Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

windowscodecs.dll errors


  • This topic is locked This topic is locked
21 replies to this topic

#1 candooa

candooa

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 02 December 2013 - 07:05 PM

When I restart my laptop upon startup keep receiving error message that say certain programs cannot start due to windowscodecs.dll bad image. This error appears quite a few times upon startup. 
 
Also when i try to run a certain program i receive the error message "c:\windows\system32\windowscodecs.dll is either not designed to run on Windows or it contains an error."
 
I've tried the sfc/sannow in command prompt but receive the message that it found errors but was unable to fix them. 
 
What should i do to fix this problem?

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2
Run by Alex Candoo at 10:03:25 on 2013-12-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8103.5616 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Windows\SysWOW64\C2MP\TrayMenu.exe
C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com/?type=888596&fr=spigot-yhp-ie
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://asus.msn.com
uSearchAssistant = hxxp://www.google.com
uURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll
uURLSearchHooks: SearchMe Toolbar: {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\8.3\searchmeToolbarIE.dll
uURLSearchHooks: Connect DLC 5 Toolbar: {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
mURLSearchHooks: Connect DLC 5 Toolbar: {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: SearchMe Toolbar: {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\8.3\searchmeToolbarIE.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [ConduitFloatingPlugin_lipgolpfajiadodbcbljdpmbmbdmfcil] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\ALEXCA~1\AppData\Local\Temp\CT3306061\plugins\TBVerifier.dll",RunConduitFloatingPlugin lipgolpfajiadodbcbljdpmbmbdmfcil
uRun: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
uRun: [BackgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Alex Candoo\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
mRun: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CODECP~2.LNK - C:\Windows\SysWOW64\C2MP\TrayMenu.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CODECP~1.LNK - C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDriveAutoRun = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Evernote 4 - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A0BBBC5F-13CA-49E0-90FE-7C9D73176A9A} : NameServer = 0.0.0.0
TCP: Interfaces\{AAFE0469-7280-4341-B28C-8CFA9B1C0664} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{AAFE0469-7280-4341-B28C-8CFA9B1C0664}\05B405 : DHCPNameServer = 192.168.1.1 8.8.8.8 10.1.10.1
TCP: Interfaces\{AAFE0469-7280-4341-B28C-8CFA9B1C0664}\5436F6E6F6C6F646765602F4E602759666960223 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{AAFE0469-7280-4341-B28C-8CFA9B1C0664}\A43535 : DHCPNameServer = 10.1.10.1 192.168.1.1
TCP: Interfaces\{AAFE0469-7280-4341-B28C-8CFA9B1C0664}\B4440275962756C6563737 : DHCPNameServer = 199.66.141.51 199.66.140.50
TCP: Interfaces\{AAFE0469-7280-4341-B28C-8CFA9B1C0664}\E464340224 : DHCPNameServer = 10.1.10.1 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Deal Slider BHO: {E4607B39-174A-44BA-AB08-8892366ECA13} - LocalServer32 - <no file>
x64-Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 assd;assd;C:\Windows\System32\drivers\assd.sys [2011-8-18 27264]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-8-11 283200]
R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2013-11-27 807800]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 134944]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-16 13832]
R3 AMPPAL;Intel® Centrino® Bluetooth 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-3-22 261632]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-3-8 51712]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-3-8 274944]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-7-15 138024]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\System32\drivers\FLxHCIc.sys [2011-4-8 177152]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\System32\drivers\FLxHCIh.sys [2011-4-8 56320]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-3-22 59904]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-7-15 317440]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-3-24 25496]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-7-15 76912]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2011-3-24 42392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 AMPPALP;Intel® Centrino® Bluetooth 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-3-22 261632]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2010-5-2 44032]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-4-1 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 HPFXFAX;HPFXFAX;C:\Windows\System32\drivers\hpfx64fax.sys [2007-7-16 23064]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-19 111616]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-3-24 34200]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-8-26 25928]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-18 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-18 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-2 1255736]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2013-8-29 14544]
S4 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-8-18 379520]
S4 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-3-22 1136128]
S4 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-3-30 923984]
S4 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-3-30 1321296]
S4 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-3-30 1001808]
S4 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-2-23 134928]
S4 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-8-26 418376]
S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-8-26 701512]
S4 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-5-4 25824]
S4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240]
S4 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-4-6 1153368]
S4 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S4 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-12-02 09:31:36 10285968 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0ECBFC47-E221-4181-BA61-E0B9BDF04417}\mpengine.dll
2013-12-02 08:55:22 -------- d-----w- C:\ComboFix
2013-12-01 08:21:00 10285968 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-01 05:13:16 -------- d-----w- C:\Program Files (x86)\SearchMe Toolbar
2013-12-01 05:11:40 -------- d-----w- C:\Windows\SysWow64\C2MP
2013-12-01 04:55:09 -------- d-----w- C:\Windows\Migration
2013-12-01 02:14:31 -------- d-----w- C:\Users\Alex Candoo\AppData\Local\SlimWare Utilities Inc
2013-12-01 02:14:02 -------- d-----w- C:\Program Files (x86)\SlimCleaner
2013-12-01 01:54:01 -------- d-----w- C:\Windows\SysWow64\windowscodecs
2013-12-01 01:04:20 -------- d-----w- C:\Users\Alex Candoo\AppData\Local\BenchUpdater
2013-12-01 01:04:19 -------- d-----w- C:\Program Files (x86)\Bench
2013-12-01 00:52:53 -------- d-----w- C:\ProgramData\Conduit
2013-12-01 00:52:49 -------- d-----w- C:\Program Files (x86)\Connect_DLC_5
2013-12-01 00:51:10 -------- d-----w- C:\Program Files (x86)\SearchProtect
2013-12-01 00:50:10 -------- d-----w- C:\Users\Alex Candoo\AppData\Roaming\SearchProtect
2013-12-01 00:50:00 -------- d-----w- C:\Users\Alex Candoo\AppData\Local\NativeMessaging
2013-12-01 00:29:05 -------- d-----w- C:\ProgramData\Logs
2013-11-30 08:19:08 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2013-11-30 08:19:06 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2013-11-21 09:12:32 -------- d-----w- C:\Users\Alex Candoo\jagexcache1
2013-11-21 08:58:29 -------- d-----w- C:\Users\Alex Candoo\jagexcache
2013-11-21 08:57:39 -------- d-----w- C:\ProgramData\Oracle
2013-11-21 08:54:58 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-14 00:32:06 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-11-14 00:32:06 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-11-14 00:32:03 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-11-14 00:32:00 197120 ----a-w- C:\Windows\System32\credui.dll
2013-11-14 00:32:00 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-11-14 00:32:00 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-11-14 00:32:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-11-07 08:44:31 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-11-07 08:44:31 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AA998CF9-B6AB-471E-BB18-C68917473AFC}\gapaengine.dll
.
==================== Find3M ====================
.
2013-12-02 09:22:02 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-09-27 17:53:06 248240 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2013-09-27 17:53:06 134944 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
2013-09-12 05:21:54 863344 ----a-w- C:\Windows\SysWow64\msvcr110_clr0400.dll
2013-09-12 05:21:54 501872 ----a-w- C:\Windows\SysWow64\msvcp110_clr0400.dll
2013-09-12 05:21:54 28776 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll
2013-09-12 05:21:54 18000 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
2013-09-12 03:39:06 855664 ----a-w- C:\Windows\System32\msvcr110_clr0400.dll
2013-09-12 03:39:06 614000 ----a-w- C:\Windows\System32\msvcp110_clr0400.dll
2013-09-12 03:39:06 30312 ----a-w- C:\Windows\System32\aspnet_counters.dll
2013-09-12 03:39:06 18000 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
.
============= FINISH: 10:05:11.22 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 9/30/2011 3:14:59 PM
System Uptime: 12/2/2013 3:10:00 AM (7 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | U46E
Processor: Intel® Core™ i5-2430M CPU @ 2.40GHz | CPU 1 | 792/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 279 GiB total, 33.328 GiB free.
D: is FIXED (NTFS) - 394 GiB total, 394.066 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Canon MX860 ser Network
Device ID: ROOT\CANON_IJ_NETWORK\0000
Manufacturer: Canon
Name: Canon MX860 ser Network
PNP Device ID: ROOT\CANON_IJ_NETWORK\0000
Service: StillCam
.
Class GUID:
Description: Officejet 4500 G510n-z
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer:
Name: Officejet 4500 G510n-z
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service:
.
Class GUID:
Description: Officejet 4500 G510n-z
Device ID: ROOT\MULTIFUNCTION\0004
Manufacturer:
Name: Officejet 4500 G510n-z
PNP Device ID: ROOT\MULTIFUNCTION\0004
Service:
.
Class GUID:
Description: Photosmart Plus B209a-m
Device ID: ROOT\MULTIFUNCTION\0007
Manufacturer:
Name: Photosmart Plus B209a-m
PNP Device ID: ROOT\MULTIFUNCTION\0007
Service:
.
==== System Restore Points ===================
.
RP331: 11/30/2013 1:42:41 PM - Installed Microsoft Camera Codec Pack
RP332: 11/30/2013 4:46:19 PM - Revo Uninstaller's restore point - Dll-Files Fixer
RP333: 11/30/2013 4:50:43 PM - Revo Uninstaller's restore point - Dll-Files Fixer
RP334: 11/30/2013 8:53:03 PM - Windows Update
RP335: 12/1/2013 12:41:03 AM - Revo Uninstaller's restore point - SlimCleaner
RP336: 12/1/2013 12:41:34 AM - Removed SlimCleaner
RP337: 12/1/2013 1:04:42 AM - Revo Uninstaller's restore point - Free Window Registry Repair
RP338: 12/1/2013 10:50:25 PM - Revo Uninstaller's restore point - PunkBuster Services
RP339: 12/1/2013 11:12:30 PM - Revo Uninstaller's restore point - Uplay
RP340: 12/2/2013 1:14:52 AM - Restore Operation
.
==== Installed Programs ======================
.
??????? Windows Live Mesh ActiveX ??(????)
??????? Windows Live Mesh ActiveX ???
4660_4680_Help
64 Bit HP CIO Components Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Alcor Micro USB Card Reader
ALTools Update
ALZip 8.51
Amazon Kindle
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASIO4ALL
ASUS AI Recovery
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS Power4Gear Hybrid
ASUS Secure Delete
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS U Series ScreenSaver
ASUS Virtual Camera
ASUS WebStorage
AsusVibe2.0
ATK Package
Audacity 1.3.13 (Unicode)
Belvedere 0.7.1
Bonjour
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
Canon MX860 series MP Drivers
CCleaner
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Control ActiveX de Windows Live Mesh para conexiones remotas
Controlo ActiveX do Windows Live Mesh para Ligações Remotas
Counter-Strike: Global Offensive
Counter-Strike: Global Offensive - SDK
CyberLink LabelPrint
CyberLink Power2Go
D3DX10
DAEMON Tools Lite
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Destinations
DeviceDiscovery
Dexpot
DocMgr
DocProc
ETDWare PS/2-X64 8.0.5.0_WHQL
Evernote v. 4.6.2
f.lux
Far Cry® 3
Far Cry® 3 Blood Dragon
Fast Boot
Fax
ffdshow [rev 2527] [2008-12-19]
FL Studio 9
Fresco Logic USB3.0 Host Controller
Galeria de Fotografias do Windows Live
Galerie de photos Windows Live
Galería fotográfica de Windows Live
GIMP 2.8.6
Google Chrome
Google Drive
Google Earth Plug-in
Google Update Helper
GPBaseService2
Hardcore
HP Customer Participation Program 14.0
HP Document Manager 2.0
HP Imaging Device Functions 14.0
HP OfficeJet J4600 All-In-One Series
HP Photosmart Premium C309g-m All-in-One Driver 14.0 Rel. 6
HP Smart Web Printing 4.60
HP Solution Center 14.0
HPProductAssistant
HPSSupply
IL Download Manager
Intel PROSet Wireless
Intel® Control Center
Intel® Processor Graphics
Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed
Intel® PROSet/Wireless Software for Bluetooth® Technology
Intel® PROSet/Wireless WiFi Software
Intel® Turbo Boost Technology Monitor
Intel® WiDi
Intel® Wireless Display
IObit Apps Toolbar v7.6
iTunes
J4680
Java 7 Update 45
Java Auto Updater
Junk Mail filter update
LG Verizon United Drivers
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
Memeo AutoSync
Memeo Instant Backup
Mesh Runtime
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5.1
Microsoft Access MUI (English) 2013
Microsoft Access Setup Metadata MUI (English) 2013
Microsoft Application Error Reporting
Microsoft Chart Controls for Microsoft .NET Framework 3.5
Microsoft DCF MUI (English) 2013
Microsoft Excel MUI (English) 2013
Microsoft Expression Blend 3 SDK
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Expression Studio 4
Microsoft Expression Web 4
Microsoft Expression Web 4 Service Pack 2
Microsoft Groove MUI (English) 2013
Microsoft InfoPath MUI (English) 2013
Microsoft Lync MUI (English) 2013
Microsoft Office 32-bit Components 2013
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office OSM MUI (English) 2013
Microsoft Office OSM UX MUI (English) 2013
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Professional Plus 2013
Microsoft Office Project MUI (English) 2010
Microsoft Office Project Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing (English) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Español
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2013
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared MUI (English) 2013
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2013
Microsoft Office Visio 2010
Microsoft Office Visio MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft OneNote MUI (English) 2013
Microsoft Outlook MUI (English) 2013
Microsoft PowerPoint MUI (English) 2013
Microsoft Project Professional 2010
Microsoft Publisher MUI (English) 2013
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server PowerPivot for Excel (64-bit)
Microsoft Visio Professional 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Word MUI (English) 2013
Mozilla Thunderbird 14.0 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
Music Manager
Network64
Nuance PDF Reader
NVIDIA PhysX
OCR Software by I.R.I.S. 14.0
OpenAL
Outils de vérification linguistique 2013 de Microsoft Office - Français
Picasa 3
PoiZone
Portal
Portal 2
ProductContext
PS_AIO_06_C309g-m_SW_Min
QuickTime
Razer Game Booster
Realtek High Definition Audio Driver
Revo Uninstaller 1.94
Sawer
Scan
SceneSwitch
Seagate Dashboard
SearchMe Toolbar v8.3
Secure Download Manager
Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition
Security Update for Microsoft Excel 2013 (KB2827238) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2760781) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition
Security Update for Microsoft Office 2013 (KB2768005) 64-Bit Edition
Security Update for Microsoft Office 2013 (KB2810009) 64-Bit Edition
Security Update for Microsoft Office 2013 (KB2817623) 64-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 64-Bit Edition
Security Update for Microsoft Outlook 2013 (KB2837618) 64-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
Shop for HP Supplies
Skype Click to Call
Skype™ 5.10
SmartWebPrinting
SolutionCenter
Sonic Focus
Source SDK Base 2007
Spotify
Spybot - Search & Destroy
Status
Steam
syncables desktop SE
Team Fortress 2
TI Connect 1.6
TI StudyCards Creator
Toolbox
Toxic Biohazard
TrayApp
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft InfoPath 2013 (KB2752078) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2825630) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760257) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817309) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817311) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817640) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837643) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837649) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2837642) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2817625) 64-Bit Edition
Update for Microsoft Project 2013 (KB2767859) 64-Bit Edition
Update for Microsoft Publisher 2013 (KB2752097) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2752018) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 64-Bit Edition
Update for Microsoft Word 2013 (KB2817631) 64-Bit Edition
Update for Microsoft Word 2013 (KB2837630) 64-Bit Edition
Uplay
Visual Studio 2008 x64 Redistributables
VLC media player 2.0.5
Vuze
Vuze Remote Toolbar
WebReg
Windows 7 Codec Pack 4.0.8
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1)
Windows Live
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinFlash
WinSCP 4.3.5
Wireless Console 3
WModem Driver Installer
WPF Toolkit February 2010 (Version 3.5.50211.1)
XML Marker version 2.1
Yontoo Layers Runtime 1.10.01
.
==== Event Viewer Messages From Past Week ========
.
12/2/2013 9:52:49 AM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
12/2/2013 12:50:08 AM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
12/2/2013 12:50:08 AM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
12/2/2013 1:16:01 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.990.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
12/2/2013 1:16:01 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.990.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
12/2/2013 1:06:26 AM, Error: Service Control Manager [7034] - The Bluetooth OBEX Service service terminated unexpectedly. It has done this 1 time(s).
11/30/2013 9:13:38 PM, Error: Microsoft Antimalware [1005] - Microsoft Antimalware scan has encountered an error and terminated. Scan ID: {08FD62C2-7A9A-41AC-B951-3202380F7507} Scan Type: Antimalware Scan Parameters: Quick Scan User: AlexCandoo-PC\Alex Candoo Error Code: 0x8050800d Error description: Some history items could not be displayed. Please wait a few minutes and try again. If that doesn't work, clear the history and then try again.
11/30/2013 2:34:20 AM, Error: Service Control Manager [7009] - A timeout was reached (120000 milliseconds) while waiting for the Windows Search service to connect.
11/30/2013 2:34:20 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/30/2013 2:32:39 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
11/30/2013 2:32:39 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
.
==== End Of File ===========================

Attached Files


Edited by Oh My, 09 December 2013 - 05:01 PM.
Moved from Win 7 to Malware Removal Logs - Hamluis


BC AdBot (Login to Remove)

 


#2 candooa

candooa
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 04 December 2013 - 12:13 AM

 .


Edited by candooa, 04 December 2013 - 12:45 AM.


#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,729 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:20 PM

Posted 07 December 2013 - 07:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/516156 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,374 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:20 PM

Posted 09 December 2013 - 05:02 PM

Greetings candooa and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me some time to review the information you have provided and I will reply as soon as possible.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,374 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:20 PM

Posted 09 December 2013 - 05:36 PM

Greetings and thanks again for your patience.

Can you tell me when this issue first surfaced?

Please consider and do this.

===================================================

Spybot S&D No Longer Recommended

--------------------

MVPS.org is no longer recommending Spybot S&D due to poor testing results. (scroll down on the web site and read under Freeware Antispyware Products)

I strongly recommend uninstalling Spybot Search & Destroy. The presence of this program can make cleaning your computer more difficult.

If you choose to uninstall please go to Start, Control Panel, Add/Remove Programs (or Programs and Features) and uninstall the program.

===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Delete
  • Confirm each time with OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[S1].txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Obtaining Windows Update Log

--------------------
  • Please browse to the following location

C:\Windows\WindowsUpdate.log

  • Zip the file and attach it to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • When did this start?
  • AdwCleaner log
  • Junkware log
  • Zipped and attached Windows Update log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#6 candooa

candooa
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 09 December 2013 - 10:08 PM

Hey Gary thanks for your time I appreciate it.

 

I have been aware of the problem for about 3 weeks but cannot be certain when it originated because it occurs with programs i have not used in a while or have had off in the startup of windows.

 

I have completed the scans that you have requested and am posting the logs that you want.

 

Thanks again.

 

Adwcleaner log is as follows:

 

# AdwCleaner v3.014 - Report created 09/12/2013 at 17:51:43
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Alex Candoo - ALEXCANDOO-PC
# Running from : C:\Users\Alex Candoo\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\Bench
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DefaultTab
Folder Deleted : C:\Program Files (x86)\IObit Apps Toolbar
Folder Deleted : C:\Program Files (x86)\Playbryte
Folder Deleted : C:\Program Files (x86)\SaveValet
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\Vuze_Remote
Folder Deleted : C:\Program Files (x86)\Yontoo Layers Runtime
Folder Deleted : C:\Program Files (x86)\Vuze
Folder Deleted : C:\Program Files (x86)\Connect_DLC_5
Folder Deleted : C:\Users\Alex Candoo\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Alex Candoo\AppData\Local\Zoom_Downloader
Folder Deleted : C:\Users\Alex Candoo\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Alex Candoo\AppData\LocalLow\incredibar.com
Folder Deleted : C:\Users\Alex Candoo\AppData\LocalLow\Playbryte
Folder Deleted : C:\Users\Alex Candoo\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Alex Candoo\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\Users\Alex Candoo\AppData\LocalLow\Connect_DLC_5
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Alex Candoo\AppData\Local\funmoods-speeddial.crx
File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3306061
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{24C1F23B-0796-4C3A-8E00-BAB4D876D4A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{24C1F23B-0796-4C3A-8E00-BAB4D876D4A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDC49246-598A-4A63-A367-04CE48D70A24}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{292F3236-E57F-4E16-B44D-6BA8A8A79D99}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47EF6243-2A33-4D82-B1E4-759D011333A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5207E46-68C7-4484-AAD6-6649E9D5F065}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{91607FA7-3C2F-4F90-93E3-D5337A6B0AC2}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\incredibar.com
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\RewardsArcade
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Connect_DLC_5
Key Deleted : HKCU\Software\AppDataLow\Software\Vuze_Remote
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\incredibar.com
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\Software\Connect_DLC_5
Key Deleted : HKLM\Software\Vuze_Remote
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Web Assistant
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [13654 octets] - [09/12/2013 17:48:22]
AdwCleaner[S0].txt - [12416 octets] - [09/12/2013 17:51:43]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12477 octets] ##########
 
 
The Junkware Removal Tool Log is as Follows:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Alex Candoo on Mon 12/09/2013 at 18:25:18.61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011431152}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120809_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120809_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_0908-d119e081_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_0908-d119e081_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PricePeepInstaller-Adknowledge_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PricePeepInstaller-Adknowledge_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011431152}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120809_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120809_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_0908-d119e081_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_0908-d119e081_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PricePeepInstaller-Adknowledge_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PricePeepInstaller-Adknowledge_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0FB6B8EE-B9D5-4037-940B-D7D75109C1C9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A0F7E247-0049-4321-AD94-4F2EA0FC16A2}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Alex Candoo\appdata\local\cre"
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{02C75FCD-FAAB-4DFB-B661-779D200F7AF6}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{0A1D618F-0443-43E6-8015-8B7728A73760}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{0C5B07B9-E7A5-4506-BA36-143E84F8723F}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{0E295B81-D2E6-43C9-9F61-9ED657C8E1DF}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{107844BA-E0FA-43C9-8E43-5470862EBF01}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{14F57544-532E-4A78-B0BE-332ED0FD0463}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{18127BFE-49B6-488F-9FB3-37586BAEA4AC}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{1A030F4A-7A66-41B7-A331-7BB0A3DAB420}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{1C6DDF96-5095-47F2-824A-1A8CEBCEDC4B}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{25A10545-E82A-4F25-B6D7-31A0D686C256}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{3A7DCAED-C497-4228-ADE5-A076964723C0}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{3CF0C2F5-5CC5-40FA-BB1D-7EB4AF7BD4BB}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{426512F1-13B0-4C30-8042-A9ABD58DE49A}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{445CCAAB-C776-4596-B41E-D505E08B5CAB}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{4A8DA83C-A0C3-4B95-B951-4CEC53BDA908}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{59652DDF-B097-4617-8165-B1C5B8DBA6DE}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{5BBAA9DC-3414-4EE6-AD19-A733EF049D1F}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{5F18FD18-6253-42C3-B168-460DEF40A3FE}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{5F9C341B-0A64-46C1-8BC8-B5E01636B4F0}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{63F3B1AD-0F94-49F8-95DD-311BF0C822A9}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{77C1DC4C-D2AB-44A6-8ADA-85348B9BED42}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{7C534FFF-555E-4F8E-9C0C-4A3891AF6ACB}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{7DAB9D14-0C52-496D-BF06-150E54911751}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{7F3F00E3-02DA-481F-90FE-973B2EAE39CD}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{80CAC58F-29E0-4EAC-B45C-A461B9299CC8}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{8633D8E1-8164-4A0C-A029-79205908EED1}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{938DC5F2-366C-4243-A4D9-7BE382B47C12}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{995AE73C-AD41-46EF-AA04-9408863DAA75}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{9B58FF9A-9EF6-4A57-8661-71F60D764214}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{9BB341A7-C3EC-41DD-83E0-A86F128C47CC}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{9DA4577F-CF64-4A46-B098-F40202DFF9A5}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{B005797E-A920-4A96-B04C-A7721D47865F}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{B143C0DA-B06B-4865-B6EB-BB5316A9F2A8}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{B17EE67A-958B-457A-B8B4-64390FE79B11}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{B6241ED3-63A6-4FCC-B5D7-DC1232782CD5}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{B91AEEA8-363E-419E-8D7D-62E08A5047E3}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{BAD90D9D-3091-4155-818D-BEB3925E8789}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{BB89514F-CECF-4AA0-9CC8-992DFD4D2F5A}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{BD20B80A-B0E9-4AE7-97FE-BC818DA50B3E}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{BFE5C35E-917B-4709-8D17-11F4E7982ADB}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{C01FE733-6F8E-49D1-A860-2FD1F82E2643}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{C5EE6518-68E2-4FA3-97FE-9311349C1EA1}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{C66A7EF1-E9B1-443B-8A2F-223B093D2CFD}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{CC6664D5-3A0E-480F-BBD8-C3B87C5205E5}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{D322EAB2-A644-446D-AF6F-CB0D04E8A67B}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{E3E657B2-177A-4699-B1D2-59199521138B}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{E4BC6A23-D5BF-4C58-AF9D-1F0C9A4210F1}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{E4D95B83-7957-4B8C-A0B2-84F9A4D4A990}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{EA4A5B1F-BF77-4ADD-B7F7-7FDAC9361096}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{EF7A93F1-AAFB-431C-8BE3-6402F7CB8157}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{F3A23249-D840-445C-95F9-F7FCEF9311DA}
Successfully deleted: [Empty Folder] C:\Users\Alex Candoo\appdata\local\{FEA28137-23F6-43D6-848F-2940DC9ADA02}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 12/09/2013 at 18:45:31.05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
The Windowsupdate.log is zipped and attached. Thank You.
 

Attached File  WindowsUpdate.zip   143.67KB   1 downloads



#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,374 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:20 PM

Posted 09 December 2013 - 11:35 PM

Please do this so I can check some error information.

===================================================

Event Viewer Critical/Warning Information Windows 8/7/Vista

--------------------
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type eventvwr.msc and press Enter
  • Click on the arrow to the left of Windows Logs to expand the category
  • Left click on System
  • On the right hand side of the screen click Filter Current Log...
  • Select Critical and Warning, then click OK
  • Select Save Filtered Log File As...
  • Under File Name: please type System then save it to your desktop
  • Left click on Application and repeat the above steps saving the file as Application
  • Zip the files and notify me when you have successfully uploaded them here
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Event Viewer upload

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#8 candooa

candooa
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 10 December 2013 - 01:26 AM

Hey Gary,

 

My computer seems to have trouble with the event viewer i get a error message upon opening it that says "MMC has detected an error in a snap-in and will unload it."

 

Then when click OK there is another message saying: 

 

Unhandled Exception in Managed Code Snap-in

FX:{b05566ad-fe9c-4363-be05-7a4cbb7cb510}

Parameter is not valid.

Exception type:

System.ArgumentException

Exception stack trace:

 at System.Drawing.Image.Clone()
   at System.Windows.Forms.ImageList.CreateBitmap(Original original, Boolean& ownsBitmap)
   at System.Windows.Forms.ImageList.CreateHandle()
   at System.Windows.Forms.ImageList.get_Handle()
   at System.Windows.Forms.ImageListStreamer.GetObjectData(SerializationInfo si, StreamingContext context)
   at System.Runtime.Serialization.ObjectCloneHelper.GetObjectData(Object serObj, String& typeName, String& assemName, String[]& fieldNames, Object[]& fieldValues)
 
 
   at Microsoft.ManagementConsole.Internal.ISnapInPlatform.ProcessCommand(Command command)
   at Microsoft.ManagementConsole.NamespaceSnapInBase.SynchronizeMmc()
   at Microsoft.ManagementConsole.SnapInBase.Initialized()
   at Microsoft.ManagementConsole.Internal.SnapInClient.Microsoft.ManagementConsole.Internal.ISnapInClient.Initialize(ISnapInPlatform snapInPlatform)
   at Microsoft.ManagementConsole.Executive.SnapInInitializationOperation.OnStart()
   at Microsoft.ManagementConsole.Executive.RunningOperationsTable.EnqueueOperation(Operation operation)
   at Microsoft.ManagementConsole.Executive.StandAloneComponentData..ctor(SnapInRegistrationInfo info, Int32 bookkeepingId)
   at Microsoft.ManagementConsole.Advanced.FrameworkSnapInFactory.Microsoft.ManagementConsole.Advanced.ISnapInFactory.CreateSnapIn(Int32 bookkeepingId, String snapInKey, Object& snapIn)
 
_______________________________________________________________________________________________________________
 
Event viewer will not allow me to do any of the things you are asking of me due to this error.
 
Looking online it seems people have had this error dealing with Microsoft servers or something like that (i didn't read much on it, just a quick Google search), i haven't tried to do anything about it yet because of your rules not to change anything on my computer while you help me.
 
Your help is greatly appreciated.
 
I can attach photos of the warnings that I have saved on my computer if that would help.
 
Thanks.

Edited by candooa, 10 December 2013 - 01:27 AM.


#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,374 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:20 PM

Posted 10 December 2013 - 10:34 AM

OK, thanks. Please do this.

===================================================

SystemLook by jpshortstuff

--------------------
  • Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1
Download Mirror #2
Download Mirror #3 For 64-bit users

  • Double-click SystemLook.exe to run it.
  • Vista\Windows 7 users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following codebox into the main textfield:
:filefind
windowscodecs.dll
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • SystemLook log
  • Farbar reports (2)

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#10 candooa

candooa
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 10 December 2013 - 01:37 PM

SystemLook.txt:

 

SystemLook 30.07.11 by jpshortstuff
Log created at 10:20 on 10/12/2013 by Alex Candoo
Administrator - Elevation successful
 
========== filefind ==========
 
Searching for "windowscodecs.dll"
C:\Windows\System32\WindowsCodecs.dll --a---- 1424384 bytes [17:01 12/06/2013] [06:24 17/04/2013] 3D7BB6DD7A87B3E36E44CA94444247A8
C:\Windows\SysWOW64\WindowsCodecs.dll --a---- 0 bytes [17:01 12/06/2013] [07:02 17/04/2013] D41D8CD98F00B204E9800998ECF8427E
C:\Windows\SysWOW64\windowscodecs\WindowsCodecs.dll ------- 1010688 bytes [01:54 01/12/2013] [19:38 18/04/2013] 1DB71A41DAEE6B3F8CD0DDA8209FA2D5
C:\Windows\winsxs\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.1.7600.16385_none_f276a921bacf24a2\WindowsCodecs.dll --a---- 1189888 bytes [23:42 13/07/2009] [01:41 14/07/2009] EA99F234843BBDDA1ABD2767111ADE25
C:\Windows\winsxs\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.1.7601.17514_none_f4a7bce9b7bda83c\WindowsCodecs.dll --a---- 1190400 bytes [19:49 18/02/2011] [13:27 20/11/2010] 26B73A85855681500BCC25C7CD9FF5B1
C:\Windows\winsxs\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_7.1.7601.16492_none_e5bfce1d42e6e71d\WindowsCodecs.dll --a---- 1424384 bytes [16:30 28/02/2013] [19:15 13/01/2013] BDDF242A49E7B7DC5CCEC291BCE53ACB
C:\Windows\winsxs\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_7.1.7601.18135_none_e6037b4142b3c749\WindowsCodecs.dll --a---- 1424384 bytes [17:01 12/06/2013] [06:24 17/04/2013] 3D7BB6DD7A87B3E36E44CA94444247A8
C:\Windows\winsxs\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_7.1.7601.22305_none_e6ad89b65bb91067\WindowsCodecs.dll --a---- 1424384 bytes [17:01 12/06/2013] [12:54 17/04/2013] 83BD8D78101A5CC4294A401E09C88A30
C:\Windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.1.7600.16385_none_96580d9e0271b36c\WindowsCodecs.dll --a---- 1011200 bytes [23:29 13/07/2009] [01:16 14/07/2009] 691C8DFB208227F0CBB5C0897C742ACE
C:\Windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.1.7601.17514_none_98892165ff603706\WindowsCodecs.dll --a---- 1010688 bytes [19:49 18/02/2011] [12:21 20/11/2010] 1DB71A41DAEE6B3F8CD0DDA8209FA2D5
C:\Windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_7.1.7601.16492_none_89a132998a8975e7\WindowsCodecs.dll --a---- 1230336 bytes [16:30 28/02/2013] [19:43 13/01/2013] 3BCECD87AB4E6743BFB45B352AD1A529
C:\Windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_7.1.7601.18135_none_89e4dfbd8a565613\WindowsCodecs.dll --a---- 0 bytes [17:01 12/06/2013] [07:02 17/04/2013] D41D8CD98F00B204E9800998ECF8427E
C:\Windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_7.1.7601.22305_none_8a8eee32a35b9f31\WindowsCodecs.dll --a---- 0 bytes [17:01 12/06/2013] [12:33 17/04/2013] D41D8CD98F00B204E9800998ECF8427E
 
-= EOF =-
 
_____________________________________________________________________________________________________
 
Farbar Reports:
FRS.txt:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2013
Ran by Alex Candoo (administrator) on ALEXCANDOO-PC on 10-12-2013 10:23:22
Running from C:\Users\Alex Candoo\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Google Inc.) C:\Users\Alex Candoo\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Windows ® Win 7 DDK provider) C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Windows\AsScrPro.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4156 2010-04-16] ()
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [IntelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1361112 2013-11-05] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - "C:\Windows\system32\hkcmd.exe"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-03] (Valve Corporation)
HKCU\...\Run: [MusicManager] - C:\Users\Alex Candoo\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7380992 2013-11-11] (Google Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Alex Candoo\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-24] (Google Inc.)
HKCU\...\Run: [F.lux] - C:\Users\Alex Candoo\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-15] (Flux Software LLC)
MountPoints2: {1ca3f30d-ef66-11e0-9e7a-14dae9bea3d7} - F:\TL_Bootstrap.exe
MountPoints2: {767d9daa-c765-11e2-ae03-bc7737e80edf} - H:\TL_Bootstrap.exe
MountPoints2: {7f3b3ee7-cf30-11e1-8792-bc7737e80edf} - F:\setup.exe
MountPoints2: {92406589-b990-11e1-8a45-bc7737e80edf} - F:\LaunchU3.exe -a
MountPoints2: {b3d80f41-d8ac-11e2-a546-806e6f6e6963} - G:\TL-Bootstrap.exe
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [FLxHCIm] - C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [43008 2011-04-08] (Windows ® Win 7 DDK provider)
HKLM-x32\...\Run: [SonicMasterTray] - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini [370 2013-12-09] ()
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\aprp.exe [2018032 2011-04-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2255360 2011-06-10] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] - C:\Windows\AsScrPro.exe [3058304 2011-08-18] (ASUS)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)
Startup: C:\Users\Alex Candoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll (Microsoft Corporation)
SSODL-x32: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=888596&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKCU - Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {2517AE80-CEE8-3295-3578-1E081C06B19F} URL = 
SearchScopes: HKCU - {EE298D9A-95DF-475D-880A-A22F2B45508D} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=888596&p={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Deal Slider BHO - {E4607B39-174A-44BA-AB08-8892366ECA13} -  No File
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
 
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A0BBBC5F-13CA-49E0-90FE-7C9D73176A9A}: [NameServer]0.0.0.0
 
Chrome: 
=======
CHR HomePage: 
CHR DefaultSearchKeyword: google.com
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0
CHR Extension: (Google Docs) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Calendar) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0
CHR Extension: (Google Play Movies) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fppdphmgcddhjeddoeghpjefkdlccljb\2.4_0
CHR Extension: (Google Play Music) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.2_0
CHR Extension: (Seahawks 2013 Theme) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijodinbiainlgfikhdjclidklnlhoeml\1.0_0
CHR Extension: (Clearly) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj\9.3374.689.453_0
CHR Extension: (Google Mail Checker) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0
CHR Extension: (Google Play Books) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.9_0
CHR Extension: (Google Wallet) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Better Pop Up Blocker) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0
CHR Extension: (Chrome to Phone) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.3_0
CHR Extension: (Red Bull TV) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbalkogcfbpplioohgihkidalmomblfc\1.15_0
CHR Extension: (Gmail) - C:\Users\Alex Candoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Alex Candoo\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx
 
==================== Services (Whitelisted) =================
 
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S2 W32Time; c:\Windows\winsxs\amd64_microsoft-windows-time-service_31bf3856ad364e35_6.1.7600.16385_none_e49c555686fbabd6\w32time.dll [381952 2009-07-13] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R0 assd; C:\Windows\System32\Drivers\assd.sys [27264 2010-04-28] (ASUS Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-11] (DT Soft Ltd)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [77040 2012-11-08] (Fresco Logic)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)
S3 easytether; system32\DRIVERS\easytthr.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-12-10 10:23 - 2013-12-10 10:23 - 00022825 _____ C:\Users\Alex Candoo\Desktop\FRST.txt
2013-12-10 10:23 - 2013-12-10 10:23 - 00000000 ____D C:\FRST
2013-12-10 10:22 - 2013-12-10 10:22 - 01927982 _____ (Farbar) C:\Users\Alex Candoo\Desktop\FRST64.exe
2013-12-10 10:15 - 2013-12-10 10:20 - 00005600 _____ C:\Users\Alex Candoo\Desktop\SystemLook.txt
2013-12-10 10:12 - 2013-12-10 10:12 - 00165376 _____ C:\Users\Alex Candoo\Desktop\SystemLook_x64.exe
2013-12-09 18:56 - 2013-12-09 18:56 - 00147116 _____ C:\Users\Alex Candoo\Desktop\WindowsUpdate.zip
2013-12-09 18:56 - 2013-12-09 18:02 - 01305327 _____ C:\Users\Alex Candoo\Desktop\WindowsUpdate.log
2013-12-09 18:45 - 2013-12-09 18:45 - 00008944 _____ C:\Users\Alex Candoo\Desktop\JRT.txt
2013-12-09 18:31 - 2013-12-09 18:31 - 00012658 _____ C:\Users\Alex Candoo\Desktop\AdwCleaner[S0].txt
2013-12-09 18:25 - 2013-12-09 18:25 - 00000000 ____D C:\Windows\ERUNT
2013-12-09 17:47 - 2013-12-09 17:52 - 00000000 ____D C:\AdwCleaner
2013-12-09 17:47 - 2013-12-09 17:47 - 01110034 _____ C:\Users\Alex Candoo\Downloads\AdwCleaner.exe
2013-12-09 17:45 - 2013-12-09 17:45 - 01034531 _____ (Thisisu) C:\Users\Alex Candoo\Desktop\JRT.exe
2013-12-07 15:57 - 2013-12-09 04:03 - 00000000 ____D C:\Users\Alex Candoo\AppData\Roaming\Bioshock
2013-12-07 14:59 - 2013-12-07 14:59 - 00001714 _____ C:\Windows\DirectX.log
2013-12-07 14:58 - 2013-05-14 05:18 - 00809496 ____R (Creative Labs Inc.) C:\Windows\SysWOW64\tmp70A.tmp
2013-12-07 14:57 - 2013-12-07 14:57 - 00000000 ____D C:\Users\Alex Candoo\Documents\Bioshock
2013-12-07 14:57 - 2013-12-07 14:57 - 00000000 ____D C:\Users\Alex Candoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BioShock
2013-12-07 14:35 - 2013-12-07 14:57 - 00000000 ____D C:\Program Files (x86)\BioShock
2013-12-06 17:52 - 2012-08-23 06:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-12-06 17:52 - 2012-08-23 06:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-12-06 17:52 - 2012-08-23 06:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-12-06 17:52 - 2012-08-23 06:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-12-06 17:52 - 2012-08-23 05:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-12-06 17:52 - 2012-08-23 05:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-12-06 17:52 - 2012-08-23 05:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-12-06 17:52 - 2012-08-23 05:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-12-06 17:52 - 2012-08-23 05:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-12-06 17:52 - 2012-08-23 05:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-12-06 17:52 - 2012-08-23 05:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-12-06 17:52 - 2012-08-23 05:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-12-06 17:52 - 2012-08-23 05:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-12-06 17:52 - 2012-08-23 04:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-12-06 17:52 - 2012-08-23 03:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-12-06 17:52 - 2012-08-23 03:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-12-06 17:52 - 2012-08-23 03:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-12-06 17:52 - 2012-08-23 03:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-12-06 17:52 - 2012-08-23 02:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-12-06 17:52 - 2012-08-23 02:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-12-06 17:52 - 2012-08-23 02:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-12-06 17:52 - 2012-08-23 02:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-12-06 17:52 - 2012-08-23 01:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-12-06 17:52 - 2012-08-23 00:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-12-06 17:52 - 2012-08-23 00:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-12-06 02:24 - 2012-05-04 03:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-12-06 02:24 - 2012-05-04 01:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-12-06 01:13 - 2013-12-06 01:14 - 00280204 _____ C:\Users\Alex Candoo\Downloads\WindowsUpdateDiagnostic.diagcab
2013-12-06 01:08 - 2013-12-06 01:10 - 94152472 _____ (Microsoft Corporation) C:\Users\Alex Candoo\Downloads\msert.exe
2013-12-06 00:55 - 2013-12-06 00:55 - 00000000 ____D C:\Users\Alex Candoo\AppData\Roaming\KSafe
2013-12-06 00:55 - 2013-12-06 00:55 - 00000000 ____D C:\ProgramData\KSafe
2013-12-06 00:53 - 2013-12-06 01:59 - 00000000 ____D C:\Program Files (x86)\DllTool
2013-12-06 00:07 - 2013-12-06 00:07 - 00000000 ____D C:\ProgramData\GroupPolicy
2013-12-05 23:52 - 2013-12-06 00:05 - 00000104 _____ C:\Windows\avmcoins.log
2013-12-05 23:39 - 2013-12-05 23:39 - 02991591 _____ C:\Users\Alex Candoo\regdll.bat
2013-12-05 23:27 - 2013-12-05 23:30 - 02601207 _____ C:\regdll.txt
2013-12-05 23:24 - 2013-12-05 23:25 - 00000000 _____ C:\re-regdll.bat
2013-12-05 18:56 - 2013-11-05 19:47 - 03707864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-12-05 18:56 - 2013-11-05 18:54 - 38385664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-12-05 18:56 - 2013-11-05 15:48 - 00681905 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-12-05 18:56 - 2013-11-04 19:26 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-12-05 18:56 - 2013-11-04 11:11 - 02587864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-12-05 18:56 - 2013-10-28 17:29 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-12-05 18:56 - 2013-10-18 16:41 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-12-05 18:56 - 2013-10-09 20:12 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-12-05 18:56 - 2013-10-07 11:05 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-12-05 18:56 - 2013-10-02 17:10 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-12-05 18:56 - 2013-04-24 17:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-12-05 18:56 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-12-05 18:56 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-12-05 18:56 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-12-05 18:56 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-12-05 18:56 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-12-05 18:55 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-12-05 18:55 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-12-05 18:55 - 2013-10-09 20:13 - 01921792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-12-05 18:55 - 2013-10-09 20:12 - 14152960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-12-05 18:55 - 2013-10-09 20:12 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-12-05 18:55 - 2013-10-09 20:12 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-12-05 18:55 - 2013-08-14 16:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-12-05 18:55 - 2013-08-14 16:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-12-05 18:55 - 2013-08-05 18:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-12-05 18:55 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-12-05 18:52 - 2013-12-05 18:54 - 108956093 _____ (Realtek Semiconductor Corp.) C:\Users\Alex Candoo\Downloads\64bit_Win7_Win8_Win81_R273.exe
2013-12-05 18:20 - 2013-12-09 17:57 - 00000796 _____ C:\Windows\setupact.log
2013-12-05 18:20 - 2013-12-05 18:20 - 00000000 _____ C:\Windows\setuperr.log
2013-12-05 17:44 - 2013-12-09 17:57 - 00022366 _____ C:\Windows\PFRO.log
2013-12-05 17:26 - 2013-12-05 17:27 - 00145664 _____ C:\Users\Alex Candoo\Documents\cc_20131205_172655.reg
2013-12-03 21:47 - 2013-12-03 21:47 - 00550371 _____ C:\Users\Alex Candoo\Downloads\Autoruns.zip
2013-12-03 21:10 - 2013-12-03 21:10 - 00025028 _____ C:\Users\Alex Candoo\Downloads\dds.txt
2013-12-02 23:31 - 2013-12-02 23:31 - 00001141 _____ C:\Windows\wininit.ini
2013-12-02 10:33 - 2013-12-02 10:44 - 00001121 _____ C:\Users\Alex Candoo\Desktop\Win32kDiag.txt
2013-12-02 10:05 - 2013-12-02 10:05 - 00025028 _____ C:\Users\Alex Candoo\Desktop\dds.txt
2013-12-02 10:05 - 2013-12-02 10:05 - 00017759 _____ C:\Users\Alex Candoo\Desktop\attach.txt
2013-12-02 00:55 - 2013-12-02 01:20 - 00000000 ____D C:\ComboFix
2013-12-02 00:50 - 2013-12-02 00:52 - 00000000 ____D C:\Qoobox
2013-12-01 22:07 - 2013-12-01 22:11 - 62061024 _____ (Ubisoft) C:\Users\Alex Candoo\Downloads\UplayInstaller.exe
2013-11-30 18:14 - 2013-12-01 00:42 - 00000000 ____D C:\Program Files (x86)\SlimCleaner
2013-11-30 18:14 - 2013-11-30 18:14 - 00000000 ____D C:\Users\Alex Candoo\AppData\Local\SlimWare Utilities Inc
2013-11-30 18:13 - 2013-11-30 18:13 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-11-30 17:54 - 2013-11-30 17:54 - 00000000 ____D C:\Windows\SysWOW64\windowscodecs
2013-11-30 17:04 - 2013-12-10 09:58 - 00000356 _____ C:\Windows\Tasks\bench-sys.job
2013-11-30 17:04 - 2013-12-10 09:58 - 00000356 _____ C:\Windows\Tasks\bench-S-1-5-21-2939418051-910929443-1597150388-1000.job
2013-11-30 17:04 - 2013-11-30 17:04 - 00003252 _____ C:\Windows\System32\Tasks\bench-sys
2013-11-30 17:04 - 2013-11-30 17:04 - 00003242 _____ C:\Windows\System32\Tasks\bench-S-1-5-21-2939418051-910929443-1597150388-1000
2013-11-30 17:04 - 2013-11-30 17:04 - 00000000 ____D C:\Users\Alex Candoo\AppData\Local\BenchUpdater
2013-11-30 13:33 - 2013-11-30 13:33 - 00000000 ____D C:\ProgramData\Windows Genuine Advantage
2013-11-30 11:03 - 2013-11-30 11:03 - 00001321 _____ C:\Users\Alex Candoo\scannow
2013-11-30 02:16 - 2013-12-02 01:20 - 00000000 ____D C:\Users\Alex Candoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-11-30 02:16 - 2013-12-01 22:41 - 00001203 _____ C:\Users\Alex Candoo\Desktop\Uplay.lnk
2013-11-30 00:19 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-11-30 00:19 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-11-21 01:12 - 2013-11-21 01:12 - 00000051 _____ C:\Users\Alex Candoo\jagex_cl_runescape_LIVE1.dat
2013-11-21 01:12 - 2013-11-21 01:12 - 00000000 ____D C:\Users\Alex Candoo\jagexcache1
2013-11-21 00:58 - 2013-11-26 02:02 - 00000024 _____ C:\Users\Alex Candoo\random.dat
2013-11-21 00:58 - 2013-11-25 23:06 - 00000050 _____ C:\Users\Alex Candoo\jagex_cl_runescape_LIVE.dat
2013-11-21 00:58 - 2013-11-21 00:58 - 00000000 ____D C:\Users\Alex Candoo\jagexcache
2013-11-21 00:57 - 2013-11-21 00:57 - 00000000 ____D C:\ProgramData\Oracle
2013-11-21 00:55 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-21 00:54 - 2013-11-21 00:54 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-11-21 00:54 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-21 00:54 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-21 00:54 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-19 03:04 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-19 03:02 - 2013-11-19 03:02 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-19 03:02 - 2013-11-19 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-19 03:02 - 2013-11-19 03:02 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-19 03:02 - 2013-11-19 03:02 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-19 03:02 - 2013-11-19 03:02 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-19 03:02 - 2013-11-19 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-19 03:02 - 2013-11-19 03:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-19 03:02 - 2013-11-19 03:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-19 03:02 - 2013-11-19 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-19 03:02 - 2013-11-19 03:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-19 03:02 - 2013-11-19 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-13 16:32 - 2013-10-05 12:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 16:32 - 2013-10-05 11:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 16:32 - 2013-10-03 18:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 16:32 - 2013-10-03 18:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 16:32 - 2013-10-03 18:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 16:32 - 2013-10-03 17:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 16:32 - 2013-09-27 17:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 16:31 - 2013-10-11 18:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 16:31 - 2013-10-11 18:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 16:31 - 2013-10-11 18:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 16:31 - 2013-10-11 18:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 16:31 - 2013-10-11 18:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 16:31 - 2013-10-03 17:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 16:31 - 2013-10-03 17:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 16:31 - 2013-10-02 18:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 16:31 - 2013-10-02 18:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 16:31 - 2013-09-24 18:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 16:31 - 2013-09-24 18:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 16:31 - 2013-09-24 18:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 16:31 - 2013-09-24 18:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 16:31 - 2013-09-24 18:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 16:31 - 2013-09-24 18:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 16:31 - 2013-09-24 18:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 16:31 - 2013-09-24 18:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 16:31 - 2013-09-24 17:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 16:31 - 2013-09-24 17:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 16:31 - 2013-09-24 17:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 16:31 - 2013-09-24 17:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 16:31 - 2013-09-24 17:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 16:31 - 2013-07-04 04:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
 
==================== One Month Modified Files and Folders =======
 
2013-12-10 10:23 - 2013-12-10 10:23 - 00022825 _____ C:\Users\Alex Candoo\Desktop\FRST.txt
2013-12-10 10:23 - 2013-12-10 10:23 - 00000000 ____D C:\FRST
2013-12-10 10:22 - 2013-12-10 10:22 - 01927982 _____ (Farbar) C:\Users\Alex Candoo\Desktop\FRST64.exe
2013-12-10 10:20 - 2013-12-10 10:15 - 00005600 _____ C:\Users\Alex Candoo\Desktop\SystemLook.txt
2013-12-10 10:19 - 2011-04-01 20:36 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-10 10:13 - 2012-03-24 01:57 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2939418051-910929443-1597150388-1000Core.job
2013-12-10 10:12 - 2013-12-10 10:12 - 00165376 _____ C:\Users\Alex Candoo\Desktop\SystemLook_x64.exe
2013-12-10 10:08 - 2009-07-13 20:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-10 10:08 - 2009-07-13 20:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-10 10:04 - 2013-02-26 16:02 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-10 10:00 - 2012-03-24 01:57 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2939418051-910929443-1597150388-1000UA.job
2013-12-10 09:58 - 2013-11-30 17:04 - 00000356 _____ C:\Windows\Tasks\bench-sys.job
2013-12-10 09:58 - 2013-11-30 17:04 - 00000356 _____ C:\Windows\Tasks\bench-S-1-5-21-2939418051-910929443-1597150388-1000.job
2013-12-10 09:58 - 2013-06-19 01:36 - 01305881 _____ C:\Windows\WindowsUpdate.log
2013-12-09 18:56 - 2013-12-09 18:56 - 00147116 _____ C:\Users\Alex Candoo\Desktop\WindowsUpdate.zip
2013-12-09 18:45 - 2013-12-09 18:45 - 00008944 _____ C:\Users\Alex Candoo\Desktop\JRT.txt
2013-12-09 18:31 - 2013-12-09 18:31 - 00012658 _____ C:\Users\Alex Candoo\Desktop\AdwCleaner[S0].txt
2013-12-09 18:25 - 2013-12-09 18:25 - 00000000 ____D C:\Windows\ERUNT
2013-12-09 18:23 - 2012-08-21 22:33 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-09 18:04 - 2009-07-13 21:13 - 00006880 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-09 18:02 - 2013-12-09 18:56 - 01305327 _____ C:\Users\Alex Candoo\Desktop\WindowsUpdate.log
2013-12-09 17:58 - 2013-08-29 12:50 - 00006367 _____ C:\autoupdate.log
2013-12-09 17:57 - 2013-12-05 18:20 - 00000796 _____ C:\Windows\setupact.log
2013-12-09 17:57 - 2013-12-05 17:44 - 00022366 _____ C:\Windows\PFRO.log
2013-12-09 17:57 - 2011-09-30 14:15 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2013-12-09 17:57 - 2011-04-01 20:36 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-09 17:57 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-09 17:52 - 2013-12-09 17:47 - 00000000 ____D C:\AdwCleaner
2013-12-09 17:51 - 2012-08-11 21:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-09 17:51 - 2012-04-06 19:45 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-09 17:51 - 2012-04-06 19:45 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-12-09 17:47 - 2013-12-09 17:47 - 01110034 _____ C:\Users\Alex Candoo\Downloads\AdwCleaner.exe
2013-12-09 17:45 - 2013-12-09 17:45 - 01034531 _____ (Thisisu) C:\Users\Alex Candoo\Desktop\JRT.exe
2013-12-09 17:40 - 2013-08-21 19:19 - 00000308 _____ C:\Windows\Tasks\Registry Optimizer_DEFAULT.job
2013-12-09 04:03 - 2013-12-07 15:57 - 00000000 ____D C:\Users\Alex Candoo\AppData\Roaming\Bioshock
2013-12-07 14:59 - 2013-12-07 14:59 - 00001714 _____ C:\Windows\DirectX.log
2013-12-07 14:58 - 2012-11-01 21:30 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2013-12-07 14:58 - 2012-11-01 21:30 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2013-12-07 14:58 - 2012-11-01 21:30 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2013-12-07 14:58 - 2012-11-01 21:30 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-12-07 14:58 - 2012-11-01 21:30 - 00000000 ____D C:\Program Files (x86)\OpenAL
2013-12-07 14:57 - 2013-12-07 14:57 - 00000000 ____D C:\Users\Alex Candoo\Documents\Bioshock
2013-12-07 14:57 - 2013-12-07 14:57 - 00000000 ____D C:\Users\Alex Candoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BioShock
2013-12-07 14:57 - 2013-12-07 14:35 - 00000000 ____D C:\Program Files (x86)\BioShock
2013-12-07 14:33 - 2012-08-11 22:05 - 00000000 ____D C:\Users\Alex Candoo\AppData\Roaming\DAEMON Tools Lite
2013-12-07 14:33 - 2011-11-09 17:54 - 00000000 ____D C:\Users\Alex Candoo\AppData\Roaming\Azureus
2013-12-07 06:32 - 2012-03-24 01:57 - 00003918 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2939418051-910929443-1597150388-1000UA
2013-12-07 06:32 - 2012-03-24 01:57 - 00003522 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2939418051-910929443-1597150388-1000Core
2013-12-06 20:05 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-06 18:23 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-12-06 17:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-06 17:50 - 2011-08-18 13:55 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-12-06 17:50 - 2011-08-18 13:50 - 00000000 ____D C:\Program Files (x86)\Intel
2013-12-06 02:03 - 2011-10-12 22:17 - 00000600 _____ C:\Users\Alex Candoo\AppData\Roaming\winscp.rnd
2013-12-06 01:59 - 2013-12-06 00:53 - 00000000 ____D C:\Program Files (x86)\DllTool
2013-12-06 01:56 - 2012-07-17 14:48 - 00001266 _____ C:\Users\Alex Candoo\Desktop\Revo Uninstaller.lnk
2013-12-06 01:14 - 2013-12-06 01:13 - 00280204 _____ C:\Users\Alex Candoo\Downloads\WindowsUpdateDiagnostic.diagcab
2013-12-06 01:10 - 2013-12-06 01:08 - 94152472 _____ (Microsoft Corporation) C:\Users\Alex Candoo\Downloads\msert.exe
2013-12-06 00:55 - 2013-12-06 00:55 - 00000000 ____D C:\Users\Alex Candoo\AppData\Roaming\KSafe
2013-12-06 00:55 - 2013-12-06 00:55 - 00000000 ____D C:\ProgramData\KSafe
2013-12-06 00:50 - 2013-10-23 21:32 - 00000000 ____D C:\Users\Alex Candoo\Desktop\ATKPackage_Win7_64_Z100023
2013-12-06 00:07 - 2013-12-06 00:07 - 00000000 ____D C:\ProgramData\GroupPolicy
2013-12-06 00:05 - 2013-12-05 23:52 - 00000104 _____ C:\Windows\avmcoins.log
2013-12-06 00:04 - 2011-10-12 21:16 - 00006880 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-05 23:39 - 2013-12-05 23:39 - 02991591 _____ C:\Users\Alex Candoo\regdll.bat
2013-12-05 23:39 - 2011-09-30 14:15 - 00000000 ____D C:\Users\Alex Candoo
2013-12-05 23:30 - 2013-12-05 23:27 - 02601207 _____ C:\regdll.txt
2013-12-05 23:25 - 2013-12-05 23:24 - 00000000 _____ C:\re-regdll.bat
2013-12-05 18:57 - 2013-08-02 08:03 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-12-05 18:54 - 2013-12-05 18:52 - 108956093 _____ (Realtek Semiconductor Corp.) C:\Users\Alex Candoo\Downloads\64bit_Win7_Win8_Win81_R273.exe
2013-12-05 18:20 - 2013-12-05 18:20 - 00000000 _____ C:\Windows\setuperr.log
2013-12-05 17:27 - 2013-12-05 17:26 - 00145664 _____ C:\Users\Alex Candoo\Documents\cc_20131205_172655.reg
2013-12-05 17:26 - 2012-07-22 21:14 - 00000000 ____D C:\Users\Alex Candoo\Downloads\Powerpoints
2013-12-05 17:26 - 2012-07-22 21:14 - 00000000 ____D C:\Users\Alex Candoo\Downloads\Excel Docs
2013-12-05 17:26 - 2012-07-22 21:13 - 00000000 ____D C:\Users\Alex Candoo\Downloads\Word Docs
2013-12-05 17:26 - 2012-07-22 21:09 - 00000000 ____D C:\Users\Alex Candoo\Downloads\PDFs
2013-12-04 20:19 - 2013-08-21 19:19 - 00000316 _____ C:\Windows\Tasks\Registry Optimizer_UPDATES.job
2013-12-03 21:47 - 2013-12-03 21:47 - 00550371 _____ C:\Users\Alex Candoo\Downloads\Autoruns.zip
2013-12-03 21:10 - 2013-12-03 21:10 - 00025028 _____ C:\Users\Alex Candoo\Downloads\dds.txt
2013-12-03 13:14 - 2011-04-01 20:36 - 00003908 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-03 13:14 - 2011-04-01 20:36 - 00003656 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-02 23:31 - 2013-12-02 23:31 - 00001141 _____ C:\Windows\wininit.ini
2013-12-02 23:04 - 2013-02-26 16:02 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-02 23:04 - 2013-02-26 16:02 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-02 23:04 - 2011-11-02 22:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-02 22:27 - 2011-12-30 23:10 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2013-12-02 21:51 - 2012-10-11 12:34 - 00000000 ____D C:\Windows\pss
2013-12-02 21:51 - 2011-09-30 14:15 - 00000000 ____D C:\Users\Alex Candoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-02 10:44 - 2013-12-02 10:33 - 00001121 _____ C:\Users\Alex Candoo\Desktop\Win32kDiag.txt
2013-12-02 10:05 - 2013-12-02 10:05 - 00025028 _____ C:\Users\Alex Candoo\Desktop\dds.txt
2013-12-02 10:05 - 2013-12-02 10:05 - 00017759 _____ C:\Users\Alex Candoo\Desktop\attach.txt
2013-12-02 01:20 - 2013-12-02 00:55 - 00000000 ____D C:\ComboFix
2013-12-02 01:20 - 2013-11-30 02:16 - 00000000 ____D C:\Users\Alex Candoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-12-02 01:20 - 2012-06-07 14:00 - 00000000 ____D C:\FC2-TMP
2013-12-02 01:20 - 2011-08-18 14:02 - 00000000 ____D C:\ProgramData\P4G
2013-12-02 01:20 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-12-02 01:19 - 2012-12-08 05:54 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-12-02 01:06 - 2011-10-01 13:42 - 00000000 ____D C:\Users\Alex Candoo\AppData\Local\Spotify
2013-12-02 01:05 - 2011-09-30 14:15 - 00000000 ___HD C:\ASUS.DAT
2013-12-02 00:52 - 2013-12-02 00:50 - 00000000 ____D C:\Qoobox
2013-12-02 00:08 - 2012-07-24 19:36 - 00000000 ____D C:\Users\Alex Candoo\Downloads\Other
2013-12-02 00:08 - 2012-07-22 21:12 - 00000000 ____D C:\Users\Alex Candoo\Downloads\Zip files
2013-12-02 00:01 - 2012-12-08 05:54 - 00000000 ____D C:\Users\Alex Candoo\AppData\Local\Ubisoft Game Launcher
2013-12-01 22:41 - 2013-11-30 02:16 - 00001203 _____ C:\Users\Alex Candoo\Desktop\Uplay.lnk
2013-12-01 22:11 - 2013-12-01 22:07 - 62061024 _____ (Ubisoft) C:\Users\Alex Candoo\Downloads\UplayInstaller.exe
2013-12-01 00:42 - 2013-11-30 18:14 - 00000000 ____D C:\Program Files (x86)\SlimCleaner
2013-11-30 19:49 - 2013-02-09 23:50 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2013-11-30 18:19 - 2009-07-28 22:03 - 00000000 ____D C:\Windows\Panther
2013-11-30 18:14 - 2013-11-30 18:14 - 00000000 ____D C:\Users\Alex Candoo\AppData\Local\SlimWare Utilities Inc
2013-11-30 18:13 - 2013-11-30 18:13 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-11-30 17:54 - 2013-11-30 17:54 - 00000000 ____D C:\Windows\SysWOW64\windowscodecs
2013-11-30 17:04 - 2013-11-30 17:04 - 00003252 _____ C:\Windows\System32\Tasks\bench-sys
2013-11-30 17:04 - 2013-11-30 17:04 - 00003242 _____ C:\Windows\System32\Tasks\bench-S-1-5-21-2939418051-910929443-1597150388-1000
2013-11-30 17:04 - 2013-11-30 17:04 - 00000000 ____D C:\Users\Alex Candoo\AppData\Local\BenchUpdater
2013-11-30 16:15 - 2012-07-24 19:33 - 00000000 ____D C:\Users\Alex Candoo\Downloads\Applications_installers
2013-11-30 13:35 - 2012-09-05 20:23 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7E9A9F2F-B107-4320-9145-F477D2C6DDB3}
2013-11-30 13:33 - 2013-11-30 13:33 - 00000000 ____D C:\ProgramData\Windows Genuine Advantage
2013-11-30 11:03 - 2013-11-30 11:03 - 00001321 _____ C:\Users\Alex Candoo\scannow
2013-11-26 02:02 - 2013-11-21 00:58 - 00000024 _____ C:\Users\Alex Candoo\random.dat
2013-11-25 23:06 - 2013-11-21 00:58 - 00000050 _____ C:\Users\Alex Candoo\jagex_cl_runescape_LIVE.dat
2013-11-21 01:12 - 2013-11-21 01:12 - 00000051 _____ C:\Users\Alex Candoo\jagex_cl_runescape_LIVE1.dat
2013-11-21 01:12 - 2013-11-21 01:12 - 00000000 ____D C:\Users\Alex Candoo\jagexcache1
2013-11-21 00:58 - 2013-11-21 00:58 - 00000000 ____D C:\Users\Alex Candoo\jagexcache
2013-11-21 00:57 - 2013-11-21 00:57 - 00000000 ____D C:\ProgramData\Oracle
2013-11-21 00:54 - 2013-11-21 00:54 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-11-21 00:54 - 2013-08-01 10:38 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-19 23:54 - 2011-09-30 14:15 - 00001415 _____ C:\Users\Alex Candoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-19 23:54 - 2011-08-18 14:03 - 00002988 _____ C:\Windows\system32\AutoRunFilter.ini
2013-11-19 03:02 - 2013-11-19 03:02 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-19 03:02 - 2013-11-19 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-19 03:02 - 2013-11-19 03:02 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-19 03:02 - 2013-11-19 03:02 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-19 03:02 - 2013-11-19 03:02 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-19 03:02 - 2013-11-19 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-19 03:02 - 2013-11-19 03:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-19 03:02 - 2013-11-19 03:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-19 03:02 - 2013-11-19 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-19 03:02 - 2013-11-19 03:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-19 03:02 - 2013-11-19 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-19 03:01 - 2013-10-17 23:07 - 00001945 _____ C:\Windows\epplauncher.mif
2013-11-19 03:00 - 2013-10-17 22:57 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-19 03:00 - 2013-10-17 22:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-19 02:21 - 2011-10-31 23:16 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-16 03:02 - 2011-09-30 15:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 09:38 - 2009-07-13 18:34 - 00000513 _____ C:\Windows\win.ini
2013-11-14 09:34 - 2013-08-08 02:00 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 09:30 - 2011-11-02 22:51 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
Files to move or delete:
====================
C:\Users\Alex Candoo\jagex_cl_runescape_LIVE.dat
C:\Users\Alex Candoo\jagex_cl_runescape_LIVE1.dat
C:\Users\Alex Candoo\random.dat
C:\Users\Alex Candoo\regdll.bat
 
 
Some content of TEMP:
====================
C:\Users\Alex Candoo\AppData\Local\Temp\i4j2344490949740699010.exe
C:\Users\Alex Candoo\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-11-30 03:18
 
==================== End Of Log ============================
 
Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2013
Ran by Alex Candoo at 2013-12-10 10:25:13
Running from C:\Users\Alex Candoo\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
4660_4680_Help (x32 Version: 1.00.0000)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Alcor Micro USB Card Reader (x32 Version: 1.7.17.25416)
ALTools Update (x32 Version: v11.4.28.1)
ALZip 8.51 (x32 Version: v8.51)
Amazon Kindle (x32)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
ASIO4ALL (x32)
ASUS AI Recovery (x32 Version: 1.0.14)
ASUS FancyStart (x32 Version: 1.0.8)
ASUS FancyStart (x32 Version: 1.1.1)
ASUS LifeFrame3 (x32 Version: 3.0.21)
ASUS Live Update (x32 Version: 2.5.9)
ASUS Power4Gear Hybrid (Version: 1.1.43)
ASUS Secure Delete (Version: 1.00.0006)
ASUS SmartLogon (x32 Version: 1.0.0011)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.02.0033)
ASUS U Series ScreenSaver (x32 Version: 1.0.0002)
ASUS Virtual Camera (x32 Version: 1.0.21)
ASUS WebStorage (x32 Version: 3.0.84.161)
AsusVibe2.0 (x32 Version: 2.0.12.309)
ATK Package (x32 Version: 1.0.0008)
Audacity 1.3.13 (Unicode) (x32)
Belvedere 0.7.1 (x32 Version: 0.7.1)
Bing Desktop (x32 Version: 1.3.347.0)
BioShock (x32 Version: 1.1)
Bonjour (Version: 3.0.0.10)
bpd_scan (x32 Version: 3.00.0000)
BPDSoftware (x32 Version: 140.0.000.000)
BPDSoftware_Ini (x32 Version: 1.00.0000)
BufferChm (x32 Version: 140.0.213.000)
Canon MX860 series MP Drivers
CCleaner (Version: 4.04)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2)
Counter-Strike: Global Offensive - SDK (x32)
Counter-Strike: Global Offensive (x32)
CyberLink LabelPrint (x32 Version: 2.5.1908)
CyberLink Power2Go (x32 Version: 6.1.3602c)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.45.4.0315)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Destinations (x32 Version: 130.0.0.0)
DeviceDiscovery (x32 Version: 140.0.213.000)
Dexpot (HKCU Version: 1.6.1)
DocMgr (x32 Version: 140.0.65.000)
DocProc (x32 Version: 140.0.100.000)
ETDWare PS/2-X64 8.0.5.0_WHQL (Version: 8.0.5.0)
Evernote v. 4.6.2 (x32 Version: 4.6.2.7927)
f.lux (HKCU)
Far Cry® 3 (x32)
Far Cry® 3 Blood Dragon (x32)
Fast Boot (Version: 1.0.10)
Fax (x32 Version: 140.0.213.000)
ffdshow [rev 2527] [2008-12-19] (x32 Version: 1.0)
FL Studio 9 (x32)
Fresco Logic USB3.0 Host Controller (Version: 3.0.119.1)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
GIMP 2.8.6 (Version: 2.8.6)
Google Chrome (x32 Version: 31.0.1650.63)
Google Drive (x32 Version: 1.12.5329.1887)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.22.3)
GPBaseService2 (x32 Version: 140.0.212.000)
Hardcore (x32)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP OfficeJet J4600 All-In-One Series (Version: 14.0)
HP Photosmart Premium C309g-m All-in-One Driver 14.0 Rel. 6 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HPProductAssistant (x32 Version: 140.0.213.000)
HPSSupply (x32 Version: 140.0.212.000)
IL Download Manager (x32)
Intel PROSet Wireless
Intel PROSet Wireless (x32)
Intel® Control Center (x32 Version: 1.2.1.1007)
Intel® Processor Graphics (x32 Version: 9.17.10.3347)
Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (Version: 1.0.0.0142)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 1.1.0.0537)
Intel® PROSet/Wireless WiFi Software (Version: 14.01.1000)
Intel® Turbo Boost Technology Monitor (Version: 1.0.400.4)
Intel® WiDi (x32 Version: 2.1.35.0)
Intel® Wireless Display
iTunes (Version: 11.1.1.11)
J4680 (x32 Version: 140.0.000.000)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 140.0.214.000)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (x32 Version: 3.5.30730.0)
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Expression Blend 3 SDK (x32 Version: 1.0.1343.0)
Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20525.0)
Microsoft Expression Blend SDK for Silverlight 4 (x32 Version: 2.0.20525.0)
Microsoft Expression Encoder 4 Screen Capture Codec (x32 Version: 4.0.1639.0)
Microsoft Expression Studio 4 (x32 Version: 4.0.20525.0)
Microsoft Expression Web 4 (x32 Version: 4.0.1303.0)
Microsoft Expression Web 4 Service Pack 2 (x32)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Project MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Project Professional 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Visio 2010 (Version: 14.0.7015.1000)
Microsoft Office Visio MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Project Professional 2010 (Version: 14.0.7015.1000)
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Silverlight 3 SDK (x32 Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK (x32 Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server PowerPivot for Excel (64-bit) (Version: 10.51.2500.0)
Microsoft Visio Professional 2010 (Version: 14.0.7015.1000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017)
Mozilla Thunderbird 14.0 (x86 en-US) (x32 Version: 14.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML4 Parser (x32 Version: 1.0.0)
Music Manager (HKCU)
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
Nuance PDF Reader (x32 Version: 6.00.0041)
NVIDIA PhysX (x32 Version: 9.09.0814)
OCR Software by I.R.I.S. 14.0 (Version: 14.0)
OpenAL (x32)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017)
Picasa 3 (x32 Version: 3.9)
PoiZone (x32)
Portal (x32)
Portal 2 (x32)
ProductContext (x32 Version: 140.0.000.000)
PS_AIO_06_C309g-m_SW_Min (x32 Version: 140.0.690.000)
QuickTime (x32 Version: 7.73.80.64)
Razer Game Booster (x32 Version: 3.7)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7083)
Revo Uninstaller 1.95 (x32 Version: 1.95)
Sawer (x32)
Scan (x32 Version: 140.0.80.000)
SceneSwitch (x32 Version: 1.0.6)
Seagate Dashboard (x32 Version: 1.1.0.1421)
Secure Download Manager (x32 Version: 3.1.10)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
Shop for HP Supplies (Version: 14.0)
Skype Click to Call (x32 Version: 5.7.8524)
Skype™ 5.10 (x32 Version: 5.10.116)
SmartWebPrinting (x32 Version: 140.0.213.000)
SolutionCenter (x32 Version: 140.0.214.000)
Sonic Focus (x32 Version: 1.0.0.4)
Source SDK Base 2007 (x32)
Spotify (HKCU Version: 0.9.1.53.g876fa9df)
Status (x32 Version: 140.0.256.000)
Steam (x32 Version: 1.0.0.0)
syncables desktop SE (x32 Version: 5.5.746.11492)
Team Fortress 2 (x32)
TI Connect 1.6 (x32 Version: 1.6)
TI StudyCards Creator (x32 Version: 2.1.0.269)
Toolbox (x32 Version: 140.0.428.000)
Toxic Biohazard (x32)
TrayApp (x32 Version: 140.0.213.000)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft InfoPath 2013 (KB2752078) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2825630) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760257) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817309) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817311) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817640) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837643) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837649) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2837642) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2817625) 64-Bit Edition
Update for Microsoft Project 2013 (KB2767859) 64-Bit Edition
Update for Microsoft Publisher 2013 (KB2752097) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2752018) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 64-Bit Edition
Update for Microsoft Word 2013 (KB2817631) 64-Bit Edition
Update for Microsoft Word 2013 (KB2837630) 64-Bit Edition
Uplay (x32 Version: 4.0)
VLC media player 2.0.5 (x32 Version: 2.0.5)
WebReg (x32 Version: 140.0.213.017)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (Version: 06/11/2009 1.0.0.0)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (Version: 09/02/2009 1.0.0.1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 照片库 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Live 软件包 (x32 Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
WinFlash (x32 Version: 2.31.1)
Wireless Console 3 (x32 Version: 3.0.21)
WModem Driver Installer (x32 Version: 2.0.6.13)
WPF Toolkit February 2010 (Version 3.5.50211.1) (x32 Version: 3.5.50211.1)
XML Marker version 2.1 (x32 Version: 2.1)
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (x32 Version: 15.4.5722.2)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (x32 Version: 15.4.5722.2)
 
==================== Restore Points  =========================
 
03-12-2013 02:36:14 Revo Uninstaller's restore point - IObit Apps Toolbar v7.6
03-12-2013 05:49:08 Revo Uninstaller's restore point - IObit Apps Toolbar v7.6
03-12-2013 06:13:31 Revo Uninstaller's restore point - SearchMe Toolbar v8.3
03-12-2013 06:13:51 Removed SearchMe Toolbar v8.3.
03-12-2013 06:22:50 Revo Uninstaller's restore point - Windows 7 Codec Pack 4.0.8
03-12-2013 06:24:03 Revo Uninstaller's restore point - Visual Studio 2008 x64 Redistributables
03-12-2013 06:26:41 Revo Uninstaller's restore point - LG Verizon United Drivers
03-12-2013 06:27:06 Removed LG Verizon United Drivers.
03-12-2013 06:33:22 Revo Uninstaller's restore point - IObit Apps Toolbar v7.6
03-12-2013 06:33:57 Revo Uninstaller's restore point - IObit Apps Toolbar v7.6
04-12-2013 09:50:42 Windows Update
06-12-2013 09:51:44 Installed Microsoft Fix it 50123
06-12-2013 09:57:02 Revo Uninstaller's restore point - DllTool 1.0
06-12-2013 10:01:49 Revo Uninstaller's restore point - WinSCP 4.3.5
06-12-2013 10:06:35 Revo Uninstaller's restore point - IObit Apps Toolbar v7.6
06-12-2013 10:16:08 Removed Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
06-12-2013 10:25:18 Windows Update
07-12-2013 01:50:38 Windows Modules Installer
07-12-2013 01:51:42 Windows Modules Installer
07-12-2013 22:58:28 Installed DirectX
10-12-2013 01:49:55 Revo Uninstaller's restore point - Spybot - Search & Destroy
10-12-2013 02:02:58 Revo Uninstaller's restore point - Vuze
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0979C365-5351-4D18-9444-FB9986B6489B} - System32\Tasks\Registry Optimizer_UPDATES => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: {0E170835-29A9-44CF-B9A1-94573D708D3D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01] (Google Inc.)
Task: {0EAC07B9-A7E2-45EA-B978-FA28A70AFCBF} - System32\Tasks\ASUS Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2010-05-11] ()
Task: {103F38DB-02F9-4522-874E-FD1BC05D2FFB} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-01] (ASUS)
Task: {14B52DF6-441D-46BE-8DD1-AED1E7F1408A} - System32\Tasks\avast! Emergency Update
Task: {16C7B798-3E6E-45DB-B42E-27E9CA358874} - System32\Tasks\Registry Optimizer => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: {2D8F5EE9-8209-4768-A584-4FA1BF257F1D} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {3CDF1383-3EC6-40DA-A301-58B08CC1C0E3} - System32\Tasks\bench-S-1-5-21-2939418051-910929443-1597150388-1000 => C:\Program Files (x86)\Bench\Updater\Updater.exe
Task: {45B9A949-D226-4141-9263-DF1BBBB2715C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2939418051-910929443-1597150388-1000Core => C:\Users\Alex Candoo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-24] (Google Inc.)
Task: {4C85F90E-FEB5-445C-81D1-C6AEE751E184} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01] (Google Inc.)
Task: {4CED25FD-7ECC-44D4-BF09-141E77FF5EFB} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\Updater.exe
Task: {5A18176D-4AFA-4A30-B62B-2A5AF82EB707} - System32\Tasks\Registry Optimizer_DEFAULT => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: {6F469EEA-A549-47C1-98C4-154ECAF1D346} - System32\Tasks\ESTsoft RunAsStdUser 44849273Task => C:\Program Files (x86)\ESTsoft\ALZip\ALZip.exe [2011-12-01] (ESTsoft Corp.)
Task: {782306C0-45B8-4003-8AAA-757BA1CB4EFB} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-05-30] (ASUS)
Task: {8412AFDA-469D-4C7C-A15B-B358BA32EE99} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {865CD246-A6B5-4D49-A08A-600DF3E4EB2A} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2013-06-05] ()
Task: {A208A426-F6E2-438F-8DBA-8C0996A93626} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A7EF275F-278B-4AC3-81BF-8044240B4DAD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-02] (Adobe Systems Incorporated)
Task: {B0DFEBD8-9614-47CE-BFA5-023D53E30B2E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B18CC6A8-ECDF-40CB-956B-93A929CEB586} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {CCFDC11D-1CD7-4EF9-93CC-B00521AA14D5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2939418051-910929443-1597150388-1000UA => C:\Users\Alex Candoo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-24] (Google Inc.)
Task: {D0143230-2A43-4F8D-A54B-AA7A9EE522A4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {D270AF5A-684D-41CB-85E1-B1641BEAECCF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {D33B7537-93EF-4F03-98C9-32AFABD53B25} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {D518480D-473E-4A7D-96EF-1FC0224EE249} - System32\Tasks\ASUS Patch 10430001 => C:\Windows\AsPatch10430001.exe [2010-07-29] ()
Task: {DD727672-FE8C-4E17-AD10-21BE8253DBA8} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {E8155DAF-BC4B-4A20-8BE4-636572B09829} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\bench-S-1-5-21-2939418051-910929443-1597150388-1000.job => C:\Program Files (x86)\Bench\Updater\Updater.exe
Task: C:\Windows\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\Updater.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2939418051-910929443-1597150388-1000Core.job => C:\Users\Alex Candoo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2939418051-910929443-1597150388-1000UA.job => C:\Users\Alex Candoo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Registry Optimizer_DEFAULT.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: C:\Windows\Tasks\Registry Optimizer_UPDATES.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-05-02 12:41 - 2011-05-02 12:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-11-05 09:07 - 2012-11-05 09:07 - 00034304 _____ () C:\Windows\System32\sxk2ml6.dll
2010-07-14 15:11 - 2010-07-14 15:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2011-05-02 12:41 - 2011-05-02 12:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-07-15 00:14 - 2011-01-26 16:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-17 11:25 - 2013-10-17 11:25 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-08-29 10:31 - 2012-08-01 14:44 - 00139024 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-09-27 06:23 - 2011-09-27 06:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 06:22 - 2011-09-27 06:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-05-30 12:48 - 2011-05-30 12:48 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-02-27 11:33 - 2013-02-27 11:33 - 10683392 _____ () C:\Users\Alex Candoo\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2013-02-27 11:32 - 2013-02-27 11:32 - 07741952 _____ () C:\Users\Alex Candoo\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2013-02-27 11:32 - 2013-02-27 11:32 - 02248192 _____ () C:\Users\Alex Candoo\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2013-02-27 11:33 - 2013-02-27 11:33 - 01681408 _____ () C:\Users\Alex Candoo\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2013-11-11 17:03 - 2013-11-11 17:03 - 00117248 _____ () C:\Users\Alex Candoo\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2013-11-11 17:04 - 2013-11-11 17:04 - 00231936 _____ () C:\Users\Alex Candoo\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2013-11-11 17:03 - 2013-11-11 17:03 - 00253440 _____ () C:\Users\Alex Candoo\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2013-11-11 17:05 - 2013-11-11 17:05 - 00344064 _____ () C:\Users\Alex Candoo\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2013-02-27 11:33 - 2013-02-27 11:33 - 00026624 _____ () C:\Users\Alex Candoo\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2012-09-08 12:16 - 2012-09-08 12:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2012-09-08 12:16 - 2012-09-08 12:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2009-11-02 13:20 - 2009-11-02 13:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 13:23 - 2009-11-02 13:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-06-10 09:49 - 2011-06-10 09:49 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2013-10-17 11:25 - 2013-10-17 11:25 - 08866472 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-12-05 17:24 - 2013-12-03 18:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-05 17:24 - 2013-12-03 18:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-05 17:24 - 2013-12-03 18:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 17:24 - 2013-12-03 18:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 17:24 - 2013-12-03 18:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-05 17:24 - 2013-12-03 18:48 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Faulty Device Manager Devices =============
 
Name: Canon MX860 ser Network
Description: Canon MX860 ser Network
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Canon
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (12/10/2013 10:01:53 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/10/2013 09:58:35 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/10/2013 09:58:31 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/10/2013 09:58:31 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/10/2013 09:58:24 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/10/2013 09:58:22 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/10/2013 09:58:21 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (12/09/2013 06:56:41 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/09/2013 06:56:36 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/09/2013 06:56:35 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-12-10 10:24:21.628
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\hdxsf3.inf_amd64_neutral_c167f4cc77d32157\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-10 10:24:20.704
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\hdxsf3.inf_amd64_neutral_c167f4cc77d32157\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-10 10:22:54.947
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\hdxsf3.inf_amd64_neutral_c167f4cc77d32157\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-10 10:22:54.595
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\hdxsf3.inf_amd64_neutral_c167f4cc77d32157\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-10 10:21:38.543
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\hdxsf3.inf_amd64_neutral_c167f4cc77d32157\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-10 10:21:38.199
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\hdxsf3.inf_amd64_neutral_c167f4cc77d32157\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-10 10:20:00.451
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\hdxsf3.inf_amd64_neutral_c167f4cc77d32157\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-10 10:19:59.858
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\hdxsf3.inf_amd64_neutral_c167f4cc77d32157\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-10 10:19:39.446
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\hdxsf3.inf_amd64_neutral_c167f4cc77d32157\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-10 10:19:39.072
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\hdxsf3.inf_amd64_neutral_c167f4cc77d32157\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 32%
Total physical RAM: 8102.76 MB
Available physical RAM: 5438.48 MB
Total Pagefile: 16203.7 MB
Available Pagefile: 13466.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:24.95 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:394.18 GB) (Free:394.07 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: AA9693FE)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=279 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=394 GB) - (Type=OF Extended)
 
==================== End Of Log ============================
 
 


#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,374 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:20 PM

Posted 10 December 2013 - 02:17 PM

Greetings,

Please run this fix for me.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1Qzu0B0CyByBtAyB0EzztD0E0D0C0E0B0D0DtN0D0Tzu0CtBtByEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1805169744
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1Qzu0B0CyByBtAyB0EzztD0E0D0C0E0B0D0DtN0D0Tzu0CtBtByEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1805169744
BHO: Deal Slider BHO - {E4607B39-174A-44BA-AB08-8892366ECA13} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
C:\Users\Alex Candoo\jagex_cl_runescape_LIVE.dat
C:\Users\Alex Candoo\jagex_cl_runescape_LIVE1.dat
C:\Users\Alex Candoo\random.dat
C:\Users\Alex Candoo\regdll.bat
C:\Users\Alex Candoo\AppData\Local\Temp\i4j2344490949740699010.exe
C:\Users\Alex Candoo\AppData\Local\Temp\Quarantine.exe
cmd: copy /y C:\Windows\SysWOW64\windowscodecs\WindowsCodecs.dll C:\Windows\SysWOW64 
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#12 candooa

candooa
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 10 December 2013 - 09:29 PM

Fixlog.txt:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-12-2013 01
Ran by Alex Candoo at 2013-12-10 18:23:52 Run:1
Running from C:\Users\Alex Candoo\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
BHO: Deal Slider BHO - {E4607B39-174A-44BA-AB08-8892366ECA13} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
C:\Users\Alex Candoo\jagex_cl_runescape_LIVE.dat
C:\Users\Alex Candoo\jagex_cl_runescape_LIVE1.dat
C:\Users\Alex Candoo\random.dat
C:\Users\Alex Candoo\regdll.bat
C:\Users\Alex Candoo\AppData\Local\Temp\i4j2344490949740699010.exe
C:\Users\Alex Candoo\AppData\Local\Temp\Quarantine.exe
cmd: copy /y C:\Windows\SysWOW64\windowscodecs\WindowsCodecs.dll C:\Windows\SysWOW64
*****************
 
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4607B39-174A-44BA-AB08-8892366ECA13} => Key deleted successfully.
HKCR\CLSID\{E4607B39-174A-44BA-AB08-8892366ECA13} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
C:\Users\Alex Candoo\jagex_cl_runescape_LIVE.dat => Moved successfully.
C:\Users\Alex Candoo\jagex_cl_runescape_LIVE1.dat => Moved successfully.
C:\Users\Alex Candoo\random.dat => Moved successfully.
C:\Users\Alex Candoo\regdll.bat => Moved successfully.
C:\Users\Alex Candoo\AppData\Local\Temp\i4j2344490949740699010.exe => Moved successfully.
C:\Users\Alex Candoo\AppData\Local\Temp\Quarantine.exe => Moved successfully.
 
=========  copy /y C:\Windows\SysWOW64\windowscodecs\WindowsCodecs.dll C:\Windows\SysWOW64 =========
 
Access is denied.
        0 file(s) copied.
 
========= End of CMD: =========
 
 
==== End of Fixlog ====
 
Hey Gary,
The those programs are still giving the windows codecs errors like before no change in that. Thanks for all of your help i hope we can get rid of this error.


#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,374 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:20 PM

Posted 10 December 2013 - 09:42 PM

Let's try that file replacement a different way. Please do this.

===================================================

Farbar's Recovery Scan Tool

--------------------

For this step you will need a USB flash drive.
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it on the flashdrive as fixlist.txt
cmd: copy /y C:\Windows\SysWOW64\windowscodecs\WindowsCodecs.dll C:\Windows\SysWOW64
  • Please download Farbar Recovery Scan Tool and save it to a flash drive. You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Plug the flashdrive into the infected PC and follow the 2 step process below to enter the System Recovery Options using one of the three options listed, then running Farbar's Recover Scan Tool
----------

Entering into the System Recovery Options

Option #1

To enter System Recovery Options in Windows 8:Option #2

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
Option #3

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next
----------

Running Farbar's Recovery Scan Tool in System Recovery
  • Once you are in the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in Notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select Computer and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    • Note: Replace letter e with the drive letter of your flash drive.
  • When the tool opens click Yes to disclaimer.
  • Press Fix button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
  • Reboot your computer into Normal Mode and check the performance
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • FRST log
  • Are you still getting the error

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#14 candooa

candooa
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 11 December 2013 - 01:52 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-12-2013 01
Ran by SYSTEM at 2013-12-10 22:44:27 Run:2
Running from F:\
Boot Mode: Recovery
==============================================
 
Content of fixlist:
*****************
cmd: copy /y C:\Windows\SysWOW64\windowscodecs\WindowsCodecs.dll C:\Windows\SysWOW64
*****************
 
 
=========  copy /y C:\Windows\SysWOW64\windowscodecs\WindowsCodecs.dll C:\Windows\SysWOW64 =========
 
        1 file(s) copied.
 
========= End of CMD: =========
 
 
==== End of Fixlog ====
 
After doing this step the program that was showing the error no longer gives me the error it seems to be working great. Thanks so much Gary.
Do you have any clue what could have caused this or how to avoid this happening again?
 
 
Thanks again!!!!

Edited by candooa, 11 December 2013 - 01:52 AM.


#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,374 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:20 PM

Posted 14 December 2013 - 04:56 PM

I am SO sorry for the delay in responding. I never received a notice you responded.

It is hard to know what caused it and I will be giving you general guidelines regarding computer security when we part ways.

Are you having any issues now?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users