Jump to content

Recommended Posts

Hi,

I have managed to get a virus after my brother tried to instal this file on my laptop - a very thoughtful christmas present. I have seen that this issue has been resolved before on this site but the steps can vary from pc to pc. I have run mbam and here is the log:

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.12.27.03

Windows 8 x64 NTFS

Internet Explorer 11.0.9600.16476

Ben :: BEN-PC [administrator]

27/12/2013 10:02:50

mbam-log-2013-12-27 (10-02-50).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 247151

Time elapsed: 12 minute(s), 26 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 3

C:\Users\Ben\AppData\Roaming\verison.dll (Trojan.Agent.ED) -> Delete on reboot.

C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HpM3Util.exe (Trojan.Agent.ED) -> Quarantined and deleted successfully.

C:\Users\Ben\AppData\Local\Temp\fzjtuhlh.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.

(end)

The problem is not resolved so here are the logs from dds.scr. I have pasted both as I dont know how to attach files ffrm my phone.

Dds

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 11.0.9600.16384 BrowserJavaVersion: 10.45.2

Run by Ben at 10:24:40 on 2013-12-27

Microsoft Windows 8.1 Pro 6.3.9600.0.1252.44.2057.18.5598.4439 [GMT 0:00]

.

AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k RPCSS

C:\WINDOWS\system32\atiesrxx.exe

C:\WINDOWS\system32\dwm.exe

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\atieclxx.exe

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\WINDOWS\system32\svchost.exe -k apphost

C:\WINDOWS\system32\AdminService.exe

C:\WINDOWS\system32\dashost.exe

C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe

C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe

C:\WINDOWS\system32\mqsvc.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRService.exe

C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\svchost.exe -k iissvcs

C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\WINDOWS\system32\taskeng.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRServer.exe

C:\WINDOWS\system32\taskhostex.exe

C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe

C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRFeature.exe

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Windows\System32\skydrive.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\System32\regsvr32.exe

C:\WINDOWS\SysWOW64\regsvr32.exe

C:\WINDOWS\SysWOW64\runonce.exe

C:\WINDOWS\SysWOW64\runonce.exe

C:\WINDOWS\SysWOW64\WerFault.exe

C:\WINDOWS\system32\taskeng.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\WINDOWS\SysWOW64\WerFault.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Windows Defender\MpCmdRun.exe

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\WINDOWS\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe,

BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

uRun: [spotify Web Helper] "C:\Users\Ben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

uRun: [YpccPack] regsvr32.exe C:\Users\Ben\AppData\Local\YpccPack\cncdevTrust.dll

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

mRun: [Conime] C:\WINDOWS\System32\conime.exe

mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{A0041FB7-6244-4017-BC16-95B3640D511E} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{A0041FB7-6244-4017-BC16-95B3640D511E}\2656C6B696E6E2536616 : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{A0041FB7-6244-4017-BC16-95B3640D511E}\2656C6B696E6E2536616F5548545 : DHCPNameServer = 192.168.2.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll

x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall

x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U

.

============= SERVICES / DRIVERS ===============

.

R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmpfd.sys [2012-3-19 32896]

R0 intelpep;Intel® Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2013-12-16 39768]

R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2013-8-22 76800]

R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\WINDOWS\System32\drivers\SABI.sys [2012-5-28 13824]

R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2013-9-26 239616]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-9-28 361984]

R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]

R2 AtherosSvc;AtherosSvc;C:\WINDOWS\System32\AdminService.exe [2012-8-29 208384]

R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2013-2-18 395640]

R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-1-15 780152]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]

R2 SplashtopRemoteService;Splashtop Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2013-9-2 790368]

R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2013-8-7 609056]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdW76.sys [2012-2-23 95760]

R3 BtFilter;BtFilter;C:\WINDOWS\System32\drivers\btfilter.sys [2012-8-29 565760]

R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-8-22 224768]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2013-10-28 107288]

R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]

R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2013-8-22 16384]

R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2013-8-22 591360]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2013-10-28 204568]

R3 sthid;Splashtop Virtual Hid;C:\WINDOWS\System32\drivers\sthid.sys [2013-7-16 21216]

R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\drivers\usbfilter.sys [2012-5-28 56448]

R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2013-8-22 124256]

R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2013-8-22 346872]

R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2013-8-22 230912]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]

S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2013-8-22 782176]

S3 amd_sata;amd_sata;C:\WINDOWS\System32\drivers\amd_sata.sys [2011-12-12 82048]

S3 amd_xata;amd_xata;C:\WINDOWS\System32\drivers\amd_xata.sys [2011-12-12 42624]

S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2013-8-22 37768]

S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2013-8-22 37768]

S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2013-8-22 17624]

S3 iaLPSSi_GPIO;Intel® Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2013-8-22 24568]

S3 iaLPSSi_I2C;Intel® Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2013-8-22 99320]

S3 iaStorAV;Intel® SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2013-8-22 651248]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2013-11-14 111616]

S3 kbldfltr;kbldfltr;C:\WINDOWS\System32\drivers\kbldfltr.sys [2013-9-30 22272]

S3 lfsvc;Windows Location Framework Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768]

S3 LSI_SAS3;LSI_SAS3;C:\WINDOWS\System32\drivers\lsi_sas3.sys [2013-8-22 81760]

S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc63.sys [2013-8-22 87040]

S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2013-8-22 924512]

S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUVStor.sys [2012-5-28 314472]

S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]

S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2013-12-16 146776]

S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2013-8-22 37768]

S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2013-11-17 57176]

S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2013-8-22 26976]

S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\drivers\vmbusr.sys [2013-9-30 129536]

S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]

S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2013-8-22 37768]

S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2013-8-22 37768]

S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2013-8-22 37768]

S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2013-8-22 23040]

S4 MsKeyboardFilter;Microsoft Keyboard Filter;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-12-27 09:37:43 -------- d-----w- C:\Users\Ben\AppData\Roaming\Malwarebytes

2013-12-27 09:37:28 25928 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys

2013-12-27 09:37:28 -------- d-----w- C:\ProgramData\Malwarebytes

2013-12-27 09:37:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-12-27 09:35:39 -------- d-----w- C:\WINDOWS\pss

2013-12-26 20:49:08 -------- d-----w- C:\Users\Ben\AppData\Local\YpccPack

2013-12-26 20:48:46 82919 ----a-w- C:\ProgramData\Microsoft\BingDesktop\BingCore\temp\tmpC5AA.exe

2013-12-26 20:32:37 2179072 ----a-w- C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopCore.dll

2013-12-26 10:53:19 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F9BEA580-4FCE-41A1-A448-9A60BE960A23}\mpengine.dll

2013-12-26 04:36:58 10315576 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2013-12-20 02:30:03 232112 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10228.bin

2013-12-17 23:41:12 23492992 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-12-17 23:41:11 22808656 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-12-17 23:34:17 568832 ----a-w- C:\WINDOWS\System32\SkyDrive.exe

2013-12-17 23:34:17 4105728 ----a-w- C:\WINDOWS\System32\SyncEngine.dll

2013-12-17 23:34:17 393216 ----a-w- C:\WINDOWS\System32\WMPhoto.dll

2013-12-17 23:34:17 348160 ----a-w- C:\WINDOWS\SysWow64\WMPhoto.dll

2013-12-17 23:32:23 615936 ----a-w- C:\WINDOWS\System32\MDMAgent.exe

2013-12-17 23:32:23 414720 ----a-w- C:\WINDOWS\System32\wbem\MDMSettingsProv.dll

2013-12-17 23:32:23 287744 ----a-w- C:\WINDOWS\System32\mdmregistration.dll

2013-12-17 23:32:22 240128 ----a-w- C:\WINDOWS\SysWow64\mdmregistration.dll

2013-12-17 23:32:22 156672 ----a-w- C:\WINDOWS\System32\wbem\MDMAppProv.dll

2013-12-13 10:23:27 75360 ----a-w- C:\WINDOWS\System32\imagehlp.dll

2013-12-13 10:22:59 4191744 ----a-w- C:\WINDOWS\System32\win32k.sys

2013-12-06 16:52:10 965000 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EFF783FD-B110-4C43-809D-7B39C28901DD}\gapaengine.dll

.

==================== Find3M ====================

.

2013-12-04 00:05:48 693240 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe

2013-12-04 00:05:48 105464 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl

2013-11-26 08:35:02 5769216 ----a-w- C:\WINDOWS\System32\jscript9.dll

2013-11-26 08:16:12 4243968 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll

2013-11-26 08:02:16 1995264 ----a-w- C:\WINDOWS\System32\inetcpl.cpl

2013-11-26 07:32:06 1928192 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl

2013-11-26 07:07:57 2334208 ----a-w- C:\WINDOWS\System32\wininet.dll

2013-11-26 06:33:33 1820160 ----a-w- C:\WINDOWS\SysWow64\wininet.dll

2013-11-19 10:30:34 267936 ------w- C:\WINDOWS\System32\MpSigStub.exe

2013-11-13 23:52:34 2724864 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb

2013-11-13 23:52:30 2724864 ----a-w- C:\WINDOWS\System32\mshtml.tlb

2013-11-11 23:41:31 189952 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll

2013-11-11 23:40:06 249856 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.Store.TestingFramework.dll

2013-11-11 23:27:10 701440 ----a-w- C:\WINDOWS\SysWow64\WSShared.dll

2013-11-11 23:24:12 840704 ----a-w- C:\WINDOWS\System32\WSShared.dll

2013-11-11 02:48:41 39768 -c--a-w- C:\WINDOWS\System32\drivers\intelpep.sys

2013-11-09 11:55:11 325464 -c--a-w- C:\WINDOWS\System32\drivers\USBXHCI.SYS

2013-11-09 06:55:17 303104 ----a-w- C:\WINDOWS\apppatch\apppatch64\AcGenral.dll

2013-11-09 06:37:45 1756160 ----a-w- C:\WINDOWS\System32\WMPDMC.exe

2013-11-09 06:13:07 442880 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll

2013-11-09 06:05:53 2415104 ----a-w- C:\WINDOWS\apppatch\AcGenral.dll

2013-11-09 05:56:15 1391104 ----a-w- C:\WINDOWS\SysWow64\WMPDMC.exe

2013-11-08 10:26:23 358896 ----a-w- C:\WINDOWS\System32\dcomp.dll

2013-11-08 05:23:30 449024 ----a-w- C:\WINDOWS\System32\appmgr.dll

2013-11-08 04:43:45 254464 ----a-w- C:\WINDOWS\System32\AppXDeploymentClient.dll

2013-11-08 04:42:52 366080 ----a-w- C:\WINDOWS\SysWow64\appmgr.dll

2013-11-08 04:28:40 13177344 ----a-w- C:\WINDOWS\System32\twinui.dll

2013-11-08 04:26:19 11674624 ----a-w- C:\WINDOWS\SysWow64\twinui.dll

2013-11-08 04:16:46 225792 ----a-w- C:\WINDOWS\SysWow64\dcomp.dll

2013-11-08 04:15:35 198656 ----a-w- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll

2013-11-08 04:07:34 115712 ----a-w- C:\WINDOWS\System32\winbici.dll

2013-11-08 03:41:17 1302528 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll

2013-11-08 03:14:58 922624 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll

2013-11-05 16:20:05 13925888 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll

2013-11-05 16:11:46 18577408 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll

2013-11-05 14:19:16 566784 ----a-w- C:\WINDOWS\System32\wpncore.dll

2013-11-05 14:03:43 637952 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe

2013-11-05 13:57:39 479744 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe

2013-11-05 13:33:44 584192 ----a-w- C:\WINDOWS\SysWow64\SettingSyncCore.dll

2013-11-05 13:32:04 744448 ----a-w- C:\WINDOWS\System32\SettingSyncCore.dll

2013-11-04 17:13:19 382808 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys

2013-11-04 17:13:19 1530200 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys

2013-11-04 13:07:05 1843712 ----a-w- C:\WINDOWS\System32\Display.dll

2013-11-04 11:50:18 2143744 ----a-w- C:\WINDOWS\System32\dwmcore.dll

2013-11-04 10:32:53 2570240 ----a-w- C:\WINDOWS\System32\SettingsHandlers.dll

2013-11-04 02:28:40 1816576 ----a-w- C:\WINDOWS\SysWow64\Display.dll

2013-11-04 01:30:33 1765376 ----a-w- C:\WINDOWS\SysWow64\dwmcore.dll

2013-11-01 11:39:53 86872 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys

2013-11-01 06:08:59 747008 ----a-w- C:\WINDOWS\System32\wlidcli.dll

2013-11-01 05:57:11 544768 ----a-w- C:\WINDOWS\SysWow64\wlidcli.dll

2013-10-31 00:58:59 372568 -c--a-w- C:\WINDOWS\System32\drivers\spaceport.sys

2013-10-31 00:42:16 7399256 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe

2013-10-31 00:33:52 1642016 ----a-w- C:\WINDOWS\System32\winload.efi

2013-10-31 00:33:52 1506680 ----a-w- C:\WINDOWS\System32\winload.exe

2013-10-31 00:33:52 1476184 ----a-w- C:\WINDOWS\System32\winresume.efi

2013-10-31 00:33:52 1345536 ----a-w- C:\WINDOWS\System32\winresume.exe

2013-10-30 10:53:45 0 ----a-w- C:\WINDOWS\ativpsrm.bin

2013-10-30 10:47:17 872840 ----a-w- C:\WINDOWS\System32\mfplat.dll

2013-10-30 10:47:17 698232 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll

2013-10-30 10:46:59 977408 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll

2013-10-30 10:46:59 294400 ----a-w- C:\WINDOWS\System32\Windows.Devices.Sensors.dll

2013-10-30 10:46:59 225792 ----a-w- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll

2013-10-30 10:46:59 1286552 ----a-w- C:\WINDOWS\System32\msctf.dll

2013-10-30 10:46:59 1217024 ----a-w- C:\WINDOWS\System32\Windows.Media.Streaming.dll

2013-10-30 10:46:59 1018960 ----a-w- C:\WINDOWS\SysWow64\msctf.dll

2013-10-28 01:12:12 204568 ----a-w- C:\WINDOWS\System32\drivers\ssudmdm.sys

2013-10-28 01:12:10 107288 ----a-w- C:\WINDOWS\System32\drivers\ssudbus.sys

2013-10-26 01:54:32 146776 ----a-w- C:\WINDOWS\System32\drivers\SerCx2.sys

2013-10-24 09:31:11 30208 ----a-w- C:\WINDOWS\System32\CredentialMigrationHandler.dll

2013-10-24 09:12:58 27136 ----a-w- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll

2013-10-23 11:29:02 44936 ----a-w- C:\WINDOWS\System32\wldp.dll

2013-10-23 11:21:01 155480 -c--a-w- C:\WINDOWS\System32\drivers\usbccgp.sys

2013-10-23 11:13:34 171864 ----a-w- C:\WINDOWS\System32\kd_02_8086.dll

2013-10-22 08:18:16 96088 ----a-w- C:\WINDOWS\System32\embeddedapplauncher.exe

2013-10-22 07:55:27 2328872 ----a-w- C:\WINDOWS\explorer.exe

2013-10-22 06:03:47 2065448 ----a-w- C:\WINDOWS\SysWow64\explorer.exe

2013-10-22 05:15:38 558080 ----a-w- C:\WINDOWS\System32\apphelp.dll

2013-10-22 04:04:03 618496 ----a-w- C:\WINDOWS\SysWow64\apphelp.dll

2013-10-22 03:56:17 186880 ----a-w- C:\WINDOWS\System32\WorkFoldersShell.dll

2013-10-22 03:44:06 761856 ----a-w- C:\WINDOWS\System32\WorkfoldersControl.dll

2013-10-22 02:38:12 1362944 ----a-w- C:\WINDOWS\SysWow64\user32.dll

2013-10-22 02:22:39 381952 ----a-w- C:\WINDOWS\System32\WUSettingsProvider.dll

2013-10-22 02:13:33 1704448 ----a-w- C:\WINDOWS\System32\wucltux.dll

2013-10-22 02:07:57 2617344 ----a-w- C:\WINDOWS\System32\authui.dll

2013-10-22 01:53:47 1584128 ----a-w- C:\WINDOWS\System32\workfolderssvc.dll

2013-10-22 01:47:12 2295808 ----a-w- C:\WINDOWS\SysWow64\authui.dll

2013-10-21 14:16:37 96168 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll

2013-10-19 08:51:07 481392 ----a-w- C:\WINDOWS\System32\mfsvr.dll

2013-10-19 07:14:14 70680 ----a-w- C:\WINDOWS\SysWow64\imagehlp.dll

2013-10-19 07:12:06 380656 ----a-w- C:\WINDOWS\SysWow64\mfsvr.dll

2013-10-19 05:37:49 111616 ----a-w- C:\WINDOWS\System32\ieetwcollector.exe

2013-10-19 04:48:38 607744 ----a-w- C:\WINDOWS\System32\comdlg32.dll

2013-10-19 04:03:41 531968 ----a-w- C:\WINDOWS\SysWow64\comdlg32.dll

2013-10-19 03:26:57 1231360 ----a-w- C:\WINDOWS\System32\Windows.Media.dll

2013-10-19 03:14:29 888832 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll

2013-10-17 15:42:33 1373872 ----a-w- C:\WINDOWS\System32\wmpmde.dll

2013-10-17 15:42:31 1399176 ----a-w- C:\WINDOWS\System32\winmde.dll

2013-10-17 14:04:13 1204968 ----a-w- C:\WINDOWS\SysWow64\winmde.dll

2013-10-16 15:58:02 1943536 ----a-w- C:\WINDOWS\System32\crypt32.dll

2013-10-16 13:54:17 1581968 ----a-w- C:\WINDOWS\SysWow64\crypt32.dll

.

============= FINISH: 10:25:53.95 ===============

Attach

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 8.1 Pro

Boot Device: \Device\HarddiskVolume1

Install Date: 30/10/2013 11:36:40

System Uptime: 27/12/2013 10:16:33 (0 hours ago)

.

Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | NP355V5C-A05UK

Processor: AMD A6-4400M APU with Radeon HD Graphics | P0 | 2700/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 442 GiB total, 109.287 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP8: 07/12/2013 02:21:51 - Scheduled Checkpoint

RP9: 16/12/2013 18:35:52 - Windows Update

RP10: 16/12/2013 18:37:22 - Windows Modules Installer

RP11: 20/12/2013 01:29:31 - Windows Update

.

==== Installed Programs ======================

.

???? ??? Windows Live

???? Windows Live

????? Windows Live

?????? ??????? ?? Windows Live

???????? ?????????? Windows Live

?????????? Windows Live

??????????? ?? Windows Live

Adobe Reader X (10.1.8)

Adobe Shockwave Player 11.6

aioscnnr

AMD Accelerated Video Transcoding

AMD APP SDK Runtime

AMD Catalyst Install Manager

AMD Fuel

AMD Media Foundation Decoders

AMD Steady Video Plug-In

AMD VISION Engine Control Center

Atheros Client Installation Program

刉indows Live Essentials

刉indows Live Mail

刉indows Live Messenger

刉indows Live fotogalerija

C4USelfUpdater

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CDBurnerXP

Counter Strike Source v1.0.0.34

CyberLink Power2Go

CyberLink YouCam

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dropbox

E-POP

Easy File Share

Easy Migration

essentials

EveHQ

EVEMon

Fotogalerija Windows Live

Galeria de Fotografias do Windows Live

Galeria fotografii uslugi Windows Live

Galerie de photos Windows Live

Galerie foto Windows Live

Galer韆 fotogr醘ica de Windows Live

Google Chrome

Google Drive

Google Earth

Google Update Helper

HP Deskjet 3050 J610 series Basic Device Software

HP Deskjet 3050 J610 series Help

HP Update

Java 7 Update 45

Java Auto Updater

Junk Mail filter update

Kodak AIO Printer

KODAK AiO Software

Magic Audio CD Burner

Malwarebytes Anti-Malware version 1.75.0.1300

Mesh Runtime

Microsoft Application Error Reporting

Microsoft Office 2010

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft SQL Server Compact 4.0 x64 ENU

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MSVCRT

MSVCRT_amd64

Multimedia POP

ocr

OpenAL

Pidgin

Poczta uslugi Windows Live

Podstawowe programy Windows Live

Po歵a Windows Live

PreReq

PrintProjects

Raccolta foto di Windows Live

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

S?????? f?t???af??? t?? Windows Live

Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition

Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition

SISShortcut

SketchUp 2013

SketchUp 8

Skype Click to Call

Skype 6.1

Splashtop Software Updater

Splashtop Streamer

Spotify

swMSM

Synaptics Pointing Device Driver

TeamSpeak 3 Client

TurboCAD Professional 19 64-bit

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition

Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition

User Guide

VirtualDJ PRO Full

VLC media player 2.0.8

Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )

Windows Live

Windows Live ??

Windows Live ?? ???

Windows Live ???

Windows Live ????

Windows Live Communications Platform

Windows Live Essentials

Windows Live Fot髏醨

Windows Live Foto-galerija

Windows Live fotoattelu galerija

Windows Live Fotogalerie

Windows Live Fotogalleri

Windows Live Fotogal閞ia

Windows Live Fotograf Galerisi

Windows Live Galeria de Fotos

Windows Live Galerija fotografija

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Po歵a

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Temel Par鏰lar

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Liven asennusty鰇alu

Windows Liven s鋒k鰌osti

Windows Liven valokuvavalikoima

WinRAR 4.20 (64-bit)

.

==== Event Viewer Messages From Past Week ========

.

27/12/2013 10:04:00, Error: Service Control Manager [7022] - The Security Center service did not respond on starting.

27/12/2013 10:00:25, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

27/12/2013 09:58:47, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

27/12/2013 09:58:47, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

27/12/2013 09:58:36, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.

27/12/2013 09:58:36, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

27/12/2013 09:58:36, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

27/12/2013 09:58:36, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "Unavailable" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

27/12/2013 09:58:26, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

27/12/2013 09:57:45, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.

27/12/2013 09:57:43, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

27/12/2013 09:57:43, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

27/12/2013 09:57:43, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub System service which failed to start because of the following error: A device attached to the system is not functioning.

27/12/2013 09:57:43, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

27/12/2013 09:57:43, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

27/12/2013 09:57:43, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI Proxy Service Driver service which failed to start because of the following error: A device attached to the system is not functioning.

27/12/2013 09:57:43, Error: Service Control Manager [7001] - The Net.Msmq Listener Adapter service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start.

27/12/2013 09:57:43, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

27/12/2013 09:57:43, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

27/12/2013 09:57:43, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

27/12/2013 09:39:49, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "Unavailable" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}

27/12/2013 09:39:48, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "Unavailable" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

27/12/2013 09:39:20, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {9E175B68-F52A-11D8-B9A5-505054503030}

27/12/2013 09:16:09, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xffffe00002297060, 0xfffff801b4f9c7c0, 0xffffe0000103d010). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: 122713-22953-01.

27/12/2013 08:46:00, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

26/12/2013 23:54:11, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff96000064374, 0xffffd00024196d50, 0x0000000000000000). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: 122613-24156-01.

26/12/2013 11:35:42, Error: Microsoft-Windows-Kernel-Power [137] - The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.

.

==== End Of File ===========================

Any help would be fantastic as I have quite a bit of work to do on it over this christmas period!

Many thanks

Link to post
Share on other sites

Hello benggarth and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
I would like to help you.

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
  • Please copy/paste the contents or attach that log file to your next reply.
  • If needed the file can be located here: C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system.  You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Link to post
Share on other sites

Hi borislav, thanks for the reply. The frst log is as follows:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01

Ran by Ben (administrator) on BEN-PC on 29-12-2013 23:22:17

Running from C:\Users\Ben\Desktop

Windows 8.1 Pro (X64) OS Language: English(UK)

Internet Explorer Version 11

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Atheros Commnucations) C:\Windows\System32\AdminService.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe

(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe

(Microsoft Corporation) C:\Windows\System32\mqsvc.exe

(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe

(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe

(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Microsoft Corporation) C:\Windows\System32\regsvr32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe

(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe

(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe

(Microsoft Corporation) C:\Windows\System32\WWAHost.exe

(Farbar) C:\Users\Ben\Desktop\FRST64-1.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-27] (Realtek Semiconductor)

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [bCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)

HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)

HKLM-x32\...\Run: [Conime] - %windir%\system32\conime.exe

HKLM-x32\...\Run: [EKStatusMonitor] - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)

HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2010-06-09] (Hewlett-Packard)

HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)

HKCU\...\Run: [spotify Web Helper] - C:\Users\Ben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-14] (Spotify Ltd)

HKCU\...\Run: [YpccPack] - regsvr32.exe C:\Users\Ben\AppData\Local\YpccPack\cncdevTrust.dll <===== ATTENTION

HKU\DefaultAppPool\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com

SearchScopes: HKLM-x32 - DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://search.speedbit.com/search.aspx?s=D1Ga&q={searchTerms}

SearchScopes: HKLM-x32 - {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://search.speedbit.com/search.aspx?s=D1Ga&q={searchTerms}

SearchScopes: HKCU - {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://search.speedbit.com/search.aspx?s=D1Ga&q={searchTerms}

BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

Chrome:

=======

CHR DefaultSearchKeyword: google.co.uk

CHR Extension: (Google Docs) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0

CHR Extension: (Google Drive) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0

CHR Extension: (YouTube) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1

CHR Extension: (Google Search) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (Skype Click to Call) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_1

CHR Extension: (Google Wallet) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0

CHR Extension: (Gmail) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

CHR Extension: (Wolf Toss) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjlncddmdljpioccbmempchonhlifakc\1.1.2.6_0

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-28] (Advanced Micro Devices, Inc.)

R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations)

R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2013-10-30] (Microsoft Corporation)

S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-30] (Microsoft Corporation)

R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2013-10-30] (Microsoft Corporation)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [32896 2012-03-19] (Advanced Micro Devices, Inc.)

S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)

S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)

S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)

S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)

R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)

S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)

S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)

R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2013-10-30] (Microsoft Corporation)

R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)

S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)

S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)

S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)

R3 sthid; C:\Windows\System32\drivers\sthid.sys [21216 2013-07-16] (Splashtop Inc.)

S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)

S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)

R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

U3 idsvc;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-29 23:22 - 2013-12-29 23:22 - 00011629 _____ C:\Users\Ben\Desktop\FRST.txt

2013-12-29 23:22 - 2013-12-29 23:22 - 00000000 ____D C:\FRST

2013-12-29 23:21 - 2013-12-29 23:09 - 01931302 ____N (Farbar) C:\Users\Ben\Desktop\FRST64-1.exe

2013-12-27 17:37 - 2013-12-27 17:37 - 00000000 ___SD C:\32788R22FWJFW

2013-12-27 17:37 - 2013-12-27 17:37 - 00000000 ____D C:\WINDOWS\erdnt

2013-12-27 17:33 - 2013-12-27 17:29 - 05158590 ____R (Swearware) C:\Users\Ben\Desktop\ComboFix.exe

2013-12-27 10:27 - 2013-12-27 10:27 - 00004349 _____ C:\Users\Ben\Desktop\attach.zip

2013-12-27 10:26 - 2013-12-27 10:26 - 00014987 _____ C:\Users\Ben\Desktop\attach.txt

2013-12-27 10:26 - 2013-12-27 10:25 - 00025506 _____ C:\Users\Ben\Desktop\dds.txt

2013-12-27 10:18 - 2013-12-27 09:42 - 00688992 ____R (Swearware) C:\Users\Ben\Desktop\dds.com

2013-12-27 09:37 - 2013-12-27 09:37 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-12-27 09:37 - 2013-12-27 09:37 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Malwarebytes

2013-12-27 09:37 - 2013-12-27 09:37 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-12-27 09:37 - 2013-12-27 09:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-12-27 09:37 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2013-12-27 09:35 - 2013-12-27 09:35 - 00000000 ____D C:\WINDOWS\pss

2013-12-27 09:28 - 2013-12-27 09:26 - 10285040 ____N (Malwarebytes Corporation ) C:\Users\Ben\Desktop\mbam-setup-1.75.0.1300.exe

2013-12-27 09:16 - 2013-12-27 09:16 - 00783552 _____ C:\WINDOWS\Minidump\122713-22953-01.dmp

2013-12-26 23:54 - 2013-12-26 23:54 - 00280856 _____ C:\WINDOWS\Minidump\122613-24156-01.dmp

2013-12-26 20:49 - 2013-12-26 20:49 - 00000000 ____D C:\Users\Ben\AppData\Local\YpccPack

2013-12-26 17:57 - 2013-12-26 20:13 - 00000000 ____D C:\Users\Ben\Downloads\Machete Kills 2013

2013-12-21 21:37 - 2013-12-22 09:10 - 00000000 ____D C:\Users\Ben\Downloads\Homeland Season 3 Complete - ChameE

2013-12-17 23:34 - 2013-11-23 04:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll

2013-12-17 23:34 - 2013-11-23 04:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll

2013-12-17 23:34 - 2013-11-23 03:32 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2013-12-17 23:34 - 2013-11-23 03:10 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2013-12-17 23:32 - 2013-11-09 06:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe

2013-12-17 23:32 - 2013-11-09 06:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll

2013-12-17 23:32 - 2013-11-09 05:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll

2013-12-16 18:51 - 2013-11-11 23:41 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2013-12-16 18:51 - 2013-11-11 23:40 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2013-12-16 18:51 - 2013-11-11 23:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2013-12-16 18:51 - 2013-11-11 23:24 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2013-12-16 18:51 - 2013-11-11 02:48 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

2013-12-16 18:51 - 2013-11-09 11:55 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2013-12-16 18:51 - 2013-11-09 06:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe

2013-12-16 18:51 - 2013-11-09 05:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe

2013-12-16 18:51 - 2013-11-08 10:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll

2013-12-16 18:51 - 2013-11-08 05:23 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll

2013-12-16 18:51 - 2013-11-08 04:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2013-12-16 18:51 - 2013-11-08 04:42 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll

2013-12-16 18:51 - 2013-11-08 04:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2013-12-16 18:51 - 2013-11-08 04:26 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2013-12-16 18:51 - 2013-11-08 04:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll

2013-12-16 18:51 - 2013-11-08 04:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2013-12-16 18:51 - 2013-11-08 04:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll

2013-12-16 18:51 - 2013-11-08 03:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2013-12-16 18:51 - 2013-11-08 03:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2013-12-16 18:51 - 2013-11-05 14:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2013-12-16 18:51 - 2013-11-05 14:03 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2013-12-16 18:51 - 2013-11-05 13:57 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2013-12-16 18:51 - 2013-11-05 13:33 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2013-12-16 18:51 - 2013-11-05 13:32 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2013-12-16 18:51 - 2013-11-04 17:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2013-12-16 18:51 - 2013-11-04 17:13 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2013-12-16 18:51 - 2013-11-04 13:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll

2013-12-16 18:51 - 2013-11-04 11:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2013-12-16 18:51 - 2013-11-04 10:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2013-12-16 18:51 - 2013-11-04 02:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll

2013-12-16 18:51 - 2013-11-04 01:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2013-12-16 18:51 - 2013-11-01 11:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys

2013-12-16 18:51 - 2013-11-01 06:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll

2013-12-16 18:51 - 2013-11-01 05:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll

2013-12-16 18:51 - 2013-10-31 00:58 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2013-12-16 18:51 - 2013-10-31 00:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2013-12-16 18:51 - 2013-10-31 00:33 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2013-12-16 18:51 - 2013-10-31 00:33 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2013-12-16 18:51 - 2013-10-31 00:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2013-12-16 18:51 - 2013-10-31 00:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2013-12-16 18:51 - 2013-10-26 01:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys

2013-12-16 18:51 - 2013-10-24 09:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll

2013-12-16 18:51 - 2013-10-24 09:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll

2013-12-16 18:51 - 2013-10-17 11:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2013-12-16 18:51 - 2013-10-17 10:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2013-12-16 18:51 - 2013-10-05 14:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2013-12-16 18:51 - 2013-10-05 14:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2013-12-16 18:51 - 2013-10-05 12:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2013-12-16 18:51 - 2013-10-05 12:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2013-12-13 10:23 - 2013-11-26 11:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2013-12-13 10:23 - 2013-11-26 10:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2013-12-13 10:23 - 2013-11-26 09:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2013-12-13 10:23 - 2013-11-26 08:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2013-12-13 10:23 - 2013-11-26 08:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2013-12-13 10:23 - 2013-11-26 08:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2013-12-13 10:23 - 2013-11-26 08:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2013-12-13 10:23 - 2013-11-26 08:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2013-12-13 10:23 - 2013-11-26 07:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2013-12-13 10:23 - 2013-11-26 07:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2013-12-13 10:23 - 2013-11-26 07:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2013-12-13 10:23 - 2013-11-26 07:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2013-12-13 10:23 - 2013-11-26 06:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2013-12-13 10:23 - 2013-11-26 06:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2013-12-13 10:23 - 2013-11-26 06:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2013-12-13 10:23 - 2013-11-26 06:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2013-12-13 10:23 - 2013-11-26 06:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2013-12-13 10:23 - 2013-10-19 08:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll

2013-12-13 10:23 - 2013-10-19 07:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll

2013-12-13 10:23 - 2013-10-15 08:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll

2013-12-13 10:23 - 2013-10-15 08:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll

2013-12-13 10:22 - 2013-11-08 07:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2013-12-10 07:54 - 2013-12-10 08:21 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E11 HDTV x264-2HD[ettv]

2013-12-10 07:28 - 2013-12-10 07:37 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E10 HDTV x264-ASAP[ettv]

2013-12-10 06:26 - 2013-12-10 06:26 - 00002232 _____ C:\Users\Public\Desktop\Google Earth.lnk

2013-12-09 22:38 - 2013-12-09 23:38 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E09 HDTV x264-2HD[ettv]

2013-12-09 20:57 - 2013-12-09 22:32 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E08 HDTV x264-2HD[ettv]

2013-12-09 20:17 - 2013-12-09 20:33 - 29290614 _____ C:\Users\Ben\Downloads\DWA-556_drv_revALL_2-11b03_all_en_20120726.zip

2013-12-09 12:59 - 2013-12-27 09:16 - 00000000 ____D C:\WINDOWS\Minidump

2013-12-09 12:59 - 2013-12-09 12:59 - 00782200 _____ C:\WINDOWS\Minidump\120913-22812-01.dmp

2013-12-08 21:11 - 2013-12-09 21:28 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E07 HDTV x264-2HD[ettv]

2013-12-08 19:46 - 2013-12-08 21:05 - 561328195 _____ C:\Users\Ben\Downloads\Sons.of.Anarchy.S06E06.HDTV.x264-2HD.mp4

2013-12-07 15:57 - 2013-12-07 15:57 - 00020968 _____ C:\Users\Ben\Downloads\hoursforplex.aspx

2013-12-01 11:07 - 2013-12-02 00:57 - 00000000 ____D C:\Users\Ben\Downloads\Assassins.Creed.IV.Black.Flag-RELOADED

==================== One Month Modified Files and Folders =======

2013-12-29 23:22 - 2013-12-29 23:22 - 00011629 _____ C:\Users\Ben\Desktop\FRST.txt

2013-12-29 23:22 - 2013-12-29 23:22 - 00000000 ____D C:\FRST

2013-12-29 23:19 - 2013-03-08 18:17 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2013-12-29 23:17 - 2013-03-10 17:50 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1956592371-2019347335-3144278246-1000

2013-12-29 23:09 - 2013-12-29 23:21 - 01931302 ____N (Farbar) C:\Users\Ben\Desktop\FRST64-1.exe

2013-12-29 23:02 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\sru

2013-12-29 22:24 - 2012-10-05 13:32 - 00000892 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2013-12-29 19:24 - 2012-10-05 13:32 - 00000888 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2013-12-29 17:44 - 2013-10-30 11:29 - 01131305 _____ C:\WINDOWS\WindowsUpdate.log

2013-12-28 10:51 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\AppReadiness

2013-12-27 17:37 - 2013-12-27 17:37 - 00000000 ___SD C:\32788R22FWJFW

2013-12-27 17:37 - 2013-12-27 17:37 - 00000000 ____D C:\WINDOWS\erdnt

2013-12-27 17:29 - 2013-12-27 17:33 - 05158590 ____R (Swearware) C:\Users\Ben\Desktop\ComboFix.exe

2013-12-27 13:37 - 2013-10-30 11:41 - 00000000 __RDO C:\Users\Ben\SkyDrive

2013-12-27 13:37 - 2013-08-22 14:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2013-12-27 13:37 - 2013-03-04 22:28 - 00000000 ____D C:\ProgramData\Kodak

2013-12-27 13:28 - 2013-08-22 13:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI

2013-12-27 12:47 - 2013-09-29 20:03 - 00007438 _____ C:\WINDOWS\PFRO.log

2013-12-27 10:27 - 2013-12-27 10:27 - 00004349 _____ C:\Users\Ben\Desktop\attach.zip

2013-12-27 10:26 - 2013-12-27 10:26 - 00014987 _____ C:\Users\Ben\Desktop\attach.txt

2013-12-27 10:25 - 2013-12-27 10:26 - 00025506 _____ C:\Users\Ben\Desktop\dds.txt

2013-12-27 10:11 - 2013-10-30 20:03 - 00003910 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0D4124DA-9376-4D4C-96AE-7BE17B72B1B6}

2013-12-27 10:07 - 2013-09-30 04:12 - 00992588 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2013-12-27 09:42 - 2013-12-27 10:18 - 00688992 ____R (Swearware) C:\Users\Ben\Desktop\dds.com

2013-12-27 09:39 - 2012-10-07 17:16 - 00000000 ____D C:\Users\Ben\AppData\Roaming\uTorrent

2013-12-27 09:37 - 2013-12-27 09:37 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-12-27 09:37 - 2013-12-27 09:37 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Malwarebytes

2013-12-27 09:37 - 2013-12-27 09:37 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-12-27 09:37 - 2013-12-27 09:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-12-27 09:35 - 2013-12-27 09:35 - 00000000 ____D C:\WINDOWS\pss

2013-12-27 09:33 - 2013-10-30 11:03 - 00000000 ____D C:\Users\Ben

2013-12-27 09:26 - 2013-12-27 09:28 - 10285040 ____N (Malwarebytes Corporation ) C:\Users\Ben\Desktop\mbam-setup-1.75.0.1300.exe

2013-12-27 09:16 - 2013-12-27 09:16 - 00783552 _____ C:\WINDOWS\Minidump\122713-22953-01.dmp

2013-12-27 09:16 - 2013-12-09 12:59 - 00000000 ____D C:\WINDOWS\Minidump

2013-12-27 09:15 - 2013-01-15 07:22 - 399341664 _____ C:\WINDOWS\MEMORY.DMP

2013-12-26 23:54 - 2013-12-26 23:54 - 00280856 _____ C:\WINDOWS\Minidump\122613-24156-01.dmp

2013-12-26 20:49 - 2013-12-26 20:49 - 00000000 ____D C:\Users\Ben\AppData\Local\YpccPack

2013-12-26 20:33 - 2012-10-07 10:06 - 00000000 ____D C:\Users\Ben\AppData\Roaming\vlc

2013-12-26 20:32 - 2012-10-05 13:25 - 00000000 ___RD C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-12-26 20:13 - 2013-12-26 17:57 - 00000000 ____D C:\Users\Ben\Downloads\Machete Kills 2013

2013-12-26 19:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\NDF

2013-12-24 16:08 - 2013-01-17 10:26 - 00000000 ____D C:\Users\Ben\AppData\Roaming\TS3Client

2013-12-22 09:10 - 2013-12-21 21:37 - 00000000 ____D C:\Users\Ben\Downloads\Homeland Season 3 Complete - ChameE

2013-12-21 23:20 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\rescache

2013-12-20 10:33 - 2013-08-22 14:44 - 00491312 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2013-12-20 09:07 - 2013-08-22 15:36 - 00000000 ___RD C:\WINDOWS\ToastData

2013-12-20 09:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\WinStore

2013-12-20 09:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB

2013-12-20 09:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\en-GB

2013-12-20 09:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\MediaViewer

2013-12-20 09:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\FileManager

2013-12-20 09:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Camera

2013-12-20 08:56 - 2013-10-04 22:36 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Spotify

2013-12-20 01:34 - 2013-08-04 03:01 - 00000000 ____D C:\WINDOWS\system32\MRT

2013-12-20 01:30 - 2012-10-07 13:18 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2013-12-19 15:51 - 2013-10-04 22:38 - 00000000 ____D C:\Users\Ben\AppData\Local\Spotify

2013-12-16 18:52 - 2012-10-05 17:05 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-12-11 19:19 - 2013-10-18 07:11 - 00055808 ___SH C:\Users\Ben\Downloads\Thumbs.db

2013-12-10 08:21 - 2013-12-10 07:54 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E11 HDTV x264-2HD[ettv]

2013-12-10 07:37 - 2013-12-10 07:28 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E10 HDTV x264-ASAP[ettv]

2013-12-10 06:26 - 2013-12-10 06:26 - 00002232 _____ C:\Users\Public\Desktop\Google Earth.lnk

2013-12-10 06:26 - 2012-10-05 13:32 - 00000000 ____D C:\Program Files (x86)\Google

2013-12-09 23:38 - 2013-12-09 22:38 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E09 HDTV x264-2HD[ettv]

2013-12-09 22:32 - 2013-12-09 20:57 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E08 HDTV x264-2HD[ettv]

2013-12-09 21:28 - 2013-12-08 21:11 - 00000000 ____D C:\Users\Ben\Downloads\Sons of Anarchy S06E07 HDTV x264-2HD[ettv]

2013-12-09 20:33 - 2013-12-09 20:17 - 29290614 _____ C:\Users\Ben\Downloads\DWA-556_drv_revALL_2-11b03_all_en_20120726.zip

2013-12-09 19:44 - 2013-08-22 14:46 - 00348432 _____ C:\WINDOWS\setupact.log

2013-12-09 12:59 - 2013-12-09 12:59 - 00782200 _____ C:\WINDOWS\Minidump\120913-22812-01.dmp

2013-12-08 21:05 - 2013-12-08 19:46 - 561328195 _____ C:\Users\Ben\Downloads\Sons.of.Anarchy.S06E06.HDTV.x264-2HD.mp4

2013-12-07 15:57 - 2013-12-07 15:57 - 00020968 _____ C:\Users\Ben\Downloads\hoursforplex.aspx

2013-12-04 00:05 - 2013-11-17 11:55 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2013-12-04 00:05 - 2013-11-17 11:54 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2013-12-02 19:19 - 2012-10-05 13:32 - 00003864 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2013-12-02 19:19 - 2012-10-05 13:32 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2013-12-02 00:57 - 2013-12-01 11:07 - 00000000 ____D C:\Users\Ben\Downloads\Assassins.Creed.IV.Black.Flag-RELOADED

Some content of TEMP:

====================

C:\Users\Ben\AppData\Local\Temp\htmlayout.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-29 06:19

==================== End Of Log ============================

Link to post
Share on other sites

Here is also the addition log as I am unable to attach it as a file from my phone:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2013 01

Ran by Ben at 2013-12-29 23:23:22

Running from C:\Users\Ben\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“)

„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“)

„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Adobe Reader X (10.1.8) (x32 Version: 10.1.8 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.6 (x32 Version: 11.6.7.637 - Adobe Systems, Inc.)

aioscnnr (x32 Version: 7.6.13.10 - Your Company Name)

AMD Accelerated Video Transcoding (Version: 12.5.100.20928 - Advanced Micro Devices, Inc.)

AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.)

AMD Catalyst Install Manager (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)

AMD Fuel (Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.)

AMD Media Foundation Decoders (Version: 1.0.70405.0823 - Advanced Micro Devices, Inc.)

AMD Steady Video Plug-In (Version: 2.03.0000 - AMD)

AMD VISION Engine Control Center (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.)

Atheros Client Installation Program (x32 Version: 9.0 - Atheros)

C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.)

Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.)

Catalyst Control Center InstallProxy (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.)

Catalyst Control Center Localization All (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.)

CCC Help Chinese Standard (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Chinese Traditional (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Czech (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Danish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Dutch (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help English (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Finnish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help French (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help German (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Greek (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Hungarian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Italian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Japanese (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Korean (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Norwegian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Polish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Portuguese (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Russian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Spanish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Swedish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Thai (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

CCC Help Turkish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.)

ccc-utility64 (Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.)

CDBurnerXP (x32 Version: 4.5.2.4291 - CDBurnerXP)

Counter Strike Source v1.0.0.34 (x32 Version: - )

CyberLink Power2Go (x32 Version: 6.1.3802 - CyberLink Corp.)

CyberLink YouCam (x32 Version: 3.1.5016 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)

Dropbox (HKCU Version: 2.0.22 - Dropbox, Inc.)

Easy File Share (x32 Version: 1.3.1 - Samsung Electronics CO., LTD.)

Easy Migration (x32 Version: 1.0 - Samsung Electronics CO., LTD.)

E-POP (x32 Version: 1.0.1 - Samsung Electronics CO., LTD.)

essentials (x32 Version: 7.7.2.0 - Eastman Kodak Company)

EveHQ (x32 Version: - )

EVEMon (x32 Version: 1.8.4.4125 - battleclinic.com)

Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)

Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.)

Google Earth (x32 Version: 7.1.2.2041 - Google)

Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.)

HP Deskjet 3050 J610 series Basic Device Software (Version: 22.50.231.0 - Hewlett-Packard Co.)

HP Deskjet 3050 J610 series Help (x32 Version: 140.0.63.63 - Hewlett Packard)

HP Update (x32 Version: 5.002.006.003 - Hewlett-Packard)

Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company)

KODAK AiO Software (x32 Version: 7.7.4.0 - Eastman Kodak Company)

Magic Audio CD Burner (x32 Version: 1.4 - Magic Audio Tools)

Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation)

Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 4.0 x64 ENU (Version: 4.0.8482.1 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft)

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft)

Multimedia POP (x32 Version: 1.2 - Samsung Electronics CO., LTD.)

ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company)

OpenAL (x32 Version: - )

Pidgin (x32 Version: 2.10.7 - )

Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company)

PrintProjects (x32 Version: 1.0.0.9282 - RocketLife Inc.)

Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Realtek Ethernet Controller Driver (x32 Version: 7.54.309.2012 - Realtek)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6602 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Card Reader (x32 Version: 6.1.7601.39025 - Realtek Semiconductor Corp.)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft)

SISShortcut (x32 Version: 1.0.0.3 - Samsung Electronics Co., LTD)

SketchUp 2013 (x32 Version: 13.0.3689 - Trimble Navigation Limited)

SketchUp 8 (x32 Version: 3.0.15158 - Trimble Navigation Limited)

Skype Click to Call (x32 Version: 6.13.13771 - Skype Technologies S.A.)

Skype™ 6.1 (x32 Version: 6.1.129 - Skype Technologies S.A.)

Splashtop Software Updater (x32 Version: 1.5.6.14 - Splashtop Inc.)

Splashtop Streamer (x32 Version: 2.4.5.2 - Splashtop Inc.)

Spotify (HKCU Version: 0.9.4.185.g7545a404 - Spotify AB)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc)

Synaptics Pointing Device Driver (Version: 16.1.1.0 - Synaptics Incorporated)

TeamSpeak 3 Client (Version: 3.0.13.1 - TeamSpeak Systems GmbH)

TurboCAD Professional 19 64-bit (Version: 19.1.323 - IMSIDesign)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft)

User Guide (x32 Version: 1.2 - Samsung Electronics CO., LTD.)

VirtualDJ PRO Full (x32 Version: 7.0.5 - Atomix Productions)

VLC media player 2.0.8 (x32 Version: 2.0.8 - VideoLAN)

Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (Version: 03/07/2012 - GoPro)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live fotoattēlu galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Foto-galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation)

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation)

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт)

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Pošta (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live 메일 (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live 사진 갤러리 (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live 필수 패키지 (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live 照片库 (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live 程式集 (x32 Version: 15.4.3538.0513 - Microsoft Corporation)

Windows Live 软件包 (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

WinRAR 4.20 (64-bit) (Version: 4.20.0 - win.rar GmbH)

Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт)

Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

==================== Restore Points =========================

07-12-2013 02:21:51 Scheduled Checkpoint

16-12-2013 18:35:52 Windows Update

16-12-2013 18:37:22 Windows Modules Installer

20-12-2013 01:29:31 Windows Update

27-12-2013 14:01:37 Scheduled Checkpoint

==================== Hosts content: ==========================

2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

Task: {16A7A337-9C43-4073-971E-8C2D29A45DA0} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {19F3886F-0175-449A-B10D-956AC922D83B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

Task: {2636A10B-AC34-43CC-9A30-3D9034238798} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe

Task: {28F9F12B-4B4C-4689-8E7D-866C7CF5CF82} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-08] (Adobe Systems Incorporated)

Task: {2B623895-1B5F-43A8-A0DA-141406DA0764} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)

Task: {35A8C8CE-5238-46D0-92AE-A478407404D1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

Task: {383B8BF8-17AA-4DFA-9062-08057C715D19} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)

Task: {3CB83C54-2830-410D-8190-D41AB9832D3B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-05] (Google Inc.)

Task: {3EC4CD09-DD9A-4BAA-82D2-914F251EE0AD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe

Task: {48F81DB5-EC10-4A6B-BE09-DCCAD6B1C8CC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe

Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance

Task: {4ADC4224-D9B7-45E7-9ABC-45A905866E1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-05] (Google Inc.)

Task: {605A203B-B09F-4F3A-BC99-CEC1F96F7473} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe

Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup

Task: {6CE15548-9C97-4BDF-A047-B3066CC29266} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task

Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

Task: {785E3F7B-9D89-45A4-8321-B4F3DA02765D} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-16] (CyberLink)

Task: {78A07F7F-0CC9-4DF9-83CB-71022C93F043} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {79EEA6BB-C3A0-4F32-9CCC-3C09B24D29D7} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

Task: {7C9E02C9-8446-4513-BC15-07F1D1DF1AB8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task

Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask

Task: {9AC0B112-6321-488D-A0A6-D46045A49E7D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-12-20] (Microsoft Corporation)

Task: {9C96B4F3-5F17-49C7-855C-B848A422675E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe

Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work

Task: {A24913FB-9A2C-4FB2-A55D-39ED8CFE6766} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe

Task: {AA444B90-2431-4635-A243-EFA02CA82065} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe

Task: {ABFAA607-A974-45E4-91AE-EBC7A648EFF7} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe

Task: {BD6B9EBF-2C72-4919-9419-813C70ABA420} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe

Task: {C709435D-7FCB-4964-A54C-7BE55201ECC2} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe

Task: {CD082071-6273-423C-B59F-9332FC8E8FA5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe

Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask

Task: {D6432590-21D4-4E1D-8D66-1B956D6ECA36} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe

Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization

Task: {DD0051B0-E7CB-4949-8204-F297571D5E43} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe

Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE

Task: {FA74FBAF-921B-495B-B346-3217211AD6F3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe

Task: {FF82CAED-6205-4494-B7CC-6B112182C2EA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-12-26 20:32 - 2013-12-26 20:32 - 02492416 _____ () C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2013-11-02 05:40 - 2013-11-02 05:40 - 05179392 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI.Xaml\1a4edd280e2cfb782141cf02237ae00c\Windows.UI.Xaml.ni.dll

2013-11-02 05:40 - 2013-11-02 05:40 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\0ff25bd7c20be35c2e915bb82db13b72\Windows.UI.ni.dll

2013-12-26 20:49 - 2013-12-26 20:49 - 00023040 _____ () C:\Users\Ben\AppData\Local\YpccPack\cncdevTrust.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:56E2E879

AlternateDataStreams: C:\ProgramData\Temp:73D40B90

AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

AlternateDataStreams: C:\Users\Ben\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (12/29/2013 11:17:40 PM) (Source: Application Error) (User: )

Description: Faulting application name: WerFault.exe, version: 6.3.9600.16397, time stamp: 0x522b1428

Faulting module name: USER32.dll, version: 6.3.9600.16441, time stamp: 0x5265e50f

Exception code: 0xc0000005

Fault offset: 0x0001888a

Faulting process ID: 0x1264

Faulting application start time: 0xWerFault.exe0

Faulting application path: WerFault.exe1

Faulting module path: WerFault.exe2

Report ID: WerFault.exe3

Faulting package full name: WerFault.exe4

Faulting package-relative application ID: WerFault.exe5

Error: (12/29/2013 11:17:40 PM) (Source: Application Error) (User: )

Description: Faulting application name: NGenTask.exe, version: 4.0.30319.33440, time stamp: 0x52003c78

Faulting module name: USER32.dll, version: 6.3.9600.16441, time stamp: 0x5265e50f

Exception code: 0xc0000005

Fault offset: 0x0001888a

Faulting process ID: 0x4e0

Faulting application start time: 0xNGenTask.exe0

Faulting application path: NGenTask.exe1

Faulting module path: NGenTask.exe2

Report ID: NGenTask.exe3

Faulting package full name: NGenTask.exe4

Faulting package-relative application ID: NGenTask.exe5

Error: (12/29/2013 11:17:40 PM) (Source: .NET Runtime) (User: )

Description: Application: NGenTask.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: exception code c0000005, exception address 767F888A

Stack:

Error: (12/29/2013 06:03:17 PM) (Source: Application Error) (User: )

Description: Faulting application name: WerFault.exe, version: 6.3.9600.16397, time stamp: 0x522b1428

Faulting module name: USER32.dll, version: 6.3.9600.16441, time stamp: 0x5265e50f

Exception code: 0xc0000005

Fault offset: 0x0001888a

Faulting process ID: 0xc24

Faulting application start time: 0xWerFault.exe0

Faulting application path: WerFault.exe1

Faulting module path: WerFault.exe2

Report ID: WerFault.exe3

Faulting package full name: WerFault.exe4

Faulting package-relative application ID: WerFault.exe5

Error: (12/29/2013 06:03:16 PM) (Source: Application Error) (User: )

Description: Faulting application name: KodakAiOUpdater.exe, version: 7.7.4.0, time stamp: 0x51218f7f

Faulting module name: USER32.dll, version: 6.3.9600.16441, time stamp: 0x5265e50f

Exception code: 0xc0000005

Fault offset: 0x0001888a

Faulting process ID: 0xffc

Faulting application start time: 0xKodakAiOUpdater.exe0

Faulting application path: KodakAiOUpdater.exe1

Faulting module path: KodakAiOUpdater.exe2

Report ID: KodakAiOUpdater.exe3

Faulting package full name: KodakAiOUpdater.exe4

Faulting package-relative application ID: KodakAiOUpdater.exe5

Error: (12/29/2013 06:03:16 PM) (Source: .NET Runtime) (User: )

Description: Application: KodakAiOUpdater.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: exception code c0000005, exception address 767F888A

Stack:

Error: (12/28/2013 10:58:27 PM) (Source: Application Error) (User: )

Description: Faulting application name: NGenTask.exe, version: 4.0.30319.33440, time stamp: 0x52003c78

Faulting module name: USER32.dll, version: 6.3.9600.16441, time stamp: 0x5265e50f

Exception code: 0xc0000005

Fault offset: 0x0001888a

Faulting process ID: 0x144

Faulting application start time: 0xNGenTask.exe0

Faulting application path: NGenTask.exe1

Faulting module path: NGenTask.exe2

Report ID: NGenTask.exe3

Faulting package full name: NGenTask.exe4

Faulting package-relative application ID: NGenTask.exe5

Error: (12/28/2013 10:58:27 PM) (Source: .NET Runtime) (User: )

Description: Application: NGenTask.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: exception code c0000005, exception address 767F888A

Stack:

Error: (12/28/2013 10:54:14 PM) (Source: Application Error) (User: )

Description: Faulting application name: vlc.exe, version: 2.0.8.0, time stamp: 0x51f83c55

Faulting module name: USER32.dll, version: 6.3.9600.16441, time stamp: 0x5265e50f

Exception code: 0xc000041d

Fault offset: 0x0001888a

Faulting process ID: 0xe64

Faulting application start time: 0xvlc.exe0

Faulting application path: vlc.exe1

Faulting module path: vlc.exe2

Report ID: vlc.exe3

Faulting package full name: vlc.exe4

Faulting package-relative application ID: vlc.exe5

Error: (12/28/2013 10:54:10 PM) (Source: Application Error) (User: )

Description: Faulting application name: vlc.exe, version: 2.0.8.0, time stamp: 0x51f83c55

Faulting module name: USER32.dll, version: 6.3.9600.16441, time stamp: 0x5265e50f

Exception code: 0xc0000005

Fault offset: 0x0001888a

Faulting process ID: 0xe64

Faulting application start time: 0xvlc.exe0

Faulting application path: vlc.exe1

Faulting module path: vlc.exe2

Report ID: vlc.exe3

Faulting package full name: vlc.exe4

Faulting package-relative application ID: vlc.exe5

System errors:

=============

Error: (12/29/2013 10:00:00 AM) (Source: DCOM) (User: NT AUTHORITY)

Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/28/2013 10:00:00 AM) (Source: DCOM) (User: NT AUTHORITY)

Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/27/2013 05:37:46 PM) (Source: Service Control Manager) (User: )

Description: The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).

Error: (12/27/2013 01:45:32 PM) (Source: DCOM) (User: NT AUTHORITY)

Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/27/2013 01:36:53 PM) (Source: DCOM) (User: BEN-PC)

Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (12/27/2013 01:36:38 PM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Error: (12/27/2013 01:36:38 PM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Error: (12/27/2013 01:36:38 PM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Error: (12/27/2013 01:36:38 PM) (Source: DCOM) (User: BEN-PC)

Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (12/27/2013 01:36:33 PM) (Source: DCOM) (User: BEN-PC)

Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Microsoft Office Sessions:

=========================

Error: (12/29/2013 11:17:40 PM) (Source: Application Error)(User: )

Description: WerFault.exe6.3.9600.16397522b1428USER32.dll6.3.9600.164415265e50fc00000050001888a126401cf04ec2b99851eC:\WINDOWS\SysWOW64\WerFault.exeC:\WINDOWS\SYSTEM32\USER32.dll695b85fb-70df-11e3-bea8-e8039af9d3f4

Error: (12/29/2013 11:17:40 PM) (Source: Application Error)(User: )

Description: NGenTask.exe4.0.30319.3344052003c78USER32.dll6.3.9600.164415265e50fc00000050001888a4e001cf04ec2b8d9936C:\Windows\Microsoft.NET\Framework\v4.0.30319\NGenTask.exeC:\WINDOWS\SYSTEM32\USER32.dll6948733f-70df-11e3-bea8-e8039af9d3f4

Error: (12/29/2013 11:17:40 PM) (Source: .NET Runtime)(User: )

Description: Application: NGenTask.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: exception code c0000005, exception address 767F888A

Stack:

Error: (12/29/2013 06:03:17 PM) (Source: Application Error)(User: )

Description: WerFault.exe6.3.9600.16397522b1428USER32.dll6.3.9600.164415265e50fc00000050001888ac2401cf04c03fe55fadC:\WINDOWS\SysWOW64\WerFault.exeC:\WINDOWS\SYSTEM32\USER32.dll7da4fe21-70b3-11e3-bea8-e8039af9d3f4

Error: (12/29/2013 06:03:16 PM) (Source: Application Error)(User: )

Description: KodakAiOUpdater.exe7.7.4.051218f7fUSER32.dll6.3.9600.164415265e50fc00000050001888affc01cf04c03fd4aefaC:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exeC:\WINDOWS\SYSTEM32\USER32.dll7d91eb4e-70b3-11e3-bea8-e8039af9d3f4

Error: (12/29/2013 06:03:16 PM) (Source: .NET Runtime)(User: )

Description: Application: KodakAiOUpdater.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: exception code c0000005, exception address 767F888A

Stack:

Error: (12/28/2013 10:58:27 PM) (Source: Application Error)(User: )

Description: NGenTask.exe4.0.30319.3344052003c78USER32.dll6.3.9600.164415265e50fc00000050001888a14401cf042051d893b6C:\Windows\Microsoft.NET\Framework\v4.0.30319\NGenTask.exeC:\WINDOWS\SYSTEM32\USER32.dll8f8ea8e0-7013-11e3-bea8-e8039af9d3f4

Error: (12/28/2013 10:58:27 PM) (Source: .NET Runtime)(User: )

Description: Application: NGenTask.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: exception code c0000005, exception address 767F888A

Stack:

Error: (12/28/2013 10:54:14 PM) (Source: Application Error)(User: )

Description: vlc.exe2.0.8.051f83c55USER32.dll6.3.9600.164415265e50fc000041d0001888ae6401cf041fb8821b53C:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\USER32.dllf8d0bb07-7012-11e3-bea8-e8039af9d3f4

Error: (12/28/2013 10:54:10 PM) (Source: Application Error)(User: )

Description: vlc.exe2.0.8.051f83c55USER32.dll6.3.9600.164415265e50fc00000050001888ae6401cf041fb8821b53C:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\USER32.dllf63cf563-7012-11e3-bea8-e8039af9d3f4

CodeIntegrity Errors:

===================================

Date: 2013-12-22 04:21:50.854

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-22 04:21:50.694

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-22 04:21:50.584

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-22 04:21:50.414

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-22 04:21:50.369

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-22 04:21:50.319

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-22 04:21:48.189

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-22 04:21:47.629

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-22 04:19:35.726

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-22 04:19:34.171

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Percentage of memory in use: 23%

Total physical RAM: 5597.67 MB

Available physical RAM: 4269.4 MB

Total Pagefile: 11229.68 MB

Available Pagefile: 9546.21 MB

Total Virtual: 131072 MB

Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:442.46 GB) (Free:108.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 466 GB) (Disk ID: 00B6F24B)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=442 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=23 GB) - (Type=27)

==================== End Of Log ============================

Link to post
Share on other sites

Don't attach your log files, just copy/paste them.

Open Notepad (Start => All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open Notepad and select Paste). Save it on the same directory as FRST.exe and save it as fixlist.txt

 

HKCU\...\Run: [YpccPack] - regsvr32.exe C:\Users\Ben\AppData\Local\YpccPack\cncdevTrust.dll <===== ATTENTION

2013-12-26 20:49 - 2013-12-26 20:49 - 00000000 ____D C:\Users\Ben\AppData\Local\YpccPack

C:\Users\Ben\AppData\Local\Temp\htmlayout.dll

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Run FRST (or FRST64 if you have the 64bit version) and press the Fix button just once and wait.

The tool will make a log (Fixlog.txt) please post it to your reply.

Reboot Normally.

Link to post
Share on other sites

Hi borislav. here is the fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-12-2013 01

Ran by Ben at 2014-01-02 20:02:29 Run:1

Running from C:\Users\Ben\Desktop

Boot Mode: Normal

==============================================

Content of fixlist:

*****************

HKCU\...\Run: [YpccPack] - regsvr32.exe C:\Users\Ben\AppData\Local\YpccPack\cncdevTrust.dll <===== ATTENTION

2013-12-26 20:49 - 2013-12-26 20:49 -00000000 ____D C:Users\Ben\AppData\Local\YpccPack

C:\Users\Ben\AppData\Local\Temp\htmlayout.dll

*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\YpccPack => Value deleted successfully.

"2013-12-26 20:49 - 2013-12-26 20:49 -00000000 ____D C:Users\Ben\AppData\Local\YpccPack" => File/Directory not found.

C:\Users\Ben\AppData\Local\Temp\htmlayout.dll => Moved successfully.

==== End of Fixlog ====

Link to post
Share on other sites

Probably a fake codec.

One additional scan please, just to make sure everything is fine now.

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.