Jump to content

benggarth

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Everything's working! Thanks so much what was the problem?
  2. Hi borislav. here is the fixlog: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-12-2013 01 Ran by Ben at 2014-01-02 20:02:29 Run:1 Running from C:\Users\Ben\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** HKCU\...\Run: [YpccPack] - regsvr32.exe C:\Users\Ben\AppData\Local\YpccPack\cncdevTrust.dll <===== ATTENTION 2013-12-26 20:49 - 2013-12-26 20:49 -00000000 ____D C:Users\Ben\AppData\Local\YpccPack C:\Users\Ben\AppData\Local\Temp\htmlayout.dll ***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\YpccPack => Value deleted successfully. "2013-12-26 20:49 - 2013-12-26 20:49 -00000000 ____D C:Users\Ben\AppData\Local\YpccPack" => File/Directory not found. C:\Users\Ben\AppData\Local\Temp\htmlayout.dll => Moved successfully. ==== End of Fixlog ====
  3. Here is also the addition log as I am unable to attach it as a file from my phone: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2013 01 Ran by Ben at 2013-12-29 23:23:22 Running from C:\Users\Ben\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== „Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) „Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) „Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) „Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Adobe Reader X (10.1.8) (x32 Version: 10.1.8 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (x32 Version: 11.6.7.637 - Adobe Systems, Inc.) aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) AMD Accelerated Video Transcoding (Version: 12.5.100.20928 - Advanced Micro Devices, Inc.) AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) AMD Catalyst Install Manager (Version: 8.0.891.0 - Advanced Micro Devices, Inc.) AMD Fuel (Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) AMD Media Foundation Decoders (Version: 1.0.70405.0823 - Advanced Micro Devices, Inc.) AMD Steady Video Plug-In (Version: 2.03.0000 - AMD) AMD VISION Engine Control Center (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Atheros Client Installation Program (x32 Version: 9.0 - Atheros) C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Catalyst Control Center InstallProxy (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Catalyst Control Center Localization All (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) CCC Help Chinese Standard (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Chinese Traditional (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Czech (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Danish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Dutch (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help English (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Finnish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help French (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help German (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Greek (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Hungarian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Italian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Japanese (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Korean (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Norwegian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Polish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Portuguese (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Russian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Spanish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Swedish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Thai (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) CCC Help Turkish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) ccc-utility64 (Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) CDBurnerXP (x32 Version: 4.5.2.4291 - CDBurnerXP) Counter Strike Source v1.0.0.34 (x32 Version: - ) CyberLink Power2Go (x32 Version: 6.1.3802 - CyberLink Corp.) CyberLink YouCam (x32 Version: 3.1.5016 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft) Dropbox (HKCU Version: 2.0.22 - Dropbox, Inc.) Easy File Share (x32 Version: 1.3.1 - Samsung Electronics CO., LTD.) Easy Migration (x32 Version: 1.0 - Samsung Electronics CO., LTD.) E-POP (x32 Version: 1.0.1 - Samsung Electronics CO., LTD.) essentials (x32 Version: 7.7.2.0 - Eastman Kodak Company) EveHQ (x32 Version: - ) EVEMon (x32 Version: 1.8.4.4125 - battleclinic.com) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.) Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.) Google Earth (x32 Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) HP Deskjet 3050 J610 series Basic Device Software (Version: 22.50.231.0 - Hewlett-Packard Co.) HP Deskjet 3050 J610 series Help (x32 Version: 140.0.63.63 - Hewlett Packard) HP Update (x32 Version: 5.002.006.003 - Hewlett-Packard) Java 7 Update 45 (x32 Version: 7.0.450 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) KODAK AiO Software (x32 Version: 7.7.4.0 - Eastman Kodak Company) Magic Audio CD Burner (x32 Version: 1.4 - Magic Audio Tools) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 x64 ENU (Version: 4.0.8482.1 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Multimedia POP (x32 Version: 1.2 - Samsung Electronics CO., LTD.) ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) OpenAL (x32 Version: - ) Pidgin (x32 Version: 2.10.7 - ) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) PrintProjects (x32 Version: 1.0.0.9282 - RocketLife Inc.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Realtek Ethernet Controller Driver (x32 Version: 7.54.309.2012 - Realtek) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6602 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (x32 Version: 6.1.7601.39025 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) SISShortcut (x32 Version: 1.0.0.3 - Samsung Electronics Co., LTD) SketchUp 2013 (x32 Version: 13.0.3689 - Trimble Navigation Limited) SketchUp 8 (x32 Version: 3.0.15158 - Trimble Navigation Limited) Skype Click to Call (x32 Version: 6.13.13771 - Skype Technologies S.A.) Skype™ 6.1 (x32 Version: 6.1.129 - Skype Technologies S.A.) Splashtop Software Updater (x32 Version: 1.5.6.14 - Splashtop Inc.) Splashtop Streamer (x32 Version: 2.4.5.2 - Splashtop Inc.) Spotify (HKCU Version: 0.9.4.185.g7545a404 - Spotify AB) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Synaptics Pointing Device Driver (Version: 16.1.1.0 - Synaptics Incorporated) TeamSpeak 3 Client (Version: 3.0.13.1 - TeamSpeak Systems GmbH) TurboCAD Professional 19 64-bit (Version: 19.1.323 - IMSIDesign) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft) User Guide (x32 Version: 1.2 - Samsung Electronics CO., LTD.) VirtualDJ PRO Full (x32 Version: 7.0.5 - Atomix Productions) VLC media player 2.0.8 (x32 Version: 2.0.8 - VideoLAN) Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (Version: 03/07/2012 - GoPro) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live fotoattēlu galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Foto-galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Pošta (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live 메일 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live 사진 갤러리 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live 필수 패키지 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live 照片库 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live 程式集 (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live 软件包 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) WinRAR 4.20 (64-bit) (Version: 4.20.0 - win.rar GmbH) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) ==================== Restore Points ========================= 07-12-2013 02:21:51 Scheduled Checkpoint 16-12-2013 18:35:52 Windows Update 16-12-2013 18:37:22 Windows Modules Installer 20-12-2013 01:29:31 Windows Update 27-12-2013 14:01:37 Scheduled Checkpoint ==================== Hosts content: ========================== 2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {16A7A337-9C43-4073-971E-8C2D29A45DA0} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {19F3886F-0175-449A-B10D-956AC922D83B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {2636A10B-AC34-43CC-9A30-3D9034238798} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {28F9F12B-4B4C-4689-8E7D-866C7CF5CF82} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-08] (Adobe Systems Incorporated) Task: {2B623895-1B5F-43A8-A0DA-141406DA0764} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {35A8C8CE-5238-46D0-92AE-A478407404D1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: {383B8BF8-17AA-4DFA-9062-08057C715D19} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {3CB83C54-2830-410D-8190-D41AB9832D3B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-05] (Google Inc.) Task: {3EC4CD09-DD9A-4BAA-82D2-914F251EE0AD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {48F81DB5-EC10-4A6B-BE09-DCCAD6B1C8CC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {4ADC4224-D9B7-45E7-9ABC-45A905866E1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-05] (Google Inc.) Task: {605A203B-B09F-4F3A-BC99-CEC1F96F7473} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6CE15548-9C97-4BDF-A047-B3066CC29266} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {785E3F7B-9D89-45A4-8321-B4F3DA02765D} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-16] (CyberLink) Task: {78A07F7F-0CC9-4DF9-83CB-71022C93F043} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {79EEA6BB-C3A0-4F32-9CCC-3C09B24D29D7} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {7C9E02C9-8446-4513-BC15-07F1D1DF1AB8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {9AC0B112-6321-488D-A0A6-D46045A49E7D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-12-20] (Microsoft Corporation) Task: {9C96B4F3-5F17-49C7-855C-B848A422675E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A24913FB-9A2C-4FB2-A55D-39ED8CFE6766} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {AA444B90-2431-4635-A243-EFA02CA82065} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {ABFAA607-A974-45E4-91AE-EBC7A648EFF7} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {BD6B9EBF-2C72-4919-9419-813C70ABA420} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {C709435D-7FCB-4964-A54C-7BE55201ECC2} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {CD082071-6273-423C-B59F-9332FC8E8FA5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D6432590-21D4-4E1D-8D66-1B956D6ECA36} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {DD0051B0-E7CB-4949-8204-F297571D5E43} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {FA74FBAF-921B-495B-B346-3217211AD6F3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {FF82CAED-6205-4494-B7CC-6B112182C2EA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-12-26 20:32 - 2013-12-26 20:32 - 02492416 _____ () C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2013-11-02 05:40 - 2013-11-02 05:40 - 05179392 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI.Xaml\1a4edd280e2cfb782141cf02237ae00c\Windows.UI.Xaml.ni.dll 2013-11-02 05:40 - 2013-11-02 05:40 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\0ff25bd7c20be35c2e915bb82db13b72\Windows.UI.ni.dll 2013-12-26 20:49 - 2013-12-26 20:49 - 00023040 _____ () C:\Users\Ben\AppData\Local\YpccPack\cncdevTrust.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:56E2E879 AlternateDataStreams: C:\ProgramData\Temp:73D40B90 AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 AlternateDataStreams: C:\Users\Ben\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/29/2013 11:17:40 PM) (Source: Application Error) (User: ) Description: Faulting application name: WerFault.exe, version: 6.3.9600.16397, time stamp: 0x522b1428 Faulting module name: USER32.dll, version: 6.3.9600.16441, time stamp: 0x5265e50f Exception code: 0xc0000005 Fault offset: 0x0001888a Faulting process ID: 0x1264 Faulting application start time: 0xWerFault.exe0 Faulting application path: WerFault.exe1 Faulting module path: WerFault.exe2 Report ID: WerFault.exe3 Faulting package full name: WerFault.exe4 Faulting package-relative application ID: WerFault.exe5 Error: (12/29/2013 11:17:40 PM) (Source: Application Error) (User: ) Description: Faulting application name: NGenTask.exe, version: 4.0.30319.33440, time stamp: 0x52003c78 Faulting module name: USER32.dll, version: 6.3.9600.16441, time stamp: 0x5265e50f Exception code: 0xc0000005 Fault offset: 0x0001888a Faulting process ID: 0x4e0 Faulting application start time: 0xNGenTask.exe0 Faulting application path: NGenTask.exe1 Faulting module path: NGenTask.exe2 Report ID: NGenTask.exe3 Faulting package full name: NGenTask.exe4 Faulting package-relative application ID: NGenTask.exe5 Error: (12/29/2013 11:17:40 PM) (Source: .NET Runtime) (User: ) Description: Application: NGenTask.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: exception code c0000005, exception address 767F888A Stack: Error: (12/29/2013 06:03:17 PM) (Source: Application Error) (User: ) Description: Faulting application name: WerFault.exe, version: 6.3.9600.16397, time stamp: 0x522b1428 Faulting module name: USER32.dll, version: 6.3.9600.16441, time stamp: 0x5265e50f Exception code: 0xc0000005 Fault offset: 0x0001888a Faulting process ID: 0xc24 Faulting application start time: 0xWerFault.exe0 Faulting application path: WerFault.exe1 Faulting module path: WerFault.exe2 Report ID: WerFault.exe3 Faulting package full name: WerFault.exe4 Faulting package-relative application ID: WerFault.exe5 Error: (12/29/2013 06:03:16 PM) (Source: Application Error) (User: ) Description: Faulting application name: KodakAiOUpdater.exe, version: 7.7.4.0, time stamp: 0x51218f7f Faulting module name: USER32.dll, version: 6.3.9600.16441, time stamp: 0x5265e50f Exception code: 0xc0000005 Fault offset: 0x0001888a Faulting process ID: 0xffc Faulting application start time: 0xKodakAiOUpdater.exe0 Faulting application path: KodakAiOUpdater.exe1 Faulting module path: KodakAiOUpdater.exe2 Report ID: KodakAiOUpdater.exe3 Faulting package full name: KodakAiOUpdater.exe4 Faulting package-relative application ID: KodakAiOUpdater.exe5 Error: (12/29/2013 06:03:16 PM) (Source: .NET Runtime) (User: ) Description: Application: KodakAiOUpdater.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: exception code c0000005, exception address 767F888A Stack: Error: (12/28/2013 10:58:27 PM) (Source: Application Error) (User: ) Description: Faulting application name: NGenTask.exe, version: 4.0.30319.33440, time stamp: 0x52003c78 Faulting module name: USER32.dll, version: 6.3.9600.16441, time stamp: 0x5265e50f Exception code: 0xc0000005 Fault offset: 0x0001888a Faulting process ID: 0x144 Faulting application start time: 0xNGenTask.exe0 Faulting application path: NGenTask.exe1 Faulting module path: NGenTask.exe2 Report ID: NGenTask.exe3 Faulting package full name: NGenTask.exe4 Faulting package-relative application ID: NGenTask.exe5 Error: (12/28/2013 10:58:27 PM) (Source: .NET Runtime) (User: ) Description: Application: NGenTask.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: exception code c0000005, exception address 767F888A Stack: Error: (12/28/2013 10:54:14 PM) (Source: Application Error) (User: ) Description: Faulting application name: vlc.exe, version: 2.0.8.0, time stamp: 0x51f83c55 Faulting module name: USER32.dll, version: 6.3.9600.16441, time stamp: 0x5265e50f Exception code: 0xc000041d Fault offset: 0x0001888a Faulting process ID: 0xe64 Faulting application start time: 0xvlc.exe0 Faulting application path: vlc.exe1 Faulting module path: vlc.exe2 Report ID: vlc.exe3 Faulting package full name: vlc.exe4 Faulting package-relative application ID: vlc.exe5 Error: (12/28/2013 10:54:10 PM) (Source: Application Error) (User: ) Description: Faulting application name: vlc.exe, version: 2.0.8.0, time stamp: 0x51f83c55 Faulting module name: USER32.dll, version: 6.3.9600.16441, time stamp: 0x5265e50f Exception code: 0xc0000005 Fault offset: 0x0001888a Faulting process ID: 0xe64 Faulting application start time: 0xvlc.exe0 Faulting application path: vlc.exe1 Faulting module path: vlc.exe2 Report ID: vlc.exe3 Faulting package full name: vlc.exe4 Faulting package-relative application ID: vlc.exe5 System errors: ============= Error: (12/29/2013 10:00:00 AM) (Source: DCOM) (User: NT AUTHORITY) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (12/28/2013 10:00:00 AM) (Source: DCOM) (User: NT AUTHORITY) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (12/27/2013 05:37:46 PM) (Source: Service Control Manager) (User: ) Description: The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s). Error: (12/27/2013 01:45:32 PM) (Source: DCOM) (User: NT AUTHORITY) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (12/27/2013 01:36:53 PM) (Source: DCOM) (User: BEN-PC) Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (12/27/2013 01:36:38 PM) (Source: Service Control Manager) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (12/27/2013 01:36:38 PM) (Source: Service Control Manager) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (12/27/2013 01:36:38 PM) (Source: Service Control Manager) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (12/27/2013 01:36:38 PM) (Source: DCOM) (User: BEN-PC) Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (12/27/2013 01:36:33 PM) (Source: DCOM) (User: BEN-PC) Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Microsoft Office Sessions: ========================= Error: (12/29/2013 11:17:40 PM) (Source: Application Error)(User: ) Description: WerFault.exe6.3.9600.16397522b1428USER32.dll6.3.9600.164415265e50fc00000050001888a126401cf04ec2b99851eC:\WINDOWS\SysWOW64\WerFault.exeC:\WINDOWS\SYSTEM32\USER32.dll695b85fb-70df-11e3-bea8-e8039af9d3f4 Error: (12/29/2013 11:17:40 PM) (Source: Application Error)(User: ) Description: NGenTask.exe4.0.30319.3344052003c78USER32.dll6.3.9600.164415265e50fc00000050001888a4e001cf04ec2b8d9936C:\Windows\Microsoft.NET\Framework\v4.0.30319\NGenTask.exeC:\WINDOWS\SYSTEM32\USER32.dll6948733f-70df-11e3-bea8-e8039af9d3f4 Error: (12/29/2013 11:17:40 PM) (Source: .NET Runtime)(User: ) Description: Application: NGenTask.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: exception code c0000005, exception address 767F888A Stack: Error: (12/29/2013 06:03:17 PM) (Source: Application Error)(User: ) Description: WerFault.exe6.3.9600.16397522b1428USER32.dll6.3.9600.164415265e50fc00000050001888ac2401cf04c03fe55fadC:\WINDOWS\SysWOW64\WerFault.exeC:\WINDOWS\SYSTEM32\USER32.dll7da4fe21-70b3-11e3-bea8-e8039af9d3f4 Error: (12/29/2013 06:03:16 PM) (Source: Application Error)(User: ) Description: KodakAiOUpdater.exe7.7.4.051218f7fUSER32.dll6.3.9600.164415265e50fc00000050001888affc01cf04c03fd4aefaC:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exeC:\WINDOWS\SYSTEM32\USER32.dll7d91eb4e-70b3-11e3-bea8-e8039af9d3f4 Error: (12/29/2013 06:03:16 PM) (Source: .NET Runtime)(User: ) Description: Application: KodakAiOUpdater.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: exception code c0000005, exception address 767F888A Stack: Error: (12/28/2013 10:58:27 PM) (Source: Application Error)(User: ) Description: NGenTask.exe4.0.30319.3344052003c78USER32.dll6.3.9600.164415265e50fc00000050001888a14401cf042051d893b6C:\Windows\Microsoft.NET\Framework\v4.0.30319\NGenTask.exeC:\WINDOWS\SYSTEM32\USER32.dll8f8ea8e0-7013-11e3-bea8-e8039af9d3f4 Error: (12/28/2013 10:58:27 PM) (Source: .NET Runtime)(User: ) Description: Application: NGenTask.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: exception code c0000005, exception address 767F888A Stack: Error: (12/28/2013 10:54:14 PM) (Source: Application Error)(User: ) Description: vlc.exe2.0.8.051f83c55USER32.dll6.3.9600.164415265e50fc000041d0001888ae6401cf041fb8821b53C:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\USER32.dllf8d0bb07-7012-11e3-bea8-e8039af9d3f4 Error: (12/28/2013 10:54:10 PM) (Source: Application Error)(User: ) Description: vlc.exe2.0.8.051f83c55USER32.dll6.3.9600.164415265e50fc00000050001888ae6401cf041fb8821b53C:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\USER32.dllf63cf563-7012-11e3-bea8-e8039af9d3f4 CodeIntegrity Errors: =================================== Date: 2013-12-22 04:21:50.854 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2013-12-22 04:21:50.694 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2013-12-22 04:21:50.584 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2013-12-22 04:21:50.414 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2013-12-22 04:21:50.369 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2013-12-22 04:21:50.319 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2013-12-22 04:21:48.189 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2013-12-22 04:21:47.629 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2013-12-22 04:19:35.726 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2013-12-22 04:19:34.171 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== Percentage of memory in use: 23% Total physical RAM: 5597.67 MB Available physical RAM: 4269.4 MB Total Pagefile: 11229.68 MB Available Pagefile: 9546.21 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:442.46 GB) (Free:108.01 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 466 GB) (Disk ID: 00B6F24B) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=442 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=23 GB) - (Type=27) ==================== End Of Log ============================
  4. Hi borislav, thanks for the reply. The frst log is as follows: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01 Ran by Ben (administrator) on BEN-PC on 29-12-2013 23:22:17 Running from C:\Users\Ben\Desktop Windows 8.1 Pro (X64) OS Language: English(UK) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Atheros Commnucations) C:\Windows\System32\AdminService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\System32\regsvr32.exe (Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe (Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Farbar) C:\Users\Ben\Desktop\FRST64-1.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-27] (Realtek Semiconductor) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [bCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink) HKLM-x32\...\Run: [Conime] - %windir%\system32\conime.exe HKLM-x32\...\Run: [EKStatusMonitor] - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2010-06-09] (Hewlett-Packard) HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google) HKCU\...\Run: [spotify Web Helper] - C:\Users\Ben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-14] (Spotify Ltd) HKCU\...\Run: [YpccPack] - regsvr32.exe C:\Users\Ben\AppData\Local\YpccPack\cncdevTrust.dll <===== ATTENTION HKU\DefaultAppPool\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com SearchScopes: HKLM-x32 - DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://search.speedbit.com/search.aspx?s=D1Ga&q={searchTerms} SearchScopes: HKLM-x32 - {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://search.speedbit.com/search.aspx?s=D1Ga&q={searchTerms} SearchScopes: HKCU - {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://search.speedbit.com/search.aspx?s=D1Ga&q={searchTerms} BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Chrome: ======= CHR DefaultSearchKeyword: google.co.uk CHR Extension: (Google Docs) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1 CHR Extension: (Google Search) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Skype Click to Call) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_1 CHR Extension: (Google Wallet) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 CHR Extension: (Gmail) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR Extension: (Wolf Toss) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjlncddmdljpioccbmempchonhlifakc\1.1.2.6_0 CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-28] (Advanced Micro Devices, Inc.) R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations) R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2013-10-30] (Microsoft Corporation) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-30] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2013-10-30] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [32896 2012-03-19] (Advanced Micro Devices, Inc.) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation) S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2013-10-30] (Microsoft Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation) R3 sthid; C:\Windows\System32\drivers\sthid.sys [21216 2013-07-16] (Splashtop Inc.) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) U3 idsvc; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-29 23:22 - 2013-12-29 23:22 - 00011629 _____ C:\Users\Ben\Desktop\FRST.txt 2013-12-29 23:22 - 2013-12-29 23:22 - 00000000 ____D C:\FRST 2013-12-29 23:21 - 2013-12-29 23:09 - 01931302 ____N (Farbar) C:\Users\Ben\Desktop\FRST64-1.exe 2013-12-27 17:37 - 2013-12-27 17:37 - 00000000 ___SD C:\32788R22FWJFW 2013-12-27 17:37 - 2013-12-27 17:37 - 00000000 ____D C:\WINDOWS\erdnt 2013-12-27 17:33 - 2013-12-27 17:29 - 05158590 ____R (Swearware) C:\Users\Ben\Desktop\ComboFix.exe 2013-12-27 10:27 - 2013-12-27 10:27 - 00004349 _____ C:\Users\Ben\Desktop\attach.zip 2013-12-27 10:26 - 2013-12-27 10:26 - 00014987 _____ C:\Users\Ben\Desktop\attach.txt 2013-12-27 10:26 - 2013-12-27 10:25 - 00025506 _____ C:\Users\Ben\Desktop\dds.txt 2013-12-27 10:18 - 2013-12-27 09:42 - 00688992 ____R (Swearware) C:\Users\Ben\Desktop\dds.com 2013-12-27 09:37 - 2013-12-27 09:37 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-12-27 09:37 - 2013-12-27 09:37 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Malwarebytes 2013-12-27 09:37 - 2013-12-27 09:37 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-12-27 09:37 - 2013-12-27 09:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-27 09:37 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2013-12-27 09:35 - 2013-12-27 09:35 - 00000000 ____D C:\WINDOWS\pss 2013-12-27 09:28 - 2013-12-27 09:26 - 10285040 ____N (Malwarebytes Corporation ) C:\Users\Ben\Desktop\mbam-setup-1.75.0.1300.exe 2013-12-27 09:16 - 2013-12-27 09:16 - 00783552 _____ C:\WINDOWS\Minidump\122713-22953-01.dmp 2013-12-26 23:54 - 2013-12-26 23:54 - 00280856 _____ C:\WINDOWS\Minidump\122613-24156-01.dmp 2013-12-26 20:49 - 2013-12-26 20:49 - 00000000 ____D C:\Users\Ben\AppData\Local\YpccPack 2013-12-26 17:57 - 2013-12-26 20:13 - 00000000 ____D C:\Users\Ben\Downloads\Machete Kills 2013 2013-12-21 21:37 - 2013-12-22 09:10 - 00000000 ____D C:\Users\Ben\Downloads\Homeland Season 3 Complete - ChameE 2013-12-17 23:34 - 2013-11-23 04:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2013-12-17 23:34 - 2013-11-23 04:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2013-12-17 23:34 - 2013-11-23 03:32 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2013-12-17 23:34 - 2013-11-23 03:10 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2013-12-17 23:32 - 2013-11-09 06:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2013-12-17 23:32 - 2013-11-09 06:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2013-12-17 23:32 - 2013-11-09 05:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2013-12-16 18:51 - 2013-11-11 23:41 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-12-16 18:51 - 2013-11-11 23:40 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-12-16 18:51 - 2013-11-11 23:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2013-12-16 18:51 - 2013-11-11 23:24 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2013-12-16 18:51 - 2013-11-11 02:48 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2013-12-16 18:51 - 2013-11-09 11:55 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2013-12-16 18:51 - 2013-11-09 06:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2013-12-16 18:51 - 2013-11-09 05:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2013-12-16 18:51 - 2013-11-08 10:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2013-12-16 18:51 - 2013-11-08 05:23 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll 2013-12-16 18:51 - 2013-11-08 04:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2013-12-16 18:51 - 2013-11-08 04:42 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll 2013-12-16 18:51 - 2013-11-08 04:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2013-12-16 18:51 - 2013-11-08 04:26 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2013-12-16 18:51 - 2013-11-08 04:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2013-12-16 18:51 - 2013-11-08 04:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2013-12-16 18:51 - 2013-11-08 04:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2013-12-16 18:51 - 2013-11-08 03:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2013-12-16 18:51 - 2013-11-08 03:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2013-12-16 18:51 - 2013-11-05 14:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2013-12-16 18:51 - 2013-11-05 14:03 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2013-12-16 18:51 - 2013-11-05 13:57 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2013-12-16 18:51 - 2013-11-05 13:33 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2013-12-16 18:51 - 2013-11-05 13:32 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2013-12-16 18:51 - 2013-11-04 17:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2013-12-16 18:51 - 2013-11-04 17:13 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2013-12-16 18:51 - 2013-11-04 13:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2013-12-16 18:51 - 2013-11-04 11:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2013-12-16 18:51 - 2013-11-04 10:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2013-12-16 18:51 - 2013-11-04 02:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2013-12-16 18:51 - 2013-11-04 01:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2013-12-16 18:51 - 2013-11-01 11:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2013-12-16 18:51 - 2013-11-01 06:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2013-12-16 18:51 - 2013-11-01 05:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2013-12-16 18:51 - 2013-10-31 00:58 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2013-12-16 18:51 - 2013-10-31 00:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2013-12-16 18:51 - 2013-10-31 00:33 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2013-12-16 18:51 - 2013-10-31 00:33 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2013-12-16 18:51 - 2013-10-31 00:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2013-12-16 18:51 - 2013-10-31 00:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2013-12-16 18:51 - 2013-10-26 01:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys 2013-12-16 18:51 - 2013-10-24 09:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2013-12-16 18:51 - 2013-10-24 09:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2013-12-16 18:51 - 2013-10-17 11:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2013-12-16 18:51 - 2013-10-17 10:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2013-12-16 18:51 - 2013-10-05 14:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2013-12-16 18:51 - 2013-10-05 14:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2013-12-16 18:51 - 2013-10-05 12:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2013-12-16 18:51 - 2013-10-05 12:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2013-12-13 10:23 - 2013-11-26 11:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-12-13 10:23 - 2013-11-26 10:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2013-12-13 10:23 - 2013-11-26 09:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-12-13 10:23 - 2013-11-26 08:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2013-12-13 10:23 - 2013-11-26 08:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2013-12-13 10:23 - 2013-11-26 08:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-12-13 10:23 - 2013-11-26 08:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2013-12-13 10:23 - 2013-11-26 08:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2013-12-13 10:23 - 2013-11-26 07:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-12-13 10:23 - 2013-11-26 07:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2013-12-13 10:23 - 2013-11-26 07:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2013-12-13 10:23 - 2013-11-26 07:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-12-13 10:23 - 2013-11-26 06:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-12-13 10:23 - 2013-11-26 06:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2013-12-13 10:23 - 2013-11-26 06:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2013-12-13 10:23 - 2013-11-26 06:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2013-12-13 10:23 - 2013-11-26 06:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2013-12-13 10:23 - 2013-10-19 08:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2013-12-13 10:23 - 2013-10-19 07:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2013-12-13 10:23 - 2013-10-15 08:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2013-12-13 10:23 - 2013-10-15 08:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2013-12-13 10:22 - 2013-11-08 07:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2013-12-10 07:54 - 2013-12-10 08:21 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E11 HDTV x264-2HD[ettv] 2013-12-10 07:28 - 2013-12-10 07:37 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E10 HDTV x264-ASAP[ettv] 2013-12-10 06:26 - 2013-12-10 06:26 - 00002232 _____ C:\Users\Public\Desktop\Google Earth.lnk 2013-12-09 22:38 - 2013-12-09 23:38 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E09 HDTV x264-2HD[ettv] 2013-12-09 20:57 - 2013-12-09 22:32 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E08 HDTV x264-2HD[ettv] 2013-12-09 20:17 - 2013-12-09 20:33 - 29290614 _____ C:\Users\Ben\Downloads\DWA-556_drv_revALL_2-11b03_all_en_20120726.zip 2013-12-09 12:59 - 2013-12-27 09:16 - 00000000 ____D C:\WINDOWS\Minidump 2013-12-09 12:59 - 2013-12-09 12:59 - 00782200 _____ C:\WINDOWS\Minidump\120913-22812-01.dmp 2013-12-08 21:11 - 2013-12-09 21:28 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E07 HDTV x264-2HD[ettv] 2013-12-08 19:46 - 2013-12-08 21:05 - 561328195 _____ C:\Users\Ben\Downloads\Sons.of.Anarchy.S06E06.HDTV.x264-2HD.mp4 2013-12-07 15:57 - 2013-12-07 15:57 - 00020968 _____ C:\Users\Ben\Downloads\hoursforplex.aspx 2013-12-01 11:07 - 2013-12-02 00:57 - 00000000 ____D C:\Users\Ben\Downloads\Assassins.Creed.IV.Black.Flag-RELOADED ==================== One Month Modified Files and Folders ======= 2013-12-29 23:22 - 2013-12-29 23:22 - 00011629 _____ C:\Users\Ben\Desktop\FRST.txt 2013-12-29 23:22 - 2013-12-29 23:22 - 00000000 ____D C:\FRST 2013-12-29 23:19 - 2013-03-08 18:17 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-12-29 23:17 - 2013-03-10 17:50 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1956592371-2019347335-3144278246-1000 2013-12-29 23:09 - 2013-12-29 23:21 - 01931302 ____N (Farbar) C:\Users\Ben\Desktop\FRST64-1.exe 2013-12-29 23:02 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\sru 2013-12-29 22:24 - 2012-10-05 13:32 - 00000892 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-29 19:24 - 2012-10-05 13:32 - 00000888 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-12-29 17:44 - 2013-10-30 11:29 - 01131305 _____ C:\WINDOWS\WindowsUpdate.log 2013-12-28 10:51 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2013-12-27 17:37 - 2013-12-27 17:37 - 00000000 ___SD C:\32788R22FWJFW 2013-12-27 17:37 - 2013-12-27 17:37 - 00000000 ____D C:\WINDOWS\erdnt 2013-12-27 17:29 - 2013-12-27 17:33 - 05158590 ____R (Swearware) C:\Users\Ben\Desktop\ComboFix.exe 2013-12-27 13:37 - 2013-10-30 11:41 - 00000000 __RDO C:\Users\Ben\SkyDrive 2013-12-27 13:37 - 2013-08-22 14:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-12-27 13:37 - 2013-03-04 22:28 - 00000000 ____D C:\ProgramData\Kodak 2013-12-27 13:28 - 2013-08-22 13:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2013-12-27 12:47 - 2013-09-29 20:03 - 00007438 _____ C:\WINDOWS\PFRO.log 2013-12-27 10:27 - 2013-12-27 10:27 - 00004349 _____ C:\Users\Ben\Desktop\attach.zip 2013-12-27 10:26 - 2013-12-27 10:26 - 00014987 _____ C:\Users\Ben\Desktop\attach.txt 2013-12-27 10:25 - 2013-12-27 10:26 - 00025506 _____ C:\Users\Ben\Desktop\dds.txt 2013-12-27 10:11 - 2013-10-30 20:03 - 00003910 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0D4124DA-9376-4D4C-96AE-7BE17B72B1B6} 2013-12-27 10:07 - 2013-09-30 04:12 - 00992588 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-12-27 09:42 - 2013-12-27 10:18 - 00688992 ____R (Swearware) C:\Users\Ben\Desktop\dds.com 2013-12-27 09:39 - 2012-10-07 17:16 - 00000000 ____D C:\Users\Ben\AppData\Roaming\uTorrent 2013-12-27 09:37 - 2013-12-27 09:37 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-12-27 09:37 - 2013-12-27 09:37 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Malwarebytes 2013-12-27 09:37 - 2013-12-27 09:37 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-12-27 09:37 - 2013-12-27 09:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-27 09:35 - 2013-12-27 09:35 - 00000000 ____D C:\WINDOWS\pss 2013-12-27 09:33 - 2013-10-30 11:03 - 00000000 ____D C:\Users\Ben 2013-12-27 09:26 - 2013-12-27 09:28 - 10285040 ____N (Malwarebytes Corporation ) C:\Users\Ben\Desktop\mbam-setup-1.75.0.1300.exe 2013-12-27 09:16 - 2013-12-27 09:16 - 00783552 _____ C:\WINDOWS\Minidump\122713-22953-01.dmp 2013-12-27 09:16 - 2013-12-09 12:59 - 00000000 ____D C:\WINDOWS\Minidump 2013-12-27 09:15 - 2013-01-15 07:22 - 399341664 _____ C:\WINDOWS\MEMORY.DMP 2013-12-26 23:54 - 2013-12-26 23:54 - 00280856 _____ C:\WINDOWS\Minidump\122613-24156-01.dmp 2013-12-26 20:49 - 2013-12-26 20:49 - 00000000 ____D C:\Users\Ben\AppData\Local\YpccPack 2013-12-26 20:33 - 2012-10-07 10:06 - 00000000 ____D C:\Users\Ben\AppData\Roaming\vlc 2013-12-26 20:32 - 2012-10-05 13:25 - 00000000 ___RD C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-12-26 20:13 - 2013-12-26 17:57 - 00000000 ____D C:\Users\Ben\Downloads\Machete Kills 2013 2013-12-26 19:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2013-12-24 16:08 - 2013-01-17 10:26 - 00000000 ____D C:\Users\Ben\AppData\Roaming\TS3Client 2013-12-22 09:10 - 2013-12-21 21:37 - 00000000 ____D C:\Users\Ben\Downloads\Homeland Season 3 Complete - ChameE 2013-12-21 23:20 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\rescache 2013-12-20 10:33 - 2013-08-22 14:44 - 00491312 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-12-20 09:07 - 2013-08-22 15:36 - 00000000 ___RD C:\WINDOWS\ToastData 2013-12-20 09:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\WinStore 2013-12-20 09:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2013-12-20 09:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\en-GB 2013-12-20 09:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\MediaViewer 2013-12-20 09:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\FileManager 2013-12-20 09:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Camera 2013-12-20 08:56 - 2013-10-04 22:36 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Spotify 2013-12-20 01:34 - 2013-08-04 03:01 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-12-20 01:30 - 2012-10-07 13:18 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-12-19 15:51 - 2013-10-04 22:38 - 00000000 ____D C:\Users\Ben\AppData\Local\Spotify 2013-12-16 18:52 - 2012-10-05 17:05 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-12-11 19:19 - 2013-10-18 07:11 - 00055808 ___SH C:\Users\Ben\Downloads\Thumbs.db 2013-12-10 08:21 - 2013-12-10 07:54 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E11 HDTV x264-2HD[ettv] 2013-12-10 07:37 - 2013-12-10 07:28 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E10 HDTV x264-ASAP[ettv] 2013-12-10 06:26 - 2013-12-10 06:26 - 00002232 _____ C:\Users\Public\Desktop\Google Earth.lnk 2013-12-10 06:26 - 2012-10-05 13:32 - 00000000 ____D C:\Program Files (x86)\Google 2013-12-09 23:38 - 2013-12-09 22:38 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E09 HDTV x264-2HD[ettv] 2013-12-09 22:32 - 2013-12-09 20:57 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E08 HDTV x264-2HD[ettv] 2013-12-09 21:28 - 2013-12-08 21:11 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E07 HDTV x264-2HD[ettv] 2013-12-09 20:33 - 2013-12-09 20:17 - 29290614 _____ C:\Users\Ben\Downloads\DWA-556_drv_revALL_2-11b03_all_en_20120726.zip 2013-12-09 19:44 - 2013-08-22 14:46 - 00348432 _____ C:\WINDOWS\setupact.log 2013-12-09 12:59 - 2013-12-09 12:59 - 00782200 _____ C:\WINDOWS\Minidump\120913-22812-01.dmp 2013-12-08 21:05 - 2013-12-08 19:46 - 561328195 _____ C:\Users\Ben\Downloads\Sons.of.Anarchy.S06E06.HDTV.x264-2HD.mp4 2013-12-07 15:57 - 2013-12-07 15:57 - 00020968 _____ C:\Users\Ben\Downloads\hoursforplex.aspx 2013-12-04 00:05 - 2013-11-17 11:55 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2013-12-04 00:05 - 2013-11-17 11:54 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2013-12-02 19:19 - 2012-10-05 13:32 - 00003864 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2013-12-02 19:19 - 2012-10-05 13:32 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2013-12-02 00:57 - 2013-12-01 11:07 - 00000000 ____D C:\Users\Ben\Downloads\Assassins.Creed.IV.Black.Flag-RELOADED Some content of TEMP: ==================== C:\Users\Ben\AppData\Local\Temp\htmlayout.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-29 06:19 ==================== End Of Log ============================
  5. Hi Borislav, Thanks for your reply. I am not able to run xombo fix as I have windows 8.1. Are there any other suitable programs to use? Many thanks
  6. Hi, I have managed to get a virus after my brother tried to instal this file on my laptop - a very thoughtful christmas present. I have seen that this issue has been resolved before on this site but the steps can vary from pc to pc. I have run mbam and here is the log: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.12.27.03 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16476 Ben :: BEN-PC [administrator] 27/12/2013 10:02:50 mbam-log-2013-12-27 (10-02-50).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 247151 Time elapsed: 12 minute(s), 26 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 3 C:\Users\Ben\AppData\Roaming\verison.dll (Trojan.Agent.ED) -> Delete on reboot. C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HpM3Util.exe (Trojan.Agent.ED) -> Quarantined and deleted successfully. C:\Users\Ben\AppData\Local\Temp\fzjtuhlh.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully. (end) The problem is not resolved so here are the logs from dds.scr. I have pasted both as I dont know how to attach files ffrm my phone. Dds DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16384 BrowserJavaVersion: 10.45.2 Run by Ben at 10:24:40 on 2013-12-27 Microsoft Windows 8.1 Pro 6.3.9600.0.1252.44.2057.18.5598.4439 [GMT 0:00] . AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\system32\atiesrxx.exe C:\WINDOWS\system32\dwm.exe C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\atieclxx.exe C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\WINDOWS\system32\svchost.exe -k apphost C:\WINDOWS\system32\AdminService.exe C:\WINDOWS\system32\dashost.exe C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe C:\WINDOWS\system32\mqsvc.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRService.exe C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\svchost.exe -k iissvcs C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\WINDOWS\system32\taskeng.exe C:\WINDOWS\Explorer.EXE C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRServer.exe C:\WINDOWS\system32\taskhostex.exe C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRFeature.exe C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Windows\System32\skydrive.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\regsvr32.exe C:\WINDOWS\SysWOW64\regsvr32.exe C:\WINDOWS\SysWOW64\runonce.exe C:\WINDOWS\SysWOW64\runonce.exe C:\WINDOWS\SysWOW64\WerFault.exe C:\WINDOWS\system32\taskeng.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\WINDOWS\SysWOW64\WerFault.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Defender\MpCmdRun.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\WINDOWS\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart uRun: [spotify Web Helper] "C:\Users\Ben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" uRun: [YpccPack] regsvr32.exe C:\Users\Ben\AppData\Local\YpccPack\cncdevTrust.dll mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" mRun: [Conime] C:\WINDOWS\System32\conime.exe mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll TCP: NameServer = 192.168.1.254 TCP: Interfaces\{A0041FB7-6244-4017-BC16-95B3640D511E} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{A0041FB7-6244-4017-BC16-95B3640D511E}\2656C6B696E6E2536616 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{A0041FB7-6244-4017-BC16-95B3640D511E}\2656C6B696E6E2536616F5548545 : DHCPNameServer = 192.168.2.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U . ============= SERVICES / DRIVERS =============== . R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmpfd.sys [2012-3-19 32896] R0 intelpep;Intel® Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2013-12-16 39768] R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2013-8-22 76800] R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\WINDOWS\System32\drivers\SABI.sys [2012-5-28 13824] R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2013-9-26 239616] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-9-28 361984] R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472] R2 AtherosSvc;AtherosSvc;C:\WINDOWS\System32\AdminService.exe [2012-8-29 208384] R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2013-2-18 395640] R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-1-15 780152] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136] R2 SplashtopRemoteService;Splashtop Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2013-9-2 790368] R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2013-8-7 609056] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdW76.sys [2012-2-23 95760] R3 BtFilter;BtFilter;C:\WINDOWS\System32\drivers\btfilter.sys [2012-8-29 565760] R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-8-22 224768] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2013-10-28 107288] R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768] R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2013-8-22 16384] R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2013-8-22 591360] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2013-10-28 204568] R3 sthid;Splashtop Virtual Hid;C:\WINDOWS\System32\drivers\sthid.sys [2013-7-16 21216] R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\drivers\usbfilter.sys [2012-5-28 56448] R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2013-8-22 124256] R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2013-8-22 346872] R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2013-8-22 230912] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536] S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2013-8-22 782176] S3 amd_sata;amd_sata;C:\WINDOWS\System32\drivers\amd_sata.sys [2011-12-12 82048] S3 amd_xata;amd_xata;C:\WINDOWS\System32\drivers\amd_xata.sys [2011-12-12 42624] S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2013-8-22 37768] S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2013-8-22 37768] S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2013-8-22 17624] S3 iaLPSSi_GPIO;Intel® Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2013-8-22 24568] S3 iaLPSSi_I2C;Intel® Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2013-8-22 99320] S3 iaStorAV;Intel® SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2013-8-22 651248] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2013-11-14 111616] S3 kbldfltr;kbldfltr;C:\WINDOWS\System32\drivers\kbldfltr.sys [2013-9-30 22272] S3 lfsvc;Windows Location Framework Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768] S3 LSI_SAS3;LSI_SAS3;C:\WINDOWS\System32\drivers\lsi_sas3.sys [2013-8-22 81760] S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc63.sys [2013-8-22 87040] S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2013-8-22 924512] S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUVStor.sys [2012-5-28 314472] S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768] S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2013-12-16 146776] S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2013-8-22 37768] S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2013-11-17 57176] S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2013-8-22 26976] S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\drivers\vmbusr.sys [2013-9-30 129536] S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768] S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2013-8-22 37768] S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2013-8-22 37768] S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2013-8-22 37768] S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2013-8-22 23040] S4 MsKeyboardFilter;Microsoft Keyboard Filter;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-12-27 09:37:43 -------- d-----w- C:\Users\Ben\AppData\Roaming\Malwarebytes 2013-12-27 09:37:28 25928 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys 2013-12-27 09:37:28 -------- d-----w- C:\ProgramData\Malwarebytes 2013-12-27 09:37:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-27 09:35:39 -------- d-----w- C:\WINDOWS\pss 2013-12-26 20:49:08 -------- d-----w- C:\Users\Ben\AppData\Local\YpccPack 2013-12-26 20:48:46 82919 ----a-w- C:\ProgramData\Microsoft\BingDesktop\BingCore\temp\tmpC5AA.exe 2013-12-26 20:32:37 2179072 ----a-w- C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopCore.dll 2013-12-26 10:53:19 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F9BEA580-4FCE-41A1-A448-9A60BE960A23}\mpengine.dll 2013-12-26 04:36:58 10315576 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2013-12-20 02:30:03 232112 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10228.bin 2013-12-17 23:41:12 23492992 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll 2013-12-17 23:41:11 22808656 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll 2013-12-17 23:34:17 568832 ----a-w- C:\WINDOWS\System32\SkyDrive.exe 2013-12-17 23:34:17 4105728 ----a-w- C:\WINDOWS\System32\SyncEngine.dll 2013-12-17 23:34:17 393216 ----a-w- C:\WINDOWS\System32\WMPhoto.dll 2013-12-17 23:34:17 348160 ----a-w- C:\WINDOWS\SysWow64\WMPhoto.dll 2013-12-17 23:32:23 615936 ----a-w- C:\WINDOWS\System32\MDMAgent.exe 2013-12-17 23:32:23 414720 ----a-w- C:\WINDOWS\System32\wbem\MDMSettingsProv.dll 2013-12-17 23:32:23 287744 ----a-w- C:\WINDOWS\System32\mdmregistration.dll 2013-12-17 23:32:22 240128 ----a-w- C:\WINDOWS\SysWow64\mdmregistration.dll 2013-12-17 23:32:22 156672 ----a-w- C:\WINDOWS\System32\wbem\MDMAppProv.dll 2013-12-13 10:23:27 75360 ----a-w- C:\WINDOWS\System32\imagehlp.dll 2013-12-13 10:22:59 4191744 ----a-w- C:\WINDOWS\System32\win32k.sys 2013-12-06 16:52:10 965000 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EFF783FD-B110-4C43-809D-7B39C28901DD}\gapaengine.dll . ==================== Find3M ==================== . 2013-12-04 00:05:48 693240 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe 2013-12-04 00:05:48 105464 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl 2013-11-26 08:35:02 5769216 ----a-w- C:\WINDOWS\System32\jscript9.dll 2013-11-26 08:16:12 4243968 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll 2013-11-26 08:02:16 1995264 ----a-w- C:\WINDOWS\System32\inetcpl.cpl 2013-11-26 07:32:06 1928192 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl 2013-11-26 07:07:57 2334208 ----a-w- C:\WINDOWS\System32\wininet.dll 2013-11-26 06:33:33 1820160 ----a-w- C:\WINDOWS\SysWow64\wininet.dll 2013-11-19 10:30:34 267936 ------w- C:\WINDOWS\System32\MpSigStub.exe 2013-11-13 23:52:34 2724864 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb 2013-11-13 23:52:30 2724864 ----a-w- C:\WINDOWS\System32\mshtml.tlb 2013-11-11 23:41:31 189952 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-11 23:40:06 249856 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-11 23:27:10 701440 ----a-w- C:\WINDOWS\SysWow64\WSShared.dll 2013-11-11 23:24:12 840704 ----a-w- C:\WINDOWS\System32\WSShared.dll 2013-11-11 02:48:41 39768 -c--a-w- C:\WINDOWS\System32\drivers\intelpep.sys 2013-11-09 11:55:11 325464 -c--a-w- C:\WINDOWS\System32\drivers\USBXHCI.SYS 2013-11-09 06:55:17 303104 ----a-w- C:\WINDOWS\apppatch\apppatch64\AcGenral.dll 2013-11-09 06:37:45 1756160 ----a-w- C:\WINDOWS\System32\WMPDMC.exe 2013-11-09 06:13:07 442880 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll 2013-11-09 06:05:53 2415104 ----a-w- C:\WINDOWS\apppatch\AcGenral.dll 2013-11-09 05:56:15 1391104 ----a-w- C:\WINDOWS\SysWow64\WMPDMC.exe 2013-11-08 10:26:23 358896 ----a-w- C:\WINDOWS\System32\dcomp.dll 2013-11-08 05:23:30 449024 ----a-w- C:\WINDOWS\System32\appmgr.dll 2013-11-08 04:43:45 254464 ----a-w- C:\WINDOWS\System32\AppXDeploymentClient.dll 2013-11-08 04:42:52 366080 ----a-w- C:\WINDOWS\SysWow64\appmgr.dll 2013-11-08 04:28:40 13177344 ----a-w- C:\WINDOWS\System32\twinui.dll 2013-11-08 04:26:19 11674624 ----a-w- C:\WINDOWS\SysWow64\twinui.dll 2013-11-08 04:16:46 225792 ----a-w- C:\WINDOWS\SysWow64\dcomp.dll 2013-11-08 04:15:35 198656 ----a-w- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll 2013-11-08 04:07:34 115712 ----a-w- C:\WINDOWS\System32\winbici.dll 2013-11-08 03:41:17 1302528 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll 2013-11-08 03:14:58 922624 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll 2013-11-05 16:20:05 13925888 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll 2013-11-05 16:11:46 18577408 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll 2013-11-05 14:19:16 566784 ----a-w- C:\WINDOWS\System32\wpncore.dll 2013-11-05 14:03:43 637952 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe 2013-11-05 13:57:39 479744 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe 2013-11-05 13:33:44 584192 ----a-w- C:\WINDOWS\SysWow64\SettingSyncCore.dll 2013-11-05 13:32:04 744448 ----a-w- C:\WINDOWS\System32\SettingSyncCore.dll 2013-11-04 17:13:19 382808 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys 2013-11-04 17:13:19 1530200 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys 2013-11-04 13:07:05 1843712 ----a-w- C:\WINDOWS\System32\Display.dll 2013-11-04 11:50:18 2143744 ----a-w- C:\WINDOWS\System32\dwmcore.dll 2013-11-04 10:32:53 2570240 ----a-w- C:\WINDOWS\System32\SettingsHandlers.dll 2013-11-04 02:28:40 1816576 ----a-w- C:\WINDOWS\SysWow64\Display.dll 2013-11-04 01:30:33 1765376 ----a-w- C:\WINDOWS\SysWow64\dwmcore.dll 2013-11-01 11:39:53 86872 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys 2013-11-01 06:08:59 747008 ----a-w- C:\WINDOWS\System32\wlidcli.dll 2013-11-01 05:57:11 544768 ----a-w- C:\WINDOWS\SysWow64\wlidcli.dll 2013-10-31 00:58:59 372568 -c--a-w- C:\WINDOWS\System32\drivers\spaceport.sys 2013-10-31 00:42:16 7399256 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe 2013-10-31 00:33:52 1642016 ----a-w- C:\WINDOWS\System32\winload.efi 2013-10-31 00:33:52 1506680 ----a-w- C:\WINDOWS\System32\winload.exe 2013-10-31 00:33:52 1476184 ----a-w- C:\WINDOWS\System32\winresume.efi 2013-10-31 00:33:52 1345536 ----a-w- C:\WINDOWS\System32\winresume.exe 2013-10-30 10:53:45 0 ----a-w- C:\WINDOWS\ativpsrm.bin 2013-10-30 10:47:17 872840 ----a-w- C:\WINDOWS\System32\mfplat.dll 2013-10-30 10:47:17 698232 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll 2013-10-30 10:46:59 977408 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll 2013-10-30 10:46:59 294400 ----a-w- C:\WINDOWS\System32\Windows.Devices.Sensors.dll 2013-10-30 10:46:59 225792 ----a-w- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll 2013-10-30 10:46:59 1286552 ----a-w- C:\WINDOWS\System32\msctf.dll 2013-10-30 10:46:59 1217024 ----a-w- C:\WINDOWS\System32\Windows.Media.Streaming.dll 2013-10-30 10:46:59 1018960 ----a-w- C:\WINDOWS\SysWow64\msctf.dll 2013-10-28 01:12:12 204568 ----a-w- C:\WINDOWS\System32\drivers\ssudmdm.sys 2013-10-28 01:12:10 107288 ----a-w- C:\WINDOWS\System32\drivers\ssudbus.sys 2013-10-26 01:54:32 146776 ----a-w- C:\WINDOWS\System32\drivers\SerCx2.sys 2013-10-24 09:31:11 30208 ----a-w- C:\WINDOWS\System32\CredentialMigrationHandler.dll 2013-10-24 09:12:58 27136 ----a-w- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll 2013-10-23 11:29:02 44936 ----a-w- C:\WINDOWS\System32\wldp.dll 2013-10-23 11:21:01 155480 -c--a-w- C:\WINDOWS\System32\drivers\usbccgp.sys 2013-10-23 11:13:34 171864 ----a-w- C:\WINDOWS\System32\kd_02_8086.dll 2013-10-22 08:18:16 96088 ----a-w- C:\WINDOWS\System32\embeddedapplauncher.exe 2013-10-22 07:55:27 2328872 ----a-w- C:\WINDOWS\explorer.exe 2013-10-22 06:03:47 2065448 ----a-w- C:\WINDOWS\SysWow64\explorer.exe 2013-10-22 05:15:38 558080 ----a-w- C:\WINDOWS\System32\apphelp.dll 2013-10-22 04:04:03 618496 ----a-w- C:\WINDOWS\SysWow64\apphelp.dll 2013-10-22 03:56:17 186880 ----a-w- C:\WINDOWS\System32\WorkFoldersShell.dll 2013-10-22 03:44:06 761856 ----a-w- C:\WINDOWS\System32\WorkfoldersControl.dll 2013-10-22 02:38:12 1362944 ----a-w- C:\WINDOWS\SysWow64\user32.dll 2013-10-22 02:22:39 381952 ----a-w- C:\WINDOWS\System32\WUSettingsProvider.dll 2013-10-22 02:13:33 1704448 ----a-w- C:\WINDOWS\System32\wucltux.dll 2013-10-22 02:07:57 2617344 ----a-w- C:\WINDOWS\System32\authui.dll 2013-10-22 01:53:47 1584128 ----a-w- C:\WINDOWS\System32\workfolderssvc.dll 2013-10-22 01:47:12 2295808 ----a-w- C:\WINDOWS\SysWow64\authui.dll 2013-10-21 14:16:37 96168 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll 2013-10-19 08:51:07 481392 ----a-w- C:\WINDOWS\System32\mfsvr.dll 2013-10-19 07:14:14 70680 ----a-w- C:\WINDOWS\SysWow64\imagehlp.dll 2013-10-19 07:12:06 380656 ----a-w- C:\WINDOWS\SysWow64\mfsvr.dll 2013-10-19 05:37:49 111616 ----a-w- C:\WINDOWS\System32\ieetwcollector.exe 2013-10-19 04:48:38 607744 ----a-w- C:\WINDOWS\System32\comdlg32.dll 2013-10-19 04:03:41 531968 ----a-w- C:\WINDOWS\SysWow64\comdlg32.dll 2013-10-19 03:26:57 1231360 ----a-w- C:\WINDOWS\System32\Windows.Media.dll 2013-10-19 03:14:29 888832 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll 2013-10-17 15:42:33 1373872 ----a-w- C:\WINDOWS\System32\wmpmde.dll 2013-10-17 15:42:31 1399176 ----a-w- C:\WINDOWS\System32\winmde.dll 2013-10-17 14:04:13 1204968 ----a-w- C:\WINDOWS\SysWow64\winmde.dll 2013-10-16 15:58:02 1943536 ----a-w- C:\WINDOWS\System32\crypt32.dll 2013-10-16 13:54:17 1581968 ----a-w- C:\WINDOWS\SysWow64\crypt32.dll . ============= FINISH: 10:25:53.95 =============== Attach . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 8.1 Pro Boot Device: \Device\HarddiskVolume1 Install Date: 30/10/2013 11:36:40 System Uptime: 27/12/2013 10:16:33 (0 hours ago) . Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | NP355V5C-A05UK Processor: AMD A6-4400M APU with Radeon HD Graphics | P0 | 2700/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 442 GiB total, 109.287 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP8: 07/12/2013 02:21:51 - Scheduled Checkpoint RP9: 16/12/2013 18:35:52 - Windows Update RP10: 16/12/2013 18:37:22 - Windows Modules Installer RP11: 20/12/2013 01:29:31 - Windows Update . ==== Installed Programs ====================== . ???? ??? Windows Live ???? Windows Live ????? Windows Live ?????? ??????? ?? Windows Live ???????? ?????????? Windows Live ?????????? Windows Live ??????????? ?? Windows Live Adobe Reader X (10.1.8) Adobe Shockwave Player 11.6 aioscnnr AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Fuel AMD Media Foundation Decoders AMD Steady Video Plug-In AMD VISION Engine Control Center Atheros Client Installation Program 刉indows Live Essentials 刉indows Live Mail 刉indows Live Messenger 刉indows Live fotogalerija C4USelfUpdater Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CDBurnerXP Counter Strike Source v1.0.0.34 CyberLink Power2Go CyberLink YouCam D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dropbox E-POP Easy File Share Easy Migration essentials EveHQ EVEMon Fotogalerija Windows Live Galeria de Fotografias do Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Galerie foto Windows Live Galer韆 fotogr醘ica de Windows Live Google Chrome Google Drive Google Earth Google Update Helper HP Deskjet 3050 J610 series Basic Device Software HP Deskjet 3050 J610 series Help HP Update Java 7 Update 45 Java Auto Updater Junk Mail filter update Kodak AIO Printer KODAK AiO Software Magic Audio CD Burner Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 4.0 x64 ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MSVCRT MSVCRT_amd64 Multimedia POP ocr OpenAL Pidgin Poczta uslugi Windows Live Podstawowe programy Windows Live Po歵a Windows Live PreReq PrintProjects Raccolta foto di Windows Live Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader S?????? f?t???af??? t?? Windows Live Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SISShortcut SketchUp 2013 SketchUp 8 Skype Click to Call Skype 6.1 Splashtop Software Updater Splashtop Streamer Spotify swMSM Synaptics Pointing Device Driver TeamSpeak 3 Client TurboCAD Professional 19 64-bit Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition User Guide VirtualDJ PRO Full VLC media player 2.0.8 Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) Windows Live Windows Live ?? Windows Live ?? ??? Windows Live ??? Windows Live ???? Windows Live Communications Platform Windows Live Essentials Windows Live Fot髏醨 Windows Live Foto-galerija Windows Live fotoattelu galerija Windows Live Fotogalerie Windows Live Fotogalleri Windows Live Fotogal閞ia Windows Live Fotograf Galerisi Windows Live Galeria de Fotos Windows Live Galerija fotografija Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Po歵a Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Par鏰lar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennusty鰇alu Windows Liven s鋒k鰌osti Windows Liven valokuvavalikoima WinRAR 4.20 (64-bit) . ==== Event Viewer Messages From Past Week ======== . 27/12/2013 10:04:00, Error: Service Control Manager [7022] - The Security Center service did not respond on starting. 27/12/2013 10:00:25, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. 27/12/2013 09:58:47, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 27/12/2013 09:58:47, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 27/12/2013 09:58:36, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start. 27/12/2013 09:58:36, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 27/12/2013 09:58:36, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} 27/12/2013 09:58:36, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "Unavailable" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 27/12/2013 09:58:26, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 27/12/2013 09:57:45, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start. 27/12/2013 09:57:43, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 27/12/2013 09:57:43, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 27/12/2013 09:57:43, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub System service which failed to start because of the following error: A device attached to the system is not functioning. 27/12/2013 09:57:43, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 27/12/2013 09:57:43, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 27/12/2013 09:57:43, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI Proxy Service Driver service which failed to start because of the following error: A device attached to the system is not functioning. 27/12/2013 09:57:43, Error: Service Control Manager [7001] - The Net.Msmq Listener Adapter service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start. 27/12/2013 09:57:43, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 27/12/2013 09:57:43, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 27/12/2013 09:57:43, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 27/12/2013 09:39:49, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "Unavailable" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 27/12/2013 09:39:48, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "Unavailable" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 27/12/2013 09:39:20, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {9E175B68-F52A-11D8-B9A5-505054503030} 27/12/2013 09:16:09, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xffffe00002297060, 0xfffff801b4f9c7c0, 0xffffe0000103d010). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: 122713-22953-01. 27/12/2013 08:46:00, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. 26/12/2013 23:54:11, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff96000064374, 0xffffd00024196d50, 0x0000000000000000). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: 122613-24156-01. 26/12/2013 11:35:42, Error: Microsoft-Windows-Kernel-Power [137] - The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance. . ==== End Of File =========================== Any help would be fantastic as I have quite a bit of work to do on it over this christmas period! Many thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.