Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 Update error code 80073712


  • This topic is locked This topic is locked
28 replies to this topic

#1 wolfsxs997

wolfsxs997

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 03 June 2014 - 05:17 AM

http://www.bleepingcomputer.com/forums/t/536436/windows-7-update-error-80073712/page-2

 

I have discovered that my Windows Update is refusing to search comes up with red x. I turned off System restore after Anti virus program detected win32 trojan virus. Programs of HP stopped working. Windows updates refuses to search. SFC scanner resource refuses to perform in both normal/safe modes.

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16866
Run by Namastang at 3:14:34 on 2014-06-03
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3003.1485 [GMT -7:00]
.
AV: Avira Desktop *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Symmetricom\SymmTime\GeTTime.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Windows\system32\locator.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\System32\snmptrap.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - <orphaned>
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe /startup
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [EMET 4.1 Agent] "C:\Program Files (x86)\EMET 4.1\EMET_agent.exe"
mRun: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
StartupFolder: C:\Users\NAMAST~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\YAHOO!~1.LNK - C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SymmTime.lnk - C:\Program Files (x86)\Symmetricom\SymmTime\GeTTime.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1262.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{C3C4445C-84B8-4D86-889A-D95F8551E0C0} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - <orphaned>
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Namastang\AppData\Roaming\Mozilla\Firefox\Profiles\vgf6p8dh.default-1395531638386\
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2014-6-1 28600]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-7-8 98208]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-6-1 430160]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-6-1 430160]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2014-6-1 112080]
R2 Avira.OE.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-5-14 123984]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-6-9 555392]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-5-22 290520]
R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-24 315392]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2011-9-8 1225832]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfswin7.sys [2013-6-26 768680]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaywin7.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirwin7.sys [2013-6-26 29352]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvolwin7.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S3 anvsnddrv;AnvSoft Virtual Sound Device;C:\Windows\System32\drivers\anvsnddrv.sys [2014-4-18 33872]
S3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\Windows\System32\drivers\hitmanpro37.sys [2014-5-31 32512]
S3 Neo_Gingting;VPN Client Device Driver - Gingting;C:\Windows\System32\drivers\Neo_0036.sys [2013-6-15 28768]
S3 Neo_Gogoza888;VPN Client Device Driver - Gogoza888;C:\Windows\System32\drivers\Neo_0040.sys [2013-4-26 28768]
S3 Neo_Saavadravanaava8;VPN Client Device Driver - Saavadravanaava8;C:\Windows\System32\drivers\Neo_0086.sys [2013-6-30 28768]
S3 Neo_Shavabhavadhava9;VPN Client Device Driver - Shavabhavadhava9;C:\Windows\System32\drivers\Neo_0026.sys [2013-6-30 28768]
S3 Neo_Vaavadravamanaa88;VPN Client Device Driver - Vaavadravamanaa88;C:\Windows\System32\drivers\Neo_0006.sys [2013-6-30 28768]
S3 Neo_VPN;VPN Client Device Driver - VPN;C:\Windows\System32\drivers\Neo_0084.sys [2013-5-22 28768]
S3 Neo_Zagyoyo87;VPN Client Device Driver - Zagyoyo87;C:\Windows\System32\drivers\Neo_0047.sys [2013-5-4 28768]
S3 Neo_Zinghingcing;VPN Client Device Driver - Zinghingcing;C:\Windows\System32\drivers\Neo_0120.sys [2013-6-15 28768]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-14 19456]
S3 SEE;SoftEther Ethernet Layer Driver;C:\Windows\System32\drivers\see.sys [2013-6-30 38240]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-12 56832]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-23 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2014-6-1 1039952]
S4 FBDiskOptimizer;FBDiskOptimizer;C:\Program Files (x86)\FixBee\FBDefragSrv64.exe --> C:\Program Files (x86)\FixBee\FBDefragSrv64.exe [?]
.
=============== Created Last 30 ================
.
2014-06-03 08:51:44    84720    ----a-w-    C:\Windows\System32\drivers\avnetflt.sys
2014-06-03 08:40:54    --------    d-----w-    C:\AdwCleaner
2014-06-03 05:52:12    --------    d-----w-    C:\Windows\System32\catroot2
2014-06-03 02:56:59    --------    d-----w-    C:\ProgramData\Logs
2014-06-03 02:42:23    --------    d-----w-    C:\Program Files (x86)\DLLSuite
2014-06-02 23:20:53    --------    d-----w-    C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-06-02 12:01:32    --------    d-----w-    C:\Users\Namastang\AppData\Local\SoftGrid Client
2014-06-02 12:01:29    --------    d-----w-    C:\Users\Namastang\AppData\Roaming\SoftGrid Client
2014-06-01 13:26:16    --------    d-----w-    C:\Users\Namastang\AppData\Roaming\Avira
2014-06-01 13:23:17    28600    ----a-w-    C:\Windows\System32\drivers\avkmgr.sys
2014-06-01 13:23:16    112080    ----a-w-    C:\Windows\System32\drivers\avgntflt.sys
2014-06-01 13:19:42    --------    d-----w-    C:\Program Files (x86)\Avira
2014-06-01 13:19:40    --------    d-----w-    C:\ProgramData\Avira
2014-06-01 13:19:29    --------    d-----w-    C:\ProgramData\Package Cache
2014-06-01 13:13:04    --------    d-----w-    C:\Windows\System32\wbem\repository
2014-06-01 10:17:40    --------    d-----w-    C:\Windows\CheckSur
2014-05-31 20:09:23    70832    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-31 20:09:23    692400    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-31 09:54:08    32512    ----a-w-    C:\Windows\System32\drivers\hitmanpro37.sys
2014-05-30 12:15:07    --------    d-sh--w-    C:\$RECYCLE.BIN
2014-05-23 01:50:49    113576    ----a-w-    C:\Windows\System32\CONEQMSAPOGUILibrary.dll
2014-05-23 01:50:45    108640    ----a-w-    C:\Windows\System32\AERTAR64.dll
2014-05-23 01:50:44    209096    ----a-w-    C:\Windows\System32\AERTAC64.dll
2014-05-23 01:37:14    --------    d-----w-    C:\Windows\SysWow64\RTCOM
2014-05-23 01:36:09    65024    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2014-05-21 22:09:05    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-05-21 22:09:05    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-05-21 21:55:22    10651704    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{634D00F5-6611-47CA-9075-806E9D71A7FD}\mpengine.dll
2014-05-21 21:50:54    477184    ----a-w-    C:\Windows\System32\aepdu.dll
2014-05-21 21:50:54    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-05-15 13:14:52    --------    d-----w-    C:\Users\Namastang\AppData\Local\Macromedia
2014-05-15 07:52:28    88280    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-15 07:52:28    63192    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-05-15 07:52:28    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-05-15 07:52:28    --------    d-----w-    C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-09 08:06:22    2310992    ----a-w-    C:\Windows\SysWow64\shellfire.dll
.
==================== Find3M  ====================
.
2014-06-02 04:04:25    135736    ----a-w-    C:\Windows\System32\vpncmd.exe
2014-06-01 09:45:41    119512    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-14 18:37:38    3962840    ----a-w-    C:\Windows\System32\drivers\RTKVHD64.sys
2014-05-12 20:11:46    60636160    ----a-w-    C:\Windows\System32\RCoRes64.dat
2014-05-09 11:17:44    628952    ----a-w-    C:\Windows\System32\RtDataProc64.dll
2014-05-09 08:06:28    2590544    ----a-w-    C:\Windows\System32\shellfire.dll
2014-04-30 11:34:18    948952    ----a-w-    C:\Windows\System32\RCoInstII64.dll
2014-04-28 15:48:48    2800344    ----a-w-    C:\Windows\System32\RltkAPO64.dll
2014-04-25 13:51:10    2834648    ----a-w-    C:\Windows\System32\RtPgEx64.dll
2014-04-25 13:23:36    1022168    ----a-w-    C:\Windows\System32\RtkApi64.dll
2014-04-12 02:22:05    95680    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05    155072    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38    29184    ----a-w-    C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38    136192    ----a-w-    C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37    28160    ----a-w-    C:\Windows\System32\secur32.dll
2014-04-12 02:19:32    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05    31232    ----a-w-    C:\Windows\System32\lsass.exe
2014-04-12 02:12:06    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-03-31 16:35:08    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2014-03-13 06:33:30    2238976    ----a-w-    C:\Windows\System32\wininet.dll
2014-03-13 06:32:03    3959808    ----a-w-    C:\Windows\System32\jscript9.dll
2014-03-13 06:31:55    67072    ----a-w-    C:\Windows\System32\iesetup.dll
2014-03-13 06:31:55    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2014-03-13 05:10:47    1766400    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-03-13 05:09:43    2877952    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-03-13 05:09:39    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-03-13 05:09:39    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2014-03-13 03:59:47    89600    ----a-w-    C:\Windows\System32\RegisterIEPKEYs.exe
2014-03-13 03:51:45    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-03-06 16:35:14    1959128    ----a-w-    C:\Windows\System32\RTSnMg64.cpl
.
============= FINISH:  3:15:16.30 ===============
 

 

 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,622 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:13 AM

Posted 08 June 2014 - 05:20 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/536443 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 wolfsxs997

wolfsxs997
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 08 June 2014 - 11:36 PM

I am unable to find new Windows 7 Updates. Fails to find new updates. I tried the SFC scannow. It doesn't work. i start the Module in services, it fails to remember the setting. I see pending XML that are either current or 3 years old. I don't know what to do next. My next observation was to look at CBS logs and Software distribution file, I haven't found any solution yet in any of this. My computer operating system is pre-installed.

 

Prior to this I have a previous post in the "Am I affected?, What do I do?" thread. I removed a virus that was either malware or a trojan. The effect was it kept my desktop hidden and possibly sending unsolicited messages through spambot.

 

Thanks for the reply. Here's the rescan.

Attached Files


Edited by wolfsxs997, 09 June 2014 - 05:51 AM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,924 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:13 AM

Posted 09 June 2014 - 12:28 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#5 wolfsxs997

wolfsxs997
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 09 June 2014 - 01:15 PM

# AdwCleaner v3.211 - Report created 03/06/2014 at 01:41:36
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Namastang - INNER-SQUIRE-05
# Running from : C:\Users\Namastang\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\AppDataLow\Software

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16866


-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Namastang\AppData\Roaming\Mozilla\Firefox\Profiles\vgf6p8dh.default-1395531638386\prefs.js ]


*************************

AdwCleaner[R0].txt - [962 octets] - [03/06/2014 01:40:56]
AdwCleaner[S0].txt - [888 octets] - [03/06/2014 01:41:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [947 octets] ##########
# AdwCleaner v3.212 - Report created 09/06/2014 at 11:10:34
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Namastang - INNER-SQUIRE-05
# Running from : C:\Users\Namastang\Downloads\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16866


-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Namastang\AppData\Roaming\Mozilla\Firefox\Profiles\ub3jr35x.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1933 octets] - [03/06/2014 01:40:56]
AdwCleaner[S0].txt - [1860 octets] - [03/06/2014 01:41:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1920 octets] ##########



#6 wolfsxs997

wolfsxs997
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 09 June 2014 - 01:18 PM

# AdwCleaner v3.211 - Report created 03/06/2014 at 01:40:56
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Namastang - INNER-SQUIRE-05
# Running from : C:\Users\Namastang\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16866


-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Namastang\AppData\Roaming\Mozilla\Firefox\Profiles\vgf6p8dh.default-1395531638386\prefs.js ]


*************************

AdwCleaner[R0].txt - [824 octets] - [03/06/2014 01:40:56]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [883 octets] ##########
# AdwCleaner v3.212 - Report created 09/06/2014 at 11:08:29
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Namastang - INNER-SQUIRE-05
# Running from : C:\Users\Namastang\Downloads\adwcleaner_3.212.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16866


-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Namastang\AppData\Roaming\Mozilla\Firefox\Profiles\ub3jr35x.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1733 octets] - [03/06/2014 01:40:56]
AdwCleaner[S0].txt - [1026 octets] - [03/06/2014 01:41:36]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1853 octets] ##########



#7 wolfsxs997

wolfsxs997
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 09 June 2014 - 01:25 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-06-2014 02
Ran by Namastang (administrator) on INNER-SQUIRE-05 on 09-06-2014 11:19:50
Running from C:\Users\Namastang\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Windows\System32\snmptrap.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [85600 2013-12-12] (Nullsoft, Inc.)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [1596096 2009-08-05] (Leader Technologies Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [EMET 4.1 Agent] => C:\Program Files (x86)\EMET 4.1\EMET_agent.exe [78992 2013-11-21] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SymmTime.lnk
ShortcutTarget: SymmTime.lnk -> C:\Program Files (x86)\Symmetricom\SymmTime\GeTTime.exe ()
Startup: C:\Users\Namastang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk
ShortcutTarget: Yahoo! Widgets.lnk -> C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {B1005404-0438-4F66-B3C4-7B7CA633F6C6} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {EDF91269-7839-4316-BC52-5E9B1B18317A} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {9B31FC02-F6C9-44D6-8E7F-9C8077C023D0} URL = http://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} -  No File
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} -  No File
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - No Name - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1262.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Namastang\AppData\Roaming\Mozilla\Firefox\Profiles\ub3jr35x.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll No File
FF Extension: FoxClocks - C:\Users\Namastang\AppData\Roaming\Mozilla\Firefox\Profiles\ub3jr35x.default\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1} [2014-06-05]
FF Extension: Ghostery - C:\Users\Namastang\AppData\Roaming\Mozilla\Firefox\Profiles\ub3jr35x.default\Extensions\firefox@ghostery.com.xpi [2014-06-05]
FF Extension: Status-4-Evar - C:\Users\Namastang\AppData\Roaming\Mozilla\Firefox\Profiles\ub3jr35x.default\Extensions\status4evar@caligonstudios.com.xpi [2014-06-05]
FF Extension: Adblock Plus - C:\Users\Namastang\AppData\Roaming\Mozilla\Firefox\Profiles\ub3jr35x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-05]
FF Extension: WorldIP - C:\Users\Namastang\AppData\Roaming\Mozilla\Firefox\Profiles\ub3jr35x.default\Extensions\{f36c6cd1-da73-491d-b290-8fc9115bfa55}.xpi [2014-06-05]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
S4 FBDiskOptimizer; C:\Program Files (x86)\FixBee\FBDefragSrv64.exe [X]
S4 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S4 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]

==================== Drivers (Whitelisted) ====================

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-05-31] ()
S3 HMPnoxaT; C:\Windows\SysWow64\Drivers\HMPnoxaT.sys [35712 2013-10-20] () [File not signed]
S3 Neo_Gingting; C:\Windows\System32\DRIVERS\Neo_0036.sys [28768 2013-06-15] (SoftEther Project at University of Tsukuba, Japan.)
S3 Neo_Gogoza888; C:\Windows\System32\DRIVERS\Neo_0040.sys [28768 2013-04-26] (SoftEther Project at University of Tsukuba, Japan.)
S3 Neo_Saavadravanaava8; C:\Windows\System32\DRIVERS\Neo_0086.sys [28768 2013-06-30] (SoftEther Project at University of Tsukuba, Japan.)
S3 Neo_Shavabhavadhava9; C:\Windows\System32\DRIVERS\Neo_0026.sys [28768 2013-06-30] (SoftEther Project at University of Tsukuba, Japan.)
S3 Neo_Vaavadravamanaa88; C:\Windows\System32\DRIVERS\Neo_0006.sys [28768 2013-06-30] (SoftEther Project at University of Tsukuba, Japan.)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0084.sys [28768 2013-05-22] (SoftEther Project at University of Tsukuba, Japan.)
S3 Neo_Zagyoyo87; C:\Windows\System32\DRIVERS\Neo_0047.sys [28768 2013-05-04] (SoftEther Project at University of Tsukuba, Japan.)
S3 Neo_Zinghingcing; C:\Windows\System32\DRIVERS\Neo_0120.sys [28768 2013-06-15] (SoftEther Project at University of Tsukuba, Japan.)
S3 SEE; C:\Windows\System32\drivers\see.sys [38240 2013-06-30] (SoftEther Project at University of Tsukuba, Japan.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-09 11:19 - 2014-06-09 11:21 - 00015125 _____ () C:\Users\Namastang\Downloads\FRST.txt
2014-06-09 11:19 - 2014-06-09 11:19 - 02080768 _____ (Farbar) C:\Users\Namastang\Downloads\FRST64.exe
2014-06-09 11:19 - 2014-06-09 11:19 - 00000000 ____D () C:\FRST
2014-06-09 11:08 - 2014-06-09 11:08 - 01333465 _____ () C:\Users\Namastang\Downloads\adwcleaner_3.212.exe
2014-06-08 21:48 - 2014-06-08 21:57 - 00017508 _____ () C:\Users\Namastang\Desktop\dds.txt
2014-06-08 21:48 - 2014-06-08 21:57 - 00012351 _____ () C:\Users\Namastang\Desktop\attach.txt
2014-06-08 21:41 - 2014-06-08 21:41 - 00000998 _____ () C:\Users\Namastang\Desktop\kiox.txt
2014-06-06 17:09 - 2014-06-06 17:10 - 00000000 ____D () C:\Users\Namastang\Desktop\New folder (11)
2014-06-06 01:53 - 2014-06-06 02:07 - 00000000 ____D () C:\Windows\pss
2014-06-06 00:48 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-06-06 00:48 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-06-06 00:48 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-06-06 00:48 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-06-06 00:48 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-06-06 00:48 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-06-06 00:48 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-06-06 00:48 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-06-06 00:48 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-06-06 00:48 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-06-06 00:48 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-06-06 00:48 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-06-06 00:48 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-06-06 00:48 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-06-06 00:48 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-06-06 00:48 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-06-06 00:48 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-06-06 00:48 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-06-06 00:48 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-06-06 00:48 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-06-06 00:48 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-06-06 00:48 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-06-06 00:48 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-06-06 00:48 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-06-06 00:48 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-06-06 00:48 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-06-06 00:48 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-06-06 00:48 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-06-06 00:48 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-06-06 00:48 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-06-06 00:48 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-06-06 00:48 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-06-06 00:48 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-06-06 00:48 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-06-06 00:48 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-06-06 00:48 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-06-06 00:48 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-06-06 00:48 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-06-06 00:48 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-06-06 00:48 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-06-06 00:48 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-06-06 00:48 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-06-06 00:48 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-06-06 00:48 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-06-06 00:48 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-06-06 00:48 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-06-06 00:48 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-06-06 00:48 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-06-06 00:48 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-06-06 00:48 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-06-06 00:48 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-06-06 00:48 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-06-06 00:48 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-06-06 00:48 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-06-06 00:48 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-06-06 00:48 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-06-06 00:48 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-06-06 00:48 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-06-06 00:48 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-06-06 00:48 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-06-06 00:48 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-06-06 00:48 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-06-06 00:48 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-06-06 00:48 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-06-06 00:48 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-06-06 00:48 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-06-06 00:48 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-06-06 00:48 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-06-06 00:48 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-06-06 00:48 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-06-06 00:48 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-06-06 00:48 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-06-06 00:48 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-06-06 00:48 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-06-06 00:48 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-06-06 00:48 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-06-06 00:48 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-06-06 00:48 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-06-06 00:48 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-06-06 00:48 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-06-06 00:48 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-06-06 00:48 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-06-06 00:48 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-06-06 00:48 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-06-06 00:48 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-06-06 00:48 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-06-06 00:48 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-06-06 00:48 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-06-06 00:48 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-06-06 00:48 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-06-06 00:48 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-06-06 00:48 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-06-06 00:48 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-06-06 00:48 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-06-06 00:48 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-06-06 00:48 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-06-06 00:48 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-06-06 00:48 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-06-06 00:48 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-06-06 00:48 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-06-06 00:48 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-06-06 00:48 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-06-06 00:48 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-06-06 00:48 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-06-06 00:47 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-06-06 00:47 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-06-06 00:47 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-06-06 00:47 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-06-06 00:47 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-06-06 00:47 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-06-06 00:47 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-06-06 00:47 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-06-06 00:47 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-06-06 00:47 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-06-06 00:47 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-06-06 00:47 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-06-06 00:47 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-06-06 00:47 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-06-06 00:47 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-06-06 00:47 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-06-06 00:47 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-06-06 00:47 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-06-06 00:47 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-06-06 00:47 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-06-06 00:47 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-06-06 00:47 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-06-06 00:47 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-06-06 00:47 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-06-06 00:47 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-06-06 00:47 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-06-06 00:47 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-06-06 00:47 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-06-06 00:47 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-06-06 00:47 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-06-06 00:47 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-06-06 00:47 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-06-06 00:47 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-06-06 00:47 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-06-06 00:47 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-06-06 00:47 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-06-06 00:47 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-06-06 00:47 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-06-06 00:47 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-06-06 00:47 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-06-06 00:47 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-06-06 00:47 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-06-06 00:47 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-06-06 00:47 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-06-06 00:47 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-06-06 00:47 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-06-06 00:47 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-06-06 00:47 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-06-06 00:47 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-06-06 00:47 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-06-06 00:47 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-06-06 00:47 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-06-06 00:47 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-06-06 00:47 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-06-06 00:47 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-06-06 00:47 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-06-06 00:47 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-06-06 00:47 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-06-06 00:47 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-06-06 00:47 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-06-06 00:47 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-06-06 00:47 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-06-06 00:47 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-06-06 00:47 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-06-06 00:47 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-06-06 00:47 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-06-06 00:47 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-06-06 00:47 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-06-06 00:47 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-06-06 00:47 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-06-06 00:47 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-06-06 00:47 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-06-06 00:47 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-06-06 00:43 - 2014-06-06 00:48 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-06 00:43 - 2014-06-06 00:46 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-05 22:40 - 2014-06-05 22:40 - 00000134 _____ () C:\Users\Namastang\Desktop\Internet Explorer Troubleshooting.url
2014-06-05 22:39 - 2014-06-05 22:40 - 00004904 _____ () C:\Windows\IE11_main.log
2014-06-05 18:28 - 2014-06-05 18:32 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-06-05 18:05 - 2014-06-05 18:05 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-05 18:05 - 2014-06-05 18:05 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-05 18:05 - 2014-06-05 18:05 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-06-05 18:05 - 2014-06-05 18:05 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-05 18:05 - 2014-06-05 18:05 - 00000000 ____D () C:\Users\Namastang\AppData\Roaming\Macromedia
2014-06-05 18:05 - 2014-06-05 18:05 - 00000000 ____D () C:\Users\Namastang\AppData\Local\Macromedia
2014-06-05 17:34 - 2014-06-05 17:35 - 00000000 ____D () C:\Users\Namastang\AppData\Roaming\Mozilla
2014-06-05 17:33 - 2014-06-05 17:33 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-05 17:33 - 2014-06-05 17:33 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-05 17:33 - 2014-06-05 17:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-05 17:28 - 2014-06-05 17:28 - 00221095 _____ () C:\Users\Namastang\Desktop\bookmarks-2014-06-05.json
2014-06-04 19:10 - 2014-06-04 19:11 - 00001517 _____ () C:\Windows\system32\activity.txt
2014-06-04 18:44 - 2014-06-04 18:44 - 00000000 ____D () C:\Users\Namastang\AppData\Roaming\Avira
2014-06-04 18:41 - 2014-06-04 18:40 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-06-04 18:35 - 2014-06-04 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-04 18:35 - 2014-06-04 18:35 - 00001133 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-06-04 18:35 - 2014-06-04 18:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-04 18:33 - 2014-06-04 18:33 - 00003150 _____ () C:\Windows\System32\Tasks\{5842EBB3-9429-4D4B-BF1B-0B3A3D756ED0}
2014-06-03 01:40 - 2014-06-09 11:10 - 00000000 ____D () C:\AdwCleaner
2014-06-03 01:37 - 2014-06-03 01:37 - 00001069 _____ () C:\Users\Namastang\Documents\xsx.txt
2014-06-02 23:42 - 2014-06-02 23:42 - 00000000 ____D () C:\Users\Namastang\Desktop\New folder (10)
2014-06-02 19:42 - 2014-06-02 19:53 - 00000000 ____D () C:\Program Files (x86)\DLLSuite
2014-06-02 19:18 - 2014-06-02 19:19 - 00000000 ____D () C:\Users\Namastang\Desktop\New folder (9)
2014-06-02 16:19 - 2014-06-02 16:19 - 01632144 _____ (Microsoft Corporation) C:\Users\Namastang\Desktop\setupconsumerc2rolw.exe
2014-06-02 05:01 - 2014-06-05 22:02 - 00000000 ____D () C:\Users\Namastang\AppData\Roaming\SoftGrid Client
2014-06-01 06:23 - 2014-05-09 11:16 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-01 06:23 - 2014-05-09 11:16 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-01 06:23 - 2014-05-09 11:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-06-01 06:19 - 2014-06-04 18:35 - 00000000 ____D () C:\ProgramData\Avira
2014-06-01 06:19 - 2014-06-04 18:35 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-01 03:17 - 2014-06-01 03:17 - 00000000 ____D () C:\Windows\CheckSur
2014-06-01 02:45 - 2014-06-01 02:45 - 00265750 _____ () C:\Users\Namastang\Desktop\dotnetfx_cleanup_tool.zip
2014-06-01 00:21 - 2014-06-01 00:21 - 00448512 _____ (OldTimer Tools) C:\Users\Namastang\Desktop\TFC.exe
2014-05-31 02:54 - 2014-05-31 02:54 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-05-31 02:52 - 2014-05-31 02:52 - 00000718 _____ () C:\Windows\system32\.crusader
2014-05-31 02:34 - 2014-05-31 02:34 - 00000850 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-05-31 01:37 - 2014-05-31 01:37 - 00262144 _____ () C:\Windows\system32\config\COMPONENTS.OLD1
2014-05-30 05:07 - 2014-05-30 05:07 - 00000000 ___SD () C:\32788R22FWJFW
2014-05-30 04:59 - 2014-05-30 04:59 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-30 04:59 - 2014-05-30 04:59 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-30 04:59 - 2014-05-30 04:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-28 19:13 - 2014-05-31 03:02 - 00000000 ____D () C:\Users\Namastang\Desktop\New folder (2)
2014-05-25 15:00 - 2014-06-06 23:38 - 00000000 ____D () C:\Users\Namastang\AppData\Roaming\vlc
2014-05-25 15:00 - 2014-05-25 15:00 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-25 15:00 - 2014-05-25 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-05-22 18:52 - 2014-05-14 11:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-05-22 18:52 - 2014-05-14 09:00 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-05-22 18:52 - 2014-05-12 13:11 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-05-22 18:52 - 2014-05-09 04:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-05-22 18:52 - 2014-04-30 04:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-05-22 18:52 - 2014-04-28 08:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-05-22 18:52 - 2014-04-25 06:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-05-22 18:52 - 2014-04-25 06:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-05-22 18:52 - 2014-03-06 09:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-05-22 18:52 - 2014-01-28 04:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-05-22 18:52 - 2011-12-20 08:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-05-22 18:52 - 2011-11-22 09:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-05-22 18:52 - 2010-11-08 00:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-05-22 18:52 - 2010-11-08 00:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-05-22 18:52 - 2010-11-08 00:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-05-22 18:52 - 2010-11-08 00:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-05-22 18:52 - 2010-11-08 00:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-05-22 18:52 - 2010-11-08 00:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-05-22 18:52 - 2010-11-03 11:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-05-22 18:50 - 2013-10-15 20:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-05-22 18:50 - 2013-10-11 05:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-05-22 18:50 - 2012-03-08 04:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-05-22 18:37 - 2014-05-22 18:53 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-22 16:11 - 2014-05-24 16:47 - 00280384 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-22 03:40 - 2014-05-24 16:48 - 00063384 _____ () C:\Users\Namastang\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-21 15:09 - 2014-05-05 22:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-21 15:09 - 2014-05-05 22:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-21 15:09 - 2014-05-05 20:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-21 15:09 - 2014-05-05 20:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-21 15:09 - 2014-05-05 20:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-21 15:09 - 2014-05-05 20:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-21 14:53 - 2014-04-11 19:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-21 14:53 - 2014-04-11 19:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-21 14:53 - 2014-04-11 19:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-21 14:53 - 2014-04-11 19:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-21 14:53 - 2014-04-11 19:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-21 14:53 - 2014-04-11 19:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-21 14:53 - 2014-04-11 19:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-21 14:53 - 2014-04-11 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-21 14:53 - 2014-04-11 19:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-21 14:53 - 2014-03-24 19:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-21 14:53 - 2014-03-24 19:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-21 14:53 - 2014-03-04 02:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-21 14:53 - 2014-03-04 02:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-21 14:53 - 2014-03-04 02:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-21 14:53 - 2014-03-04 02:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-21 14:53 - 2014-03-04 02:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-21 14:53 - 2014-03-04 02:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-21 14:53 - 2014-03-04 02:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-21 14:53 - 2014-03-04 02:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-21 14:53 - 2014-03-04 02:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-21 14:53 - 2014-03-04 02:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-21 14:53 - 2014-03-04 02:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-21 14:53 - 2014-03-04 02:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-21 14:53 - 2014-03-04 02:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-21 14:53 - 2014-03-04 02:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-21 14:53 - 2014-03-04 02:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-21 14:53 - 2014-03-04 02:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-21 14:53 - 2014-03-04 02:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-21 14:53 - 2014-03-04 02:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-21 14:53 - 2014-03-04 02:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-21 14:53 - 2014-03-04 02:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-21 14:53 - 2014-03-04 02:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-21 14:53 - 2014-03-04 02:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-21 14:53 - 2014-03-04 02:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-21 14:53 - 2014-03-04 02:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-21 14:53 - 2014-03-04 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-21 14:53 - 2014-03-04 02:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-21 14:53 - 2014-03-04 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-21 14:53 - 2014-03-04 02:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-21 14:53 - 2014-03-04 02:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-21 14:53 - 2014-03-04 02:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-21 14:53 - 2014-03-04 02:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-21 14:53 - 2014-03-04 02:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-21 14:50 - 2014-05-08 23:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-21 14:50 - 2014-05-08 23:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-21 02:31 - 2014-05-23 17:49 - 00000000 ____D () C:\Users\Namastang\Documents\New folder (2)
2014-05-16 17:47 - 2014-06-05 17:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-15 00:52 - 2014-05-15 00:52 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-15 00:52 - 2014-05-15 00:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-15 00:52 - 2014-05-15 00:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-15 00:52 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-15 00:52 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-15 00:52 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-12 00:18 - 2014-05-12 00:18 - 00034271 _____ () C:\Users\Namastang\Documents\gunday_english-910751.zip
2014-05-10 03:37 - 2014-05-10 03:43 - 00044544 _____ () C:\Users\Namastang\Documents\brdcastformats.xls

==================== One Month Modified Files and Folders =======

2014-06-09 11:21 - 2014-06-09 11:19 - 00015125 _____ () C:\Users\Namastang\Downloads\FRST.txt
2014-06-09 11:21 - 2010-11-26 15:36 - 00000000 ____D () C:\Users\Namastang\AppData\Local\Temp
2014-06-09 11:20 - 2009-07-13 21:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-09 11:20 - 2009-07-13 21:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-09 11:19 - 2014-06-09 11:19 - 02080768 _____ (Farbar) C:\Users\Namastang\Downloads\FRST64.exe
2014-06-09 11:19 - 2014-06-09 11:19 - 00000000 ____D () C:\FRST
2014-06-09 11:15 - 2010-07-08 01:30 - 01530845 _____ () C:\Windows\WindowsUpdate.log
2014-06-09 11:13 - 2014-05-03 01:59 - 00000346 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-06-09 11:11 - 2010-11-26 22:30 - 03163702 _____ () C:\Windows\PFRO.log
2014-06-09 11:11 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-09 11:11 - 2009-07-13 21:51 - 00152069 _____ () C:\Windows\setupact.log
2014-06-09 11:10 - 2014-06-03 01:40 - 00000000 ____D () C:\AdwCleaner
2014-06-09 11:08 - 2014-06-09 11:08 - 01333465 _____ () C:\Users\Namastang\Downloads\adwcleaner_3.212.exe
2014-06-08 21:57 - 2014-06-08 21:48 - 00017508 _____ () C:\Users\Namastang\Desktop\dds.txt
2014-06-08 21:57 - 2014-06-08 21:48 - 00012351 _____ () C:\Users\Namastang\Desktop\attach.txt
2014-06-08 21:41 - 2014-06-08 21:41 - 00000998 _____ () C:\Users\Namastang\Desktop\kiox.txt
2014-06-08 13:51 - 2011-06-13 12:53 - 00056044 _____ () C:\Users\Namastang\dsp_stereo_tool.ini
2014-06-07 13:16 - 2013-05-07 02:12 - 00008287 _____ () C:\Users\Namastang\Documents\rdpr.txt
2014-06-07 13:14 - 2014-03-23 15:47 - 00003780 _____ () C:\Users\Namastang\Documents\socsch.txt
2014-06-07 00:59 - 2009-07-13 22:13 - 00815886 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-06 23:38 - 2014-05-25 15:00 - 00000000 ____D () C:\Users\Namastang\AppData\Roaming\vlc
2014-06-06 22:32 - 2014-04-04 21:16 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-06 17:10 - 2014-06-06 17:09 - 00000000 ____D () C:\Users\Namastang\Desktop\New folder (11)
2014-06-06 05:57 - 2013-11-23 16:13 - 00027517 _____ () C:\Users\Namastang\Documents\crrc14.txt
2014-06-06 02:12 - 2013-04-11 10:50 - 00012292 _____ () C:\Users\Namastang\Documents\nbaply13.txt
2014-06-06 02:07 - 2014-06-06 01:53 - 00000000 ____D () C:\Windows\pss
2014-06-06 02:07 - 2010-11-26 15:48 - 00000000 ___RD () C:\Users\Namastang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-06 02:07 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-06 00:57 - 2011-03-25 20:31 - 00806916 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-06 00:48 - 2014-06-06 00:43 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-06 00:48 - 2010-07-10 19:07 - 00073072 _____ () C:\Windows\DirectX.log
2014-06-06 00:46 - 2014-06-06 00:43 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-05 22:40 - 2014-06-05 22:40 - 00000134 _____ () C:\Users\Namastang\Desktop\Internet Explorer Troubleshooting.url
2014-06-05 22:40 - 2014-06-05 22:39 - 00004904 _____ () C:\Windows\IE11_main.log
2014-06-05 22:11 - 2010-07-10 21:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-06-05 22:09 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-05 22:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-05 22:05 - 2009-07-13 19:34 - 00000387 _____ () C:\Windows\win.ini
2014-06-05 22:02 - 2014-06-02 05:01 - 00000000 ____D () C:\Users\Namastang\AppData\Roaming\SoftGrid Client
2014-06-05 18:32 - 2014-06-05 18:28 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-06-05 18:05 - 2014-06-05 18:05 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-05 18:05 - 2014-06-05 18:05 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-05 18:05 - 2014-06-05 18:05 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-06-05 18:05 - 2014-06-05 18:05 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-05 18:05 - 2014-06-05 18:05 - 00000000 ____D () C:\Users\Namastang\AppData\Roaming\Macromedia
2014-06-05 18:05 - 2014-06-05 18:05 - 00000000 ____D () C:\Users\Namastang\AppData\Local\Macromedia
2014-06-05 18:05 - 2011-03-22 22:05 - 00000000 ____D () C:\Users\Namastang\AppData\Local\Adobe
2014-06-05 17:35 - 2014-06-05 17:34 - 00000000 ____D () C:\Users\Namastang\AppData\Roaming\Mozilla
2014-06-05 17:33 - 2014-06-05 17:33 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-05 17:33 - 2014-06-05 17:33 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-05 17:33 - 2014-06-05 17:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-05 17:33 - 2014-05-16 17:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-05 17:28 - 2014-06-05 17:28 - 00221095 _____ () C:\Users\Namastang\Desktop\bookmarks-2014-06-05.json
2014-06-05 02:45 - 2014-04-13 20:26 - 00006474 _____ () C:\Users\Namastang\Documents\nathocply.txt
2014-06-05 00:54 - 2012-10-20 18:45 - 00010403 _____ () C:\Users\Namastang\Documents\wrtt.txt
2014-06-04 19:11 - 2014-06-04 19:10 - 00001517 _____ () C:\Windows\system32\activity.txt
2014-06-04 18:44 - 2014-06-04 18:44 - 00000000 ____D () C:\Users\Namastang\AppData\Roaming\Avira
2014-06-04 18:40 - 2014-06-04 18:41 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-06-04 18:39 - 2014-06-04 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-04 18:35 - 2014-06-04 18:35 - 00001133 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-06-04 18:35 - 2014-06-04 18:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-04 18:35 - 2014-06-01 06:19 - 00000000 ____D () C:\ProgramData\Avira
2014-06-04 18:35 - 2014-06-01 06:19 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-04 18:33 - 2014-06-04 18:33 - 00003150 _____ () C:\Windows\System32\Tasks\{5842EBB3-9429-4D4B-BF1B-0B3A3D756ED0}
2014-06-04 18:08 - 2010-11-26 15:36 - 00000000 ____D () C:\Users\Namastang
2014-06-04 18:07 - 2012-10-27 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-06-04 18:07 - 2011-05-27 19:56 - 00000000 ____D () C:\Users\Namastang\AppData\Roaming\Winamp
2014-06-04 18:07 - 2010-07-08 01:41 - 00000000 ____D () C:\ProgramData\CinemaNow
2014-06-04 18:07 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
2014-06-04 18:07 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\AppCompat
2014-06-04 17:40 - 2011-04-17 19:21 - 00000000 ____D () C:\Users\Namastang\AppData\Local\CrashDumps
2014-06-04 17:40 - 2009-09-06 18:57 - 00000000 ____D () C:\Windows\Panther
2014-06-03 01:37 - 2014-06-03 01:37 - 00001069 _____ () C:\Users\Namastang\Documents\xsx.txt
2014-06-02 23:42 - 2014-06-02 23:42 - 00000000 ____D () C:\Users\Namastang\Desktop\New folder (10)
2014-06-02 19:53 - 2014-06-02 19:42 - 00000000 ____D () C:\Program Files (x86)\DLLSuite
2014-06-02 19:19 - 2014-06-02 19:18 - 00000000 ____D () C:\Users\Namastang\Desktop\New folder (9)
2014-06-02 16:22 - 2011-03-25 20:30 - 00000000 ____D () C:\Users\Namastang\AppData\Roaming\TP
2014-06-02 16:19 - 2014-06-02 16:19 - 01632144 _____ (Microsoft Corporation) C:\Users\Namastang\Desktop\setupconsumerc2rolw.exe
2014-06-02 05:28 - 2011-07-06 14:19 - 00000000 ____D () C:\Users\Namastang\AppData\Local\Apps\2.0
2014-06-02 05:06 - 2012-08-20 01:53 - 00004556 _____ () C:\Users\Namastang\Documents\nwzrd.txt
2014-06-01 21:04 - 2013-04-26 01:11 - 00135736 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe
2014-06-01 20:41 - 2011-08-13 17:44 - 00009554 _____ () C:\Users\Namastang\Documents\deurd.txt
2014-06-01 05:17 - 2012-12-04 17:52 - 00001754 _____ () C:\Users\Namastang\Documents\vddi.txt
2014-06-01 03:17 - 2014-06-01 03:17 - 00000000 ____D () C:\Windows\CheckSur
2014-06-01 02:45 - 2014-06-01 02:45 - 00265750 _____ () C:\Users\Namastang\Desktop\dotnetfx_cleanup_tool.zip
2014-06-01 00:21 - 2014-06-01 00:21 - 00448512 _____ (OldTimer Tools) C:\Users\Namastang\Desktop\TFC.exe
2014-05-31 03:02 - 2014-05-28 19:13 - 00000000 ____D () C:\Users\Namastang\Desktop\New folder (2)
2014-05-31 02:54 - 2014-05-31 02:54 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-05-31 02:52 - 2014-05-31 02:52 - 00000718 _____ () C:\Windows\system32\.crusader
2014-05-31 02:34 - 2014-05-31 02:34 - 00000850 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-05-31 01:52 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-05-31 01:37 - 2014-05-31 01:37 - 00262144 _____ () C:\Windows\system32\config\COMPONENTS.OLD1
2014-05-30 16:49 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\catroot3
2014-05-30 05:07 - 2014-05-30 05:07 - 00000000 ___SD () C:\32788R22FWJFW
2014-05-30 04:59 - 2014-05-30 04:59 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-30 04:59 - 2014-05-30 04:59 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-30 04:59 - 2014-05-30 04:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-30 04:56 - 2009-07-13 19:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-29 16:54 - 2013-01-23 20:57 - 00007597 _____ () C:\Users\Namastang\AppData\Local\Resmon.ResmonCfg
2014-05-27 03:48 - 2012-01-24 20:27 - 00007146 _____ () C:\Users\Namastang\Documents\uttl.txt
2014-05-27 03:44 - 2014-04-02 01:56 - 00000592 _____ () C:\Users\Namastang\Documents\inzne.txt
2014-05-26 14:54 - 2012-03-20 15:32 - 00002858 _____ () C:\Users\Namastang\Documents\cbcrk.txt
2014-05-25 15:00 - 2014-05-25 15:00 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-25 15:00 - 2014-05-25 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-05-25 14:24 - 2011-05-28 16:47 - 00001466 _____ () C:\Users\Namastang\Documents\infstv.txt
2014-05-25 14:14 - 2012-08-01 16:24 - 00038329 _____ () C:\Users\Namastang\Documents\hol.txt
2014-05-24 16:48 - 2014-05-22 03:40 - 00063384 _____ () C:\Users\Namastang\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-24 16:47 - 2014-05-22 16:11 - 00280384 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-23 17:49 - 2014-05-21 02:31 - 00000000 ____D () C:\Users\Namastang\Documents\New folder (2)
2014-05-23 03:54 - 2014-04-23 18:46 - 00011481 _____ () C:\Users\Namastang\Documents\ftbl14.txt
2014-05-23 03:08 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-05-22 18:54 - 2010-07-08 01:28 - 00000000 ____D () C:\Program Files (x86)\Temp
2014-05-22 18:53 - 2014-05-22 18:37 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-22 18:46 - 2010-07-08 01:28 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-05-22 18:36 - 2010-07-10 19:03 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2014-05-22 04:17 - 2012-11-24 20:15 - 00004791 _____ () C:\Users\Namastang\Documents\sppghl.txt
2014-05-21 15:15 - 2013-04-30 18:25 - 00000258 __RSH () C:\Users\Namastang\ntuser.pol
2014-05-21 15:15 - 2010-11-26 15:48 - 00000000 ___RD () C:\Users\Namastang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-21 15:11 - 2014-04-27 22:28 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-21 15:07 - 2013-07-09 22:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-21 15:03 - 2011-03-21 23:23 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-21 03:36 - 2010-07-10 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-05-20 20:02 - 2013-10-02 02:04 - 00001693 _____ () C:\Users\Namastang\Documents\pxkpz.txt
2014-05-20 01:15 - 2014-02-02 04:02 - 00000936 _____ () C:\Users\Namastang\Documents\sttcty.txt
2014-05-15 21:21 - 2014-04-20 02:54 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 09:10 - 2012-06-13 15:43 - 00019435 _____ () C:\Users\Namastang\Documents\volt10s.txt
2014-05-15 06:14 - 2014-04-20 02:43 - 00000000 ____D () C:\Users\Namastang\AppData\Roaming\Adobe
2014-05-15 06:09 - 2010-11-26 15:48 - 00000000 ____D () C:\Users\Namastang\AppData\Local\Hewlett-Packard
2014-05-15 00:52 - 2014-05-15 00:52 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-15 00:52 - 2014-05-15 00:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-15 00:52 - 2014-05-15 00:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-14 11:37 - 2014-05-22 18:52 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-05-14 09:00 - 2014-05-22 18:52 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-05-13 16:13 - 2010-07-08 01:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-05-12 14:50 - 2012-12-31 20:11 - 00034816 _____ () C:\Users\Namastang\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-12 13:11 - 2014-05-22 18:52 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-05-12 00:18 - 2014-05-12 00:18 - 00034271 _____ () C:\Users\Namastang\Documents\gunday_english-910751.zip
2014-05-10 13:50 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-10 03:43 - 2014-05-10 03:37 - 00044544 _____ () C:\Users\Namastang\Documents\brdcastformats.xls
2014-05-10 01:03 - 2013-12-13 06:29 - 00000000 ____D () C:\Users\Namastang\Desktop\New folder (8)

Some content of TEMP:
====================
C:\Users\Namastang\AppData\Local\Temp\avgnt.exe
C:\Users\Namastang\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-08 20:09

==================== End Of Log ============================



#8 wolfsxs997

wolfsxs997
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 09 June 2014 - 01:30 PM

Here's another log.

Attached Files



#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,924 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:13 AM

Posted 10 June 2014 - 07:09 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} -  No File
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} -  No File
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - No Name - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll No File
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
S3 HMPnoxaT; C:\Windows\SysWow64\Drivers\HMPnoxaT.sys [35712 2013-10-20] () [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
C:\Users\Namastang\AppData\Local\Temp\avgnt.exe
C:\Users\Namastang\AppData\Local\Temp\Quarantine.exe
AlternateDataStreams: C:\ProgramData\Temp:5C321E34

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Let me know if the problem persists.

#10 wolfsxs997

wolfsxs997
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 10 June 2014 - 04:18 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-06-2014
Ran by Namastang at 2014-06-10 14:15:27 Run:1
Running from C:\Users\Namastang\Desktop\FRST
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} -  No File
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} -  No File
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - No Name - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll No File
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
S3 HMPnoxaT; C:\Windows\SysWow64\Drivers\HMPnoxaT.sys [35712 2013-10-20] () [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
C:\Users\Namastang\AppData\Local\Temp\avgnt.exe
C:\Users\Namastang\AppData\Local\Temp\Quarantine.exe
AlternateDataStreams: C:\ProgramData\Temp:5C321E34

End
*****************

'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}' => Key deleted successfully.
'HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}' => Key deleted successfully.
'HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}' => Key deleted successfully.
'HKCR\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}' => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
'HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}'=> Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
'HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
'HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}'=> Key not found.
'HKCR\PROTOCOLS\Handler\linkscanner' => Key deleted successfully.
'HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}' => Key deleted successfully.
'HKCR\Wow6432Node\PROTOCOLS\Handler\linkscanner'=> Key not found.
'HKCR\Wow6432Node\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}' => Key deleted successfully.
'HKLM\Software\Wow6432Node\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1' => Key deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\fmconverter@gmail.com => value deleted successfully.
C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ => Moved successfully.
HMPnoxaT => Service deleted successfully.
catchme => Service deleted successfully.
cleanhlp => Service deleted successfully.
MREMP50 => Service deleted successfully.
MREMP50a64 => Service deleted successfully.
MREMPR5 => Service deleted successfully.
MRENDIS5 => Service deleted successfully.
MRESP50 => Service deleted successfully.
MRESP50a64 => Service deleted successfully.
C:\Users\Namastang\AppData\Local\Temp\avgnt.exe => Moved successfully.
"C:\Users\Namastang\AppData\Local\Temp\Quarantine.exe" => File/Directory not found.
C:\ProgramData\Temp => ":5C321E34" ADS removed successfully.

==== End of Fixlog ====



#11 wolfsxs997

wolfsxs997
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 10 June 2014 - 05:46 PM

I'm still getting an error when checking Windows update again. Here's the security scan.

 

 

Results of screen317's Security Check version 0.99.84  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player 13.0.0.214  
 Adobe Reader XI  
 Mozilla Firefox (29.0.1)
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 22% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 



#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,924 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:13 AM

Posted 11 June 2014 - 08:07 AM

Do these repairs.

Following steps involve registry editing. Please create new restore point before proceeding!!!
How to:
XP - http://support.microsoft.com/kb/948247
Vista and Seven - http://windows.microsoft.com/en-gb/windows7/create-a-restore-point
Windows 8 - http://www.eightforums.com/tutorials/4690-restore-point-create-windows-8-a.html

Download this program to your desktop.
Tweaking.com - Windows Repair
http://www.bleepingcomputer.com/download/windows-repair-all-in-one-portable/


Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark the following options only.

01 - Reset Registry Permissions
02 - Reset File Permissions
03 - Reset Service permissions
04 - Register System Files
05 - Repair WMI
10 - Remove Policies Set By Infections
13 - Repair Winsock & DNS Cache
14 - Remove Temp Files
15 - Repair Proxy Settings
17 - Repair Windows Updates
21 - Repair MSI (Windows Installer)
26 - Restore Important Windows Services
27 - Set Windows Services to Default Startup
  • Checkmark Restart System When Finished option
  • click the Start button
  • System should restart after repair
  • What issues remains?



#13 wolfsxs997

wolfsxs997
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 11 June 2014 - 10:13 AM

During the repair, HP message service stopped working. I clicked on Windows Update, interrupted with the same error code 80073712.



#14 wolfsxs997

wolfsxs997
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 11 June 2014 - 10:19 AM

Error when synchorizing with the time servers.



#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,924 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:13 AM

Posted 11 June 2014 - 01:13 PM



Since the SFC.exe does not complete run the System Update Readiness tool.
Go to http://support.microsoft.com/kb/947821

Look under this section.

Windows 7, Windows Vista, Windows Server 2008 R2 or Windows Server 2008

To resolve this problem, use the System Update Readiness tool. Then, install the Windows update or service pack again.

Make sure you download the tool for you Operating system.

Follow the instructions to download and install the program.

Keep me posted.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users