.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\system32\drivers\LGBusEnum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\MBfilt64.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\rzendpt.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\system32\DRIVERS\ikbevent.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\rzudd.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\system32\DRIVERS\imsevent.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\LGSUsbFilt.Sys
\SystemRoot\system32\DRIVERS\LGSHidFilt.Sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\peauth.sys
\??\C:\Windows\system32\drivers\rzpmgrk.sys
\??\C:\Windows\system32\drivers\rzpnk.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\mslldp.sys
\??\C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys
\??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\??\C:\Windows\System32\Drivers\INETMON.sys
\SystemRoot\system32\drivers\LGVirHid.sys
\SystemRoot\System32\drivers\rdpvideominiport.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\system32\drivers\aswStm.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
 
Scan started
Database versions:
  main:    v2015.07.13.06
  rootkit: v2015.07.10.01
 
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80089ce060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80089ceb10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80089ce060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa80077c9c30, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800879a7c0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80077c9060, DeviceName: \Device\00000045\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\Windows\System32\Drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 956D7626
 
Partition information:
 
    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 80262
 
    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 81920  Numsec = 45436928
    Partition file system is NTFS
    Partition is bootable
 
    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 45518848  Numsec = 1908002816
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
 
Done!
File "C:\ProgramData\AVAST Software\Avast\log\AvastSvc.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\AvastUI.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\CommChannel.Protocol.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\Grimefighter.log" is compressed (flags = 1)
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-81920-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 
AdwCleaner:
 
# AdwCleaner v3.214 - Report created 01/07/2014 at 02:40:22
# Updated 29/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : MAX - MAX-PC
# Running from : C:\Users\MAX\Downloads\adwcleaner_3.214.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\hotspot shield
Folder Deleted : C:\Users\MAX\AppData\Roaming\hotspot shield
File Deleted : C:\Users\MAX\AppData\Roaming\Mozilla\Firefox\Profiles\wyqfp1hx.default\invalidprefs.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\anchorfree
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Mozilla Firefox v29.0.1 (en-US)
 
[ File : C:\Users\MAX\AppData\Roaming\Mozilla\Firefox\Profiles\wyqfp1hx.default\prefs.js ]
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\MAX\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [1195 octets] - [01/07/2014 02:39:27]
AdwCleaner[S0].txt - [1384 octets] - [01/07/2014 02:40:22]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1444 octets] ##########
# AdwCleaner v4.208 - Logfile created 13/07/2015 at 23:40:41
# Updated 09/07/2015 by Xplode
# Database : 2015-07-11.1 [Server]
# Operating system : Windows 8 Pro  (x64)
# Username : batchelormaxdb - MAX
# Running from : C:\Users\batchelormaxdb\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v10.0.9200.17377
 
 
-\\ Google Chrome v43.0.2357.132
 
 
*************************
 
AdwCleaner[R0].txt - [2099 bytes] - [01/07/2014 02:39:27]
AdwCleaner[S0].txt - [2296 bytes] - [01/07/2014 02:40:22]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2355  bytes] ##########
 
Junkware Removal:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.4.7 (07.13.2015:1)
OS: Windows 8 Pro x64
Ran by batchelormaxdb on Mon 07/13/2015 at 23:46:49.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_C8D2D1BB358C29F35DCB1B585665B550
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\batchelormaxdb\appdata\local\google\chrome\user data\default\local storage\hxxp_www.azlyrics.com_0.localstorage
Successfully deleted: [File] C:\Users\batchelormaxdb\appdata\local\google\chrome\user data\default\local storage\hxxp_www.azlyrics.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\batchelormaxdb\appdata\local\google\chrome\user data\default\local storage\hxxp_www.lyricsfreak.com_0.localstorage
Successfully deleted: [File] C:\Users\batchelormaxdb\appdata\local\google\chrome\user data\default\local storage\hxxp_www.lyricsfreak.com_0.localstorage-journal
 
 
 
~~~ Folders
 
 
 
~~~ Chrome
 
 
[C:\Users\batchelormaxdb\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\batchelormaxdb\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\batchelormaxdb\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\batchelormaxdb\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 07/13/2015 at 23:48:28.98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#4 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:02:32 PM

Posted 14 July 2015 - 03:26 AM

Can you tell me more about hidden files?

ESET found nothing?

Can you tell me the name of that file, downloaded file?

--------

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

§  Make sure the following options are checked:
 

o    Internet Services

o    Windows Firewall

o    System Restore

o    Security Center/Action Center

o    Windows Update

o    Windows Defender

o    Other Services

§  Press "Scan".

§  It will create a log (FSS.txt) in the same directory the tool is run.

§  Please copy and paste the log to your reply.


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#5 batchelormaxdb

batchelormaxdb
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:32 AM

Posted 14 July 2015 - 04:15 AM

Sure, I noticed this morning that there was a file I could not see in my Roaming folder. I was alerted of this because my firewall let me know of a "clock.exe" file in a folder labelled "Schema" in my Roaming folder. I went to look at this, but could not find said folder. 

 

ESET found three items, and quarantined them.

 

C:\Users\batchelormaxdb\Downloads\skypelogview (1).zip a variant of Win32/SkypeLogView.A potentially unsafe application deleted - quarantined
C:\Users\batchelormaxdb\Downloads\skypelogview.zip a variant of Win32/SkypeLogView.A potentially unsafe application deleted - quarantined
C:\Users\batchelormaxdb\Downloads\skypelogview (1)\SkypeLogView.exe a variant of Win32/SkypeLogView.A potentially unsafe application cleaned by deleting - quarantined
 
The file was from a website called UCPSteam(dot)com, and it had a similar title to the website, but I have deleted the file since then, and do not remember the name fully.
 
Here is the log:
 
Farbar Service Scanner Version: 17-01-2015
Ran by batchelormaxdb (administrator) on 14-07-2015 at 02:14:51
Running from "C:\Users\batchelormaxdb\Downloads"
Microsoft Windows 8 Pro  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****


#6 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:02:32 PM

Posted 14 July 2015 - 04:52 AM

Was the file path like this: C:\Users\*\AppData\Roaming\Schema\clock.exe

 

Try to find that file by using administrator privileges.

 

Can you find that file? If yes, upload it to virustotal.com


Edited by severac, 14 July 2015 - 04:53 AM.

I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#7 batchelormaxdb

batchelormaxdb
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:32 AM

Posted 14 July 2015 - 04:53 AM

I was able to un-hide the hidden folder, and it was created on the date that this whole incident started. It contains the "clock.exe" file, and nothing else that I am able to see.



#8 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:02:32 PM

Posted 14 July 2015 - 04:57 AM

Upload it to virustotal.com and check. 


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#9 batchelormaxdb

batchelormaxdb
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:32 AM

Posted 14 July 2015 - 05:00 AM

I did the upload, and it is coming across as probably safe, there are 3 votes for malicious and 0 for harmless. However, the authentication page is saying that is was made by NetSupport, and originally named client32.exe. NetSupport showed up at least once in the file that I downloaded. I am fairly certain that I was hijacked by someone using NetSupport.


Edited by batchelormaxdb, 14 July 2015 - 05:03 AM.


#10 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:02:32 PM

Posted 14 July 2015 - 05:08 AM

Can you post me the virustotal scan results link? 


Edited by severac, 14 July 2015 - 05:08 AM.

I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#11 batchelormaxdb

batchelormaxdb
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:32 AM

Posted 14 July 2015 - 05:10 AM

https://www.virustotal.com/en/file/c9aef58c5a639778b2f83495d30a4a9466d79e70b2d089cffb9e1974d335b4ed/analysis/



#12 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:02:32 PM

Posted 14 July 2015 - 05:14 AM

You didn't use scan again?

 

 

Analysis date: 2015-06-15 03:51:23 UTC ( 4 weeks, 1 day ago )

 

Which file did you upload?


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#13 batchelormaxdb

batchelormaxdb
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:32 AM

Posted 14 July 2015 - 05:20 AM

Sorry, I have scanned it now. :)



#14 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:02:32 PM

Posted 14 July 2015 - 05:31 AM

So, you have uploaded file named clock.exe from C:\Users\*\AppData\Roaming\Schema\clock.exe  and virustotal.com says it is clean?


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#15 batchelormaxdb

batchelormaxdb
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:32 AM

Posted 14 July 2015 - 05:32 AM

So, you have uploaded file named clock.exe from C:\Users\*\AppData\Roaming\Schema\clock.exe  and virustotal.com says it is clean?

 

Yes, it is saying that it is "Probably harmless! There are strong indicators suggesting that this file is safe to use."






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users