Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't extract printer driver


  • This topic is locked This topic is locked
11 replies to this topic

#1 KWR5

KWR5

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 19 December 2014 - 06:22 PM

Running windows 7 64 bit on a Gateway. This computer is new to me. It has had little use and was empty of pictures, documents etc when I recieved it. It did need to update windows, 145 updates! I have emisoft anti malware and malwarebytes and avast. I have also run combofix.

 

I tried a few spyware programs, one found 5 infections (all spyware cookies) but none would remove them without paying. The computer is a little slow, has been from the beginning. I was able to load my epson scanner. I am trying to install a HP deskjet d1660.

Thank you for any help.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17496
Run by User at 18:07:22 on 2014-12-19
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2795.1281 [GMT -5:00]
.
AV: Emsisoft Anti-Malware *Enabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Emsisoft Anti-Malware *Enabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [emsisoft anti-malware] "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{F27D3E3B-39B6-41E2-A1A8-1F38244209D0} : DHCPNameServer = 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4ff0f1bj.default\
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-11-22 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-11-22 267632]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2014-12-18 26176]
R1 a2injectiondriver;a2injectiondriver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [2014-12-18 45208]
R1 a2util;a-squared Malware-IDS utility driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [2014-12-18 23088]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2014-11-22 1050432]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-11-22 436624]
R2 a2AntiMalware;Emsisoft Protection Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2014-12-18 4907232]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-11-22 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-11-22 83280]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-11-22 116728]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-22 50344]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-22 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-22 969016]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-11-27 4799760]
R3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2014-12-18 71472]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2014-9-30 46136]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-12-23 115216]
R3 cleanhlp;cleanhlp;C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [2014-12-18 57024]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-12-22 138024]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-12-22 76912]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-11-22 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-11-23 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-11-22 63704]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2014-9-30 38528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-9 114688]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-12-22 246376]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-11-22 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-8-15 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-11-27 1255736]
S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-12-23 203776]
S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-11-18 354304]
S4 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17 194496]
S4 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-1-5 310864]
S4 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2010-12-22 868224]
S4 GREGService;GREGService;C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe [2010-1-8 23584]
S4 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [2010-11-11 257344]
S4 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2010-12-22 243232]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-12-19 22:36:13 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E1D4C0C0-6187-4E5E-BD4D-E4CC88BB8564}\mpengine.dll
2014-12-19 00:03:55 -------- d-----w- C:\Program Files\Enigma Software Group
2014-12-18 02:30:12 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-12-18 02:30:11 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-12-17 04:28:47 -------- d-sh--w- C:\$RECYCLE.BIN
2014-12-17 01:59:11 -------- d-----w- C:\Program Files (x86)\IrfanView
2014-12-16 22:57:39 -------- d-----w- C:\Users\User\AppData\Local\Cyberlink
2014-12-16 02:52:32 208896 ----a-w- C:\Windows\MBR.exe
2014-12-16 02:52:31 98816 ----a-w- C:\Windows\sed.exe
2014-12-16 02:52:31 256000 ----a-w- C:\Windows\PEV.exe
2014-12-14 03:48:37 -------- d-----w- C:\Program Files\CCleaner
2014-12-11 13:14:46 -------- d-----w- C:\Windows\System32\appraiser
2014-12-11 12:51:47 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
2014-12-11 12:51:47 2048 ----a-w- C:\Windows\System32\mferror.dll
2014-12-11 12:51:46 24576 ----a-w- C:\Windows\System32\mfpmp.exe
2014-12-11 12:51:45 55808 ----a-w- C:\Windows\System32\rrinstaller.exe
2014-12-11 12:51:44 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2014-12-11 12:51:42 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2014-12-11 12:51:40 103424 ----a-w- C:\Windows\SysWow64\mfps.dll
2014-12-11 12:51:39 206848 ----a-w- C:\Windows\System32\mfps.dll
2014-12-11 12:51:37 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-12-11 12:51:29 4121600 ----a-w- C:\Windows\System32\mf.dll
2014-12-10 00:49:29 -------- d-----w- C:\Users\User\AppData\Roaming\OpenOffice
2014-12-09 20:37:23 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2014-12-09 20:37:22 830976 ----a-w- C:\Windows\System32\appraiser.dll
2014-12-09 20:37:21 192000 ----a-w- C:\Windows\System32\aepic.dll
2014-12-09 20:37:20 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2014-12-09 20:37:19 741376 ----a-w- C:\Windows\System32\invagent.dll
2014-12-09 20:37:14 413184 ----a-w- C:\Windows\System32\generaltel.dll
2014-12-09 20:37:14 396800 ----a-w- C:\Windows\System32\devinv.dll
2014-12-09 20:37:12 227328 ----a-w- C:\Windows\System32\aepdu.dll
2014-12-09 20:36:30 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-12-09 20:36:28 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-12-09 20:36:17 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-12-09 20:34:36 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-12-09 20:34:02 742400 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2014-12-09 20:32:53 10949120 ----a-w- C:\Program Files\Internet Explorer\F12Resources.dll
2014-12-02 23:16:50 -------- d-----w- C:\Users\User\AppData\Local\Apple Computer
2014-12-02 23:16:23 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2014-12-02 23:14:45 -------- d-----w- C:\Program Files\iPod
2014-12-02 23:14:39 -------- d-----w- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-02 23:14:39 -------- d-----w- C:\Program Files\iTunes
2014-12-02 23:14:39 -------- d-----w- C:\Program Files (x86)\iTunes
2014-12-02 23:12:27 -------- d-----w- C:\Users\User\AppData\Local\Apple
2014-12-02 23:10:47 -------- d-----w- C:\Program Files\Bonjour
2014-12-02 23:10:47 -------- d-----w- C:\Program Files (x86)\Bonjour
2014-12-02 03:09:21 -------- d-sh--w- C:\Users\User\AppData\Local\EmieBrowserModeList
2014-12-02 03:09:20 -------- d-sh--w- C:\Users\User\AppData\Local\EmieUserList
2014-12-02 03:09:20 -------- d-sh--w- C:\Users\User\AppData\Local\EmieSiteList
2014-12-01 00:42:16 -------- d-----w- C:\Users\User\AppData\Roaming\HpUpdate
2014-12-01 00:40:03 -------- d-----w- C:\Windows\Hewlett-Packard
2014-12-01 00:30:58 101376 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPWN7.DLL
2014-12-01 00:17:50 -------- d-----w- C:\Users\User\AppData\Local\ElevatedDiagnostics
2014-11-30 20:53:45 84992 ----a-w- C:\Windows\System32\esxwia8b.dll
2014-11-30 20:53:45 65793 ----a-w- C:\Windows\System32\esfw8b.bin
2014-11-30 20:53:45 4608 ----a-w- C:\Windows\System32\esxwiaml.dll
2014-11-30 20:53:45 207360 ----a-w- C:\Windows\System32\esxuin8b.dll
2014-11-30 20:53:45 204800 ----a-w- C:\Windows\SysWow64\esint8b.dll
2014-11-30 20:53:45 17408 ----a-w- C:\Windows\System32\esxcdev.dll
2014-11-30 20:53:45 128392 ----a-w- C:\Windows\System32\esdevapp.exe
2014-11-30 20:53:33 -------- d-----w- C:\Program Files (x86)\epson
2014-11-28 03:11:30 -------- d-----w- C:\Users\User\AppData\Roaming\TeamViewer
2014-11-28 00:50:53 -------- d-----w- C:\Program Files (x86)\TeamViewer
2014-11-27 17:44:44 -------- d-----w- C:\Users\User\AppData\Local\Windows Live
2014-11-27 16:23:32 -------- d-----w- C:\Windows\SysWow64\Wat
2014-11-27 16:23:31 -------- d-----w- C:\Windows\System32\Wat
2014-11-27 13:07:22 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2014-11-27 13:07:21 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2014-11-27 01:39:58 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-11-27 01:39:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-11-27 01:39:25 2565632 ----a-w- C:\Windows\System32\esent.dll
2014-11-27 01:39:23 96768 ----a-w- C:\Windows\System32\fsutil.exe
2014-11-27 01:39:21 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2014-11-27 01:39:19 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2014-11-27 01:39:18 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2014-11-27 01:39:17 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2014-11-27 01:39:15 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2014-11-27 01:39:14 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2014-11-27 01:39:12 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2014-11-27 01:33:14 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2014-11-27 01:33:11 67072 ----a-w- C:\Windows\splwow64.exe
2014-11-26 22:49:25 -------- d-----w- C:\Users\User\AppData\Local\Adobe
2014-11-26 22:43:29 -------- d-----w- C:\Users\User\AppData\Roaming\CANON INC
2014-11-26 22:32:04 -------- d-----w- C:\Users\User\AppData\Roaming\Canon_Inc_IC
2014-11-26 22:30:53 -------- d-----w- C:\Program Files (x86)\Common Files\Canon_Inc_IC
2014-11-26 22:28:58 -------- d-----w- C:\ProgramData\Canon_Inc_IC
2014-11-26 22:05:22 -------- d-----w- C:\Users\User\AppData\Roaming\NCH Software
2014-11-26 22:05:03 -------- d-----w- C:\Program Files (x86)\NCH Software
2014-11-26 08:59:49 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-11-26 08:59:49 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-11-26 08:59:44 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-11-26 08:59:41 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-11-26 07:43:39 -------- d-----w- C:\Windows\Migration
2014-11-26 06:40:47 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll
2014-11-26 06:40:03 645120 ----a-w- C:\Windows\SysWow64\jsIntl.dll
2014-11-26 06:40:03 235008 ----a-w- C:\Windows\System32\elshyph.dll
2014-11-26 06:40:02 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-11-26 06:40:02 182272 ----a-w- C:\Windows\SysWow64\msls31.dll
2014-11-26 05:58:38 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-11-26 03:23:34 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2014-11-25 23:23:00 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-11-25 22:24:39 259584 ----a-w- C:\Windows\System32\WebClnt.dll
2014-11-25 22:24:38 205824 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2014-11-25 22:24:37 102400 ----a-w- C:\Windows\System32\davclnt.dll
2014-11-25 22:24:36 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll
2014-11-25 22:24:34 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2014-11-25 22:24:26 209920 ----a-w- C:\Windows\System32\profsvc.dll
2014-11-25 22:22:13 335360 ----a-w- C:\Windows\System32\msieftp.dll
2014-11-25 22:22:12 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2014-11-25 22:20:50 633856 ----a-w- C:\Windows\System32\comctl32.dll
2014-11-25 22:20:46 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2014-11-25 22:19:29 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2014-11-25 22:19:29 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2014-11-25 22:19:28 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2014-11-25 22:19:28 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2014-11-25 22:19:02 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2014-11-25 22:19:01 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2014-11-25 22:18:23 224256 ----a-w- C:\Windows\System32\wintrust.dll
2014-11-25 22:18:21 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2014-11-25 22:16:24 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2014-11-25 22:16:20 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2014-11-25 22:16:13 1118720 ----a-w- C:\Windows\System32\sbe.dll
2014-11-25 22:16:11 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
2014-11-25 22:16:08 850944 ----a-w- C:\Windows\SysWow64\sbe.dll
2014-11-25 22:16:07 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2014-11-25 22:15:22 1572864 ----a-w- C:\Windows\System32\quartz.dll
2014-11-25 22:15:20 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2014-11-25 22:14:42 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2014-11-25 22:14:40 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2014-11-25 22:12:57 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll
2014-11-25 22:12:56 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe
2014-11-25 22:12:54 75264 ----a-w- C:\Windows\System32\msscntrs.dll
2014-11-25 22:12:54 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll
2014-11-25 22:12:50 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll
2014-11-25 22:11:39 1719296 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2014-11-25 22:11:37 1380864 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2014-11-25 22:11:37 1354240 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2014-11-25 22:11:36 1389568 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2014-11-25 22:11:34 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-11-25 22:11:28 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2014-11-25 22:11:27 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2014-11-25 22:11:26 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2014-11-25 22:11:20 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-11-25 22:11:19 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-11-25 22:10:58 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2014-11-25 22:10:57 395776 ----a-w- C:\Windows\System32\webio.dll
2014-11-25 22:10:41 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-11-25 22:10:40 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-11-25 22:07:45 156824 ----a-w- C:\Windows\SysWow64\mscorier.dll
2014-11-25 22:07:44 156312 ----a-w- C:\Windows\System32\mscorier.dll
2014-11-25 22:07:42 1131664 ----a-w- C:\Windows\SysWow64\dfshim.dll
2014-11-25 22:07:38 1943696 ----a-w- C:\Windows\System32\dfshim.dll
2014-11-25 22:07:31 73880 ----a-w- C:\Windows\System32\mscories.dll
2014-11-25 22:07:29 81560 ----a-w- C:\Windows\SysWow64\mscories.dll
2014-11-25 13:08:45 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2014-11-25 13:08:44 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2014-11-25 13:08:42 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2014-11-25 13:08:39 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2014-11-25 13:08:38 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2014-11-25 13:08:36 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2014-11-25 13:07:40 484864 ----a-w- C:\Windows\System32\wer.dll
2014-11-25 13:07:40 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-11-25 13:06:58 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-11-25 13:06:57 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-11-25 13:06:56 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-11-25 13:06:54 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2014-11-25 13:06:53 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2014-11-25 13:06:28 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-11-25 13:06:25 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-11-25 13:06:24 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-11-25 13:06:15 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-11-25 13:06:14 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-11-25 13:05:04 515584 ----a-w- C:\Windows\System32\timedate.cpl
2014-11-25 13:05:01 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2014-11-25 13:04:48 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2014-11-25 13:04:44 1389056 ----a-w- C:\Windows\SysWow64\msxml6.dll
2014-11-25 13:04:40 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2014-11-25 13:04:39 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2014-11-25 13:04:29 78680 ----a-w- C:\Windows\System32\mcupdate_AuthenticAMD.dll
2014-11-25 13:02:25 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2014-11-25 13:02:24 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2014-11-25 13:00:42 197120 ----a-w- C:\Windows\System32\credui.dll
2014-11-25 12:59:58 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2014-11-25 12:58:57 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2014-11-25 12:56:06 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2014-11-25 12:56:04 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2014-11-25 12:55:54 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2014-11-25 12:55:22 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-11-25 12:55:17 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2014-11-25 12:55:16 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2014-11-25 12:55:16 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2014-11-25 12:55:09 185344 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
2014-11-25 12:55:09 100864 ----a-w- C:\Windows\System32\drivers\usbcir.sys
2014-11-25 12:49:46 478208 ----a-w- C:\Windows\System32\dpnet.dll
2014-11-25 12:49:44 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2014-11-25 12:44:20 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2014-11-25 12:44:20 6656 ----a-w- C:\Windows\System32\apisetschema.dll
2014-11-25 12:41:58 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2014-11-25 12:38:38 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2014-11-25 12:38:38 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2014-11-25 12:38:35 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2014-11-25 12:37:28 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-11-25 12:37:26 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-11-25 12:36:36 878080 ----a-w- C:\Windows\System32\IMJP10K.DLL
2014-11-25 12:36:33 701440 ----a-w- C:\Windows\SysWow64\IMJP10K.DLL
2014-11-25 12:35:06 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-11-25 12:35:05 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2014-11-25 12:35:04 144384 ----a-w- C:\Windows\System32\cdd.dll
2014-11-25 12:33:08 327168 ----a-w- C:\Windows\System32\mswsock.dll
2014-11-25 12:33:02 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2014-11-25 12:32:12 45568 ----a-w- C:\Windows\SysWow64\oflc-nz.rs
2014-11-25 12:32:12 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2014-11-25 12:32:11 43520 ----a-w- C:\Windows\SysWow64\csrr.rs
2014-11-25 12:32:11 43520 ----a-w- C:\Windows\System32\csrr.rs
2014-11-25 12:32:07 46592 ----a-w- C:\Windows\SysWow64\fpb.rs
2014-11-25 12:32:07 46592 ----a-w- C:\Windows\System32\fpb.rs
2014-11-25 12:32:05 40960 ----a-w- C:\Windows\SysWow64\cob-au.rs
2014-11-25 12:32:04 40960 ----a-w- C:\Windows\System32\cob-au.rs
2014-11-25 12:32:03 44544 ----a-w- C:\Windows\SysWow64\pegibbfc.rs
2014-11-25 12:32:02 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2014-11-25 12:32:00 30720 ----a-w- C:\Windows\SysWow64\usk.rs
2014-11-25 12:32:00 30720 ----a-w- C:\Windows\System32\usk.rs
2014-11-25 12:29:51 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2014-11-25 12:29:47 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2014-11-25 03:29:16 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2014-11-25 03:28:57 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2014-11-25 00:25:14 878080 ----a-w- C:\Windows\System32\advapi32.dll
2014-11-25 00:25:12 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2014-11-25 00:25:11 859648 ----a-w- C:\Windows\System32\tdh.dll
2014-11-25 00:25:09 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2014-11-25 00:25:08 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2014-11-25 00:25:05 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2014-11-25 00:04:00 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2014-11-24 23:59:49 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-11-24 23:58:59 19328 ----a-w- C:\Windows\System32\kd1394.dll
2014-11-24 23:58:58 20352 ----a-w- C:\Windows\System32\kdusb.dll
2014-11-24 23:58:56 642944 ----a-w- C:\Windows\System32\winload.efi
2014-11-24 23:58:56 17792 ----a-w- C:\Windows\System32\kdcom.dll
2014-11-24 23:57:22 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-11-24 23:57:21 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
2014-11-24 23:57:11 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-11-24 23:57:08 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-11-24 23:57:08 1941504 ----a-w- C:\Windows\System32\authui.dll
2014-11-24 23:57:07 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
2014-11-24 23:57:06 70144 ----a-w- C:\Windows\System32\appinfo.dll
2014-11-24 23:57:06 112064 ----a-w- C:\Windows\System32\consent.exe
2014-11-24 23:57:05 504320 ----a-w- C:\Windows\System32\msihnd.dll
2014-11-24 23:57:04 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2014-11-24 23:56:27 1192448 ----a-w- C:\Windows\System32\certutil.exe
2014-11-24 23:56:25 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2014-11-24 23:56:21 52224 ----a-w- C:\Windows\System32\certenc.dll
2014-11-24 23:56:21 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2014-11-24 23:55:43 150016 ----a-w- C:\Windows\System32\wshom.ocx
2014-11-24 23:55:43 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2014-11-24 23:55:42 202752 ----a-w- C:\Windows\System32\scrrun.dll
2014-11-24 23:55:42 156160 ----a-w- C:\Windows\System32\cscript.exe
2014-11-24 23:55:41 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2014-11-24 23:55:40 168960 ----a-w- C:\Windows\System32\wscript.exe
2014-11-24 23:55:40 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2014-11-24 23:55:39 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2014-11-24 23:55:12 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2014-11-24 23:54:10 956928 ----a-w- C:\Windows\System32\localspl.dll
2014-11-24 23:54:02 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-11-24 23:54:01 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-11-24 23:53:52 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2014-11-24 23:53:44 331776 ----a-w- C:\Windows\System32\oleacc.dll
2014-11-24 23:53:44 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2014-11-24 23:53:33 723456 ----a-w- C:\Windows\System32\EncDec.dll
2014-11-24 23:53:31 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2014-11-24 23:53:28 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-11-24 23:53:27 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-11-24 23:52:28 751104 ----a-w- C:\Windows\System32\win32spl.dll
2014-11-24 23:52:26 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2014-11-24 23:52:22 68608 ----a-w- C:\Windows\System32\taskhost.exe
2014-11-24 23:51:35 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2014-11-24 23:51:35 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2014-11-24 23:50:38 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2014-11-24 23:50:37 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2014-11-24 23:50:35 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2014-11-24 23:50:33 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2014-11-24 23:50:32 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2014-11-24 23:48:22 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2014-11-24 23:48:22 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2014-11-24 23:48:07 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-11-24 23:48:05 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-11-24 23:48:05 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-11-24 23:48:04 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-11-24 23:48:02 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-11-24 23:48:01 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-11-24 23:48:01 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-11-24 23:48:00 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-11-24 23:48:00 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-11-24 23:48:00 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-11-24 23:47:55 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-11-24 23:47:55 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-11-24 23:47:01 77824 ----a-w- C:\Windows\System32\packager.dll
2014-11-24 23:47:00 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-11-24 23:45:10 59392 ----a-w- C:\Windows\System32\browcli.dll
2014-11-24 23:45:10 136704 ----a-w- C:\Windows\System32\browser.dll
2014-11-24 23:45:07 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2014-11-24 23:45:00 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-11-24 23:44:09 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-11-24 23:44:08 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-11-24 23:44:07 215040 ----a-w- C:\Windows\System32\winsrv.dll
2014-11-24 23:44:06 338432 ----a-w- C:\Windows\System32\conhost.exe
2014-11-24 23:44:04 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-11-24 23:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-11-24 23:44:02 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-11-24 23:44:01 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-11-24 23:44:00 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-11-24 23:44:00 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-11-24 23:42:58 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2014-11-24 23:42:49 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2014-11-24 23:42:47 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2014-11-24 23:42:28 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2014-11-24 23:42:25 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2014-11-24 23:42:18 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2014-11-24 23:42:13 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2014-11-24 23:42:01 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
2014-11-24 23:42:01 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2014-11-24 23:40:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-11-24 23:40:42 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-11-24 13:06:13 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2014-11-24 13:06:12 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2014-11-24 13:06:05 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2014-11-24 13:06:04 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2014-11-24 13:05:52 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2014-11-24 13:05:50 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2014-11-24 13:05:47 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2014-11-24 12:46:51 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2014-11-24 12:46:43 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2014-11-24 12:46:43 5120 ----a-w- C:\Windows\System32\wmi.dll
2014-11-24 12:37:26 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2014-11-24 12:37:25 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2014-11-24 12:37:24 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2014-11-24 12:37:23 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2014-11-24 12:37:14 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-11-24 12:37:14 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-11-24 12:35:02 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-11-24 12:35:02 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-11-23 23:46:50 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-23 23:45:59 -------- d-----w- C:\Users\User\AppData\Local\CrashDumps
2014-11-23 23:30:11 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2014-11-23 23:30:09 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2014-11-23 23:30:05 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2014-11-23 23:21:19 -------- d-----w- C:\ProgramData\Emsisoft
2014-11-23 23:07:14 -------- d-----w- C:\Users\User\AppData\Roaming\IrfanView
2014-11-23 23:06:46 2620928 ----a-w- C:\Windows\System32\wucltux.dll
2014-11-23 23:06:08 97792 ----a-w- C:\Windows\System32\wudriver.dll
2014-11-23 23:06:08 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2014-11-23 23:05:44 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2014-11-23 23:05:44 198600 ----a-w- C:\Windows\System32\wuwebv.dll
2014-11-23 23:05:44 179656 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2014-11-23 23:05:43 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-11-23 13:51:27 -------- d-----w- C:\Users\User\AppData\Local\Disconnect Desktop
2014-11-23 13:49:00 -------- d-----w- C:\ProgramData\Caphyon
2014-11-23 04:52:18 -------- d-----w- C:\Program Files (x86)\Disconnect
2014-11-23 04:49:56 -------- d-----w- C:\Users\User\AppData\Roaming\Disconnect
2014-11-23 04:33:40 -------- d-----w- C:\Program Files (x86)\OpenOffice 4
2014-11-23 01:37:55 -------- d-----w- C:\Windows\System32\SPReview
2014-11-23 01:35:37 -------- d-----w- C:\Windows\System32\EventProviders
2014-11-23 01:15:41 -------- d-----w- C:\Users\User\AppData\Local\Hewlett-Packard
2014-11-23 01:14:41 -------- d-----w- C:\Program Files (x86)\Hp
2014-11-23 01:04:21 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware
2014-11-23 00:57:07 48976 ----a-w- C:\Windows\System32\netfxperf.dll
2014-11-23 00:56:28 59392 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2014-11-23 00:56:27 12288 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2014-11-23 00:56:25 14967808 ----a-w- C:\Program Files\DVD Maker\OmdBase.dll
2014-11-23 00:56:08 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2014-11-23 00:56:08 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2014-11-23 00:56:07 1743360 ----a-w- C:\Windows\System32\sysmain.dll
2014-11-23 00:54:59 1115136 ----a-w- C:\Windows\SysWow64\RacEngn.dll
2014-11-23 00:53:59 2522624 ----a-w- C:\Windows\SysWow64\dbgeng.dll
2014-11-23 00:52:59 864256 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll
2014-11-23 00:50:59 59904 ----a-w- C:\Windows\SysWow64\fdeploy.dll
2014-11-23 00:49:59 71168 ----a-w- C:\Windows\bfsvc.exe
2014-11-23 00:48:59 26624 ----a-w- C:\Windows\System32\drivers\tdi.sys
2014-11-23 00:47:54 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui
2014-11-23 00:47:54 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
2014-11-23 00:47:49 399872 ----a-w- C:\Windows\System32\dpx.dll
2014-11-23 00:47:49 189952 ----a-w- C:\Windows\SysWow64\wdscore.dll
2014-11-23 00:46:55 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2014-11-23 00:46:55 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2014-11-23 00:43:11 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2014-11-23 00:37:10 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-11-23 00:30:37 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-23 00:30:36 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-23 00:30:36 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-23 00:30:35 -------- d-----w- C:\ProgramData\Malwarebytes
2014-11-23 00:30:35 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-23 00:29:53 -------- d-----w- C:\Users\User\AppData\Local\Programs
2014-11-23 00:27:29 -------- d-----w- C:\Users\User\AppData\Roaming\AVAST Software
2014-11-23 00:26:22 116728 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-11-23 00:26:20 267632 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-11-23 00:26:19 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-11-23 00:26:18 83280 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-11-23 00:26:17 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-11-23 00:26:15 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-11-23 00:26:12 1050432 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-11-23 00:25:53 43152 ----a-w- C:\Windows\avastSS.scr
2014-11-23 00:23:25 -------- d-----w- C:\Program Files\AVAST Software
2014-11-23 00:22:12 -------- d-----w- C:\ProgramData\AVAST Software
2014-11-23 00:17:56 -------- d-----w- C:\Users\User\AppData\Local\Google
2014-11-23 00:00:47 -------- d-----w- C:\Users\User\AppData\Local\Diagnostics
.
==================== Find3M  ====================
.
2014-11-26 05:58:38 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-11-23 02:47:22 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2014-11-23 02:47:17 175616 ----a-w- C:\Windows\System32\msclmd.dll
2014-11-22 03:06:23 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:10 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:29 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\Windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-03 02:12:23 310272 ----a-w- C:\Windows\System32\WsmWmiPl.dll
2014-10-03 02:12:23 2020352 ----a-w- C:\Windows\System32\WsmSvc.dll
2014-10-03 02:12:22 346624 ----a-w- C:\Windows\System32\WSManMigrationPlugin.dll
2014-10-03 02:12:22 181248 ----a-w- C:\Windows\System32\WsmAuto.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 02:11:49 266240 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe
2014-10-03 01:45:03 248832 ----a-w- C:\Windows\SysWow64\WSManMigrationPlugin.dll
2014-10-03 01:45:03 214016 ----a-w- C:\Windows\SysWow64\WsmWmiPl.dll
2014-10-03 01:45:03 145920 ----a-w- C:\Windows\SysWow64\WsmAuto.dll
2014-10-03 01:45:03 1177088 ----a-w- C:\Windows\SysWow64\WsmSvc.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-03 01:44:25 198656 ----a-w- C:\Windows\SysWow64\WSManHTTPConfig.exe
2014-09-30 21:54:51 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2014-09-30 21:54:50 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2014-09-30 21:54:50 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2014-09-30 21:53:36 0 ----a-w- C:\Windows\ativpsrm.bin
2014-09-30 21:39:35 3 ----a-w- C:\Windows\System32\PLD_Framework.cmd
.
============= FINISH: 18:11:25.66 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:09 PM

Posted 24 December 2014 - 03:34 PM

Hello and Welcome on board ,

my Name is Machiavelli and I will assist you with your problem.
If you booted into safe mode on your computer then print my instructions!
I'm in the 'Malware Staff Team' and will provide you with advice:

To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.

Below are a few tips:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
 

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 KWR5

KWR5
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 25 December 2014 - 05:00 PM

Addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-12-2014
Ran by kim at 2014-12-25 16:55:39
Running from C:\Users\kim\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Emsisoft Anti-Malware (Disabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Disabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.249.2 - Broadcom Corporation)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Qualcomm Atheros Fast Reconnect (HKLM-x32\...\{0CA2063D-D43F-41F2-A8AC-A3C4A4C722D2}) (Version: 1.0 - QualComm Atheros)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.10.0909 - REALTEK Semiconductor Corp.)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
24-12-2014 17:54:27 Installed REALTEK PCIE Wireless LAN Driver
24-12-2014 17:58:00 Installed Qualcomm Atheros Fast Reconnect
24-12-2014 18:07:02 Windows Update
24-12-2014 18:23:20 Windows Update
24-12-2014 18:38:45 avast! antivirus system restore point
24-12-2014 19:19:49 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
24-12-2014 19:22:55 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
24-12-2014 19:25:32 Installed OpenOffice 4.1.1
24-12-2014 23:11:09 Installed Windows 7 USB/DVD Download Tool
25-12-2014 13:31:44 Installed HP Support Solutions Framework
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {5ADAF7CB-9FF8-4E61-90D1-54F003D69DC8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-24] (Google Inc.)
Task: {92247E0F-ABDE-4FB0-96DB-A206751D38AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-24] (Google Inc.)
Task: {B58D4063-8613-4436-B571-71302F69B3FD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-24] (AVAST Software)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-12-25 08:15 - 2014-12-25 08:15 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122500\algo.dll
2014-12-25 16:39 - 2014-12-25 16:39 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122501\algo.dll
2014-12-24 18:41 - 2014-12-24 18:41 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-24 18:42 - 2014-12-05 20:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-24 18:42 - 2014-12-05 20:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-24 18:42 - 2014-12-05 20:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-24 18:42 - 2014-12-05 20:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-24 18:42 - 2014-12-05 20:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-302902420-2564238836-351937433-500 - Administrator - Disabled)
Guest (S-1-5-21-302902420-2564238836-351937433-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-302902420-2564238836-351937433-1002 - Limited - Enabled)
kim (S-1-5-21-302902420-2564238836-351937433-1000 - Administrator - Enabled) => C:\Users\kim
 
==================== Faulty Device Manager Devices =============
 
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/24/2014 06:32:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2014 06:21:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (12/24/2014 06:09:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (12/24/2014 06:05:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2014 07:55:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2014 10:37:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (12/25/2014 04:39:09 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (12/25/2014 08:12:25 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (12/24/2014 10:41:27 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
 
Error: (12/24/2014 09:26:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ZAtheros Wlan Agent service.
 
Error: (12/24/2014 06:04:36 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "KIM-PC         :0" could not be registered on the interface with IP address 192.168.1.18.
The computer with the IP address 192.168.1.25 did not allow the name to be claimed by
this computer.
 
Error: (12/24/2014 06:04:36 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "KIM-PC         :20" could not be registered on the interface with IP address 192.168.1.18.
The computer with the IP address 192.168.1.25 did not allow the name to be claimed by
this computer.
 
Error: (12/24/2014 06:04:36 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{42B8A80A-3E48-4F40-B55C-987D3883607A} because another computer on the network has the same name.  The server could not start.
 
Error: (12/23/2014 11:37:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Search service terminated with the following error: 
%%6704
 
 
Microsoft Office Sessions:
=========================
Error: (12/24/2014 06:32:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2014 06:21:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (12/24/2014 06:09:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (12/24/2014 06:05:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2014 07:55:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2014 10:37:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Processor: AMD C-50 Processor
Percentage of memory in use: 77%
Total physical RAM: 2794.9 MB
Available physical RAM: 642.45 MB
Total Pagefile: 5588 MB
Available Pagefile: 2586.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (Gateway) (Fixed) (Total:282.99 GB) (Free:210.37 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 4E253182)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 
FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2014
Ran by kim (administrator) on KIM-PC on 25-12-2014 16:51:37
Running from C:\Users\kim\Downloads
Loaded Profile: kim (Available profiles: kim)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2014-12-24] (AVAST Software)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4954576 2014-12-01] (Emsisoft GmbH)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-302902420-2564238836-351937433-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-24]
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\kim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-24]
CHR Extension: (Google Docs) - C:\Users\kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-24]
CHR Extension: (Google Drive) - C:\Users\kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-24]
CHR Extension: (YouTube) - C:\Users\kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-24]
CHR Extension: (Google Search) - C:\Users\kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-24]
CHR Extension: (Google Sheets) - C:\Users\kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-24]
CHR Extension: (Avast Online Security) - C:\Users\kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-24]
CHR Extension: (Google Wallet) - C:\Users\kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-24]
CHR Extension: (Gmail) - C:\Users\kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-24]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4907232 2014-12-01] (Emsisoft GmbH)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-24] (AVAST Software)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-24] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-24] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-24] ()
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-25 16:51 - 2014-12-25 16:52 - 00009676 _____ () C:\Users\kim\Downloads\FRST.txt
2014-12-25 16:51 - 2014-12-25 16:51 - 00000000 ____D () C:\FRST
2014-12-25 16:50 - 2014-12-25 16:50 - 02122240 _____ (Farbar) C:\Users\kim\Downloads\FRST64.exe
2014-12-25 13:33 - 2014-12-25 13:33 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-12-25 13:33 - 2014-12-25 13:33 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-12-25 13:30 - 2014-12-25 13:31 - 05197824 _____ () C:\Users\kim\Downloads\HPSupportSolutionsFramework-en-11.51.0048.msi
2014-12-25 08:13 - 2014-12-25 08:13 - 00001897 _____ () C:\Users\kim\Desktop\IrfanView Thumbnails.lnk
2014-12-25 08:13 - 2014-12-25 08:13 - 00001005 _____ () C:\Users\kim\Desktop\IrfanView.lnk
2014-12-25 08:13 - 2014-12-25 08:13 - 00000000 ____D () C:\Users\kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-12-25 08:13 - 2014-12-25 08:13 - 00000000 ____D () C:\Users\kim\AppData\Roaming\IrfanView
2014-12-25 08:12 - 2014-12-25 08:13 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-12-24 23:36 - 2014-12-24 23:36 - 01898640 _____ (Irfan Skiljan) C:\Users\kim\Downloads\iview438_setup.exe
2014-12-24 23:12 - 2014-12-24 23:13 - 00000000 ____D () C:\Users\kim\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2014-12-24 23:12 - 2014-12-24 23:12 - 00002514 _____ () C:\Users\kim\Desktop\Windows 7 USB DVD Download Tool.lnk
2014-12-24 23:12 - 2014-12-24 23:12 - 00000000 ____D () C:\Users\kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-12-24 23:10 - 2014-12-24 23:10 - 02721168 _____ (Microsoft Corporation) C:\Users\kim\Downloads\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe
2014-12-24 19:31 - 2014-12-24 19:31 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-12-24 19:28 - 2014-12-24 19:29 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-12-24 19:28 - 2014-12-24 19:28 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-12-24 19:26 - 2014-12-24 19:27 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-12-24 19:18 - 2014-12-24 19:18 - 00000000 ____D () C:\Users\kim\Desktop\OpenOffice 4.1.1 (en-US) Installation Files
2014-12-24 19:06 - 2014-12-24 19:09 - 140852175 _____ () C:\Users\kim\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
2014-12-24 19:03 - 2014-12-24 19:03 - 00001098 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-12-24 19:03 - 2014-12-24 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-12-24 19:02 - 2014-12-25 16:48 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-12-24 18:57 - 2014-12-24 18:58 - 170741736 _____ (Emsisoft Ltd ) C:\Users\kim\Downloads\EmsisoftAntiMalwareSetup.exe
2014-12-24 18:54 - 2014-12-25 13:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-24 18:53 - 2014-12-24 18:53 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-24 18:53 - 2014-12-24 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-24 18:53 - 2014-12-24 18:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-24 18:53 - 2014-12-24 18:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-24 18:53 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-24 18:53 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-24 18:53 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-24 18:51 - 2014-12-24 18:51 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\kim\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-24 18:45 - 2014-12-24 18:45 - 00000000 ____D () C:\Users\kim\AppData\Roaming\AVAST Software
2014-12-24 18:43 - 2014-12-24 18:45 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-24 18:43 - 2014-12-24 18:43 - 00001971 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-24 18:43 - 2014-12-24 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-24 18:43 - 2014-12-24 18:43 - 00000000 ____D () C:\ProgramData\Google
2014-12-24 18:43 - 2014-12-24 18:43 - 00000000 ____D () C:\Program Files\Google
2014-12-24 18:42 - 2014-12-24 18:42 - 00002262 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-24 18:42 - 2014-12-24 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-24 18:41 - 2014-12-24 18:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-24 18:41 - 2014-12-24 18:49 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-24 18:41 - 2014-12-24 18:49 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-24 18:41 - 2014-12-24 18:49 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-24 18:41 - 2014-12-24 18:46 - 00000000 ____D () C:\Users\kim\AppData\Local\Google
2014-12-24 18:41 - 2014-12-24 18:43 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-24 18:41 - 2014-12-24 18:43 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-24 18:41 - 2014-12-24 18:41 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1419464622159
2014-12-24 18:41 - 2014-12-24 18:41 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-24 18:41 - 2014-12-24 18:41 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-24 18:41 - 2014-12-24 18:41 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-24 18:41 - 2014-12-24 18:41 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-24 18:41 - 2014-12-24 18:41 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-24 18:41 - 2014-12-24 18:41 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-24 18:41 - 2014-12-24 18:41 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-24 18:41 - 2014-12-24 18:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-24 18:41 - 2014-12-24 18:41 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-24 18:39 - 2014-12-24 18:39 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-24 18:38 - 2014-12-24 23:13 - 00063568 _____ () C:\Users\kim\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-24 18:38 - 2014-12-24 18:39 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-24 18:34 - 2014-12-24 18:34 - 00000000 ____D () C:\Users\kim\AppData\Roaming\Macromedia
2014-12-24 18:34 - 2014-12-24 18:34 - 00000000 ____D () C:\Users\kim\AppData\Roaming\Adobe
2014-12-24 18:33 - 2014-12-24 18:33 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-24 18:33 - 2014-12-24 18:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-24 18:33 - 2014-12-24 18:33 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-12-24 18:33 - 2014-12-24 18:33 - 00000000 ____D () C:\Windows\system32\Macromed
2014-12-24 18:30 - 2014-12-24 18:30 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-12-24 18:23 - 2012-02-17 01:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-12-24 18:23 - 2012-02-17 00:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-12-24 18:23 - 2012-02-16 23:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-12-24 18:23 - 2012-02-16 23:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-12-24 18:07 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-12-24 18:07 - 2014-05-14 11:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-12-24 18:07 - 2014-05-14 11:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-12-24 18:07 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-12-24 18:07 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-12-24 18:07 - 2014-05-14 11:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-12-24 18:07 - 2014-05-14 11:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-12-24 18:07 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-12-24 18:07 - 2014-05-14 11:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-12-24 18:07 - 2014-05-14 11:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-12-24 18:07 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-12-24 18:07 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-12-24 18:07 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-12-24 18:07 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-12-24 17:59 - 2014-12-24 17:59 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect
2014-12-24 17:58 - 2011-08-10 07:51 - 00067685 _____ () C:\Windows\system32\athrextx.cat
2014-12-24 17:58 - 2011-08-05 16:33 - 02768384 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2014-12-24 17:58 - 2011-08-05 16:33 - 02768384 _____ (Atheros Communications, Inc.) C:\Windows\system32\athrx.sys
2014-12-24 17:57 - 2014-12-24 17:57 - 00000000 ____D () C:\ProgramData\Qualcomm Atheros
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 ____D () C:\Users\kim\AppData\Roaming\InstallShield
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 ____D () C:\Program Files\Broadcom
2014-12-24 17:56 - 2014-12-24 17:55 - 00006656 _____ () C:\Windows\system32\bcmwlrc.dll
2014-12-24 17:55 - 2014-12-24 17:55 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-12-24 17:54 - 2014-12-24 17:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-24 17:54 - 2014-12-24 17:55 - 00000176 _____ () C:\Windows\RtlWlanInstall.log
2014-12-24 17:54 - 2014-12-24 17:55 - 00000000 ____D () C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver
2014-12-24 17:54 - 2010-12-03 13:31 - 01220712 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtl8192se.sys
2014-12-24 17:54 - 2009-02-05 02:49 - 00451072 _____ () C:\Windows\SysWOW64\ISSRemoveSP.exe
2014-12-24 17:53 - 2014-12-24 17:53 - 00000000 ____D () C:\Users\kim\Downloads\Wireless LAN_Realtek_2019.1.1203.2010_W7x86W7x64_A
2014-12-24 17:53 - 2014-12-24 17:53 - 00000000 ____D () C:\Users\kim\Downloads\Wireless LAN_Broadcom_5.100.249.2_W7x86W7x64_A
2014-12-24 17:52 - 2014-12-24 17:52 - 00000000 ____D () C:\Users\kim\Downloads\Wireless LAN_Atheros_9.2.0.439_W7x86W7x64_A
2014-12-24 07:44 - 2014-12-24 07:44 - 00001450 _____ () C:\Users\kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-24 07:44 - 2014-12-24 07:44 - 00001416 _____ () C:\Users\kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-12-24 07:44 - 2014-12-24 07:44 - 00000000 ____D () C:\Users\kim\AppData\Local\VirtualStore
2014-12-24 07:43 - 2014-12-24 07:44 - 00000000 ____D () C:\Users\kim
2014-12-24 07:43 - 2014-12-24 07:43 - 00000020 ___SH () C:\Users\kim\ntuser.ini
2014-12-24 07:43 - 2009-07-13 23:54 - 00000000 ___RD () C:\Users\kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-24 07:43 - 2009-07-13 23:49 - 00000000 ___RD () C:\Users\kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-23 23:32 - 2014-12-23 23:32 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-12-23 23:32 - 2014-12-23 23:32 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-12-23 23:31 - 2014-12-25 16:49 - 01499974 _____ () C:\Windows\WindowsUpdate.log
2014-12-23 23:31 - 2014-12-23 23:31 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-12-23 23:30 - 2014-12-23 23:30 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-12-23 23:27 - 2014-12-24 07:43 - 00000000 ____D () C:\Windows\Panther
2014-12-23 23:13 - 2014-12-23 23:13 - 00000000 ____D () C:\Windows.old.000
2014-12-23 22:00 - 2014-12-23 22:00 - 00000000 ____D () C:\Windows.old
2014-12-18 19:08 - 2014-12-18 19:08 - 00000000 _____ () C:\autoexec.bat
2014-12-16 23:28 - 2014-12-16 23:28 - 00024792 _____ () C:\ComboFix.txt
2014-12-15 21:51 - 2014-12-16 23:28 - 00000000 ____D () C:\Qoobox
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-25 08:19 - 2009-07-14 00:13 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-24 19:21 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-24 18:37 - 2009-07-13 23:45 - 00021648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-24 18:37 - 2009-07-13 23:45 - 00021648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-24 18:30 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-24 18:30 - 2009-07-13 23:51 - 00022726 _____ () C:\Windows\setupact.log
2014-12-24 18:06 - 2009-07-13 22:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-24 17:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-12-24 17:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-12-24 17:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\th-TH
2014-12-24 17:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-12-24 17:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-12-24 17:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-12-24 17:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-12-24 17:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-12-24 17:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-12-24 17:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-12-24 17:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\et-EE
2014-12-24 17:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-12-24 17:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-12-24 17:54 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\system32\restore
2014-12-24 10:37 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-12-24 08:02 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-24 07:43 - 2014-09-30 14:45 - 00000000 ____D () C:\Recovery
2014-12-24 07:43 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-12-23 23:38 - 2009-07-13 23:45 - 00274320 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-23 23:32 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-23 23:32 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-23 23:31 - 2009-07-13 23:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-12-23 23:31 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-12-23 23:27 - 2009-07-14 00:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-12-23 23:27 - 2009-07-14 00:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-23 23:28
 
==================== End Of Log ============================


#4 KWR5

KWR5
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 25 December 2014 - 05:03 PM

I did reinstall windows . 2 days ago. It hasn't made much of a difference, still can't download driver.

I have not put anything additional  the computer except avast, malewarebytes and emisoft anti malware and chrome.

 

Thanks so much for your time!



#5 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:09 PM

Posted 26 December 2014 - 04:32 AM

still can't download driver.

Could you please describe as good as possible?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#6 KWR5

KWR5
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 26 December 2014 - 07:45 AM

I download my printer driver but it doesn't open. I go to downloads and try to start it manually and it starts HP solutions framework but never goes past that. It is also quite slow in the OS, especially for a computer that has bear minimum on it.



#7 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:09 PM

Posted 26 December 2014 - 08:00 AM

  • Download Windows Repair (All in One) from this site
  • Install the program then run it.
NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.
  • Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
  • If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk. In that case make sure you restart computer.
p22004342.gif
  • Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:
p22004343.gif
  • Go to Step 4 and under "System Restore" click on Create button:
p22004346.gif
  • Go to Start Repairs tab and click Start button. Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design. Click on Start button.
 
p22004347.gif
  • Post Windows Repair log which is located in the following folder:
    • 64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
    • 32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#8 KWR5

KWR5
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 27 December 2014 - 08:12 AM

Tweaking.com - Windows Repair v2.10.2
--------------------------------------------------------------------------------
 
System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: KIM-PC
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\kim
Current Profile SID: S-1-5-21-302902420-2564238836-351937433-1000
Current Profile Classes: S-1-5-21-302902420-2564238836-351937433-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\kim\AppData\Local
--------------------------------------------------------------------------------
 
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 01:05:12
 
Process Count: 60
Commit Total: 2.21 GB
Commit Limit: 5.46 GB
Commit Peak: 2.63 GB
Handle Count: 20341
Kernel Total: 300.93 MB
Kernel Paged: 253.43 MB
Kernel Non Paged: 47.50 MB
System Cache: 1.23 GB
Thread Count: 898
--------------------------------------------------------------------------------
 
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 2.73 GB
Memory Used: 1.51 GB(55.3793%)
Memory Avail.: 1.22 GB
--------------------------------------------------------------------------------
 
Cleaning Memory Before Starting Repairs...
 
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 2.73 GB
Memory Used: 1.27 GB(46.4887%)
Memory Avail.: 1.46 GB
--------------------------------------------------------------------------------
 
Starting Repairs...
   Started at (12/26/2014 11:23:24 PM)
 
Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 34
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (12/26/2014 11:23:37 PM)
   Running Repair Under Current User Account
   Done (12/26/2014 11:24:15 PM)
 
01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (12/26/2014 11:24:15 PM)
   Running Repair Under System Account
   Done (12/27/2014 12:19:37 AM)
 
01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (12/27/2014 12:19:37 AM)
   Running Repair Under System Account
 
Repairs stopped. The current repair, if running, will still go until finished.
 
   Done (12/27/2014 12:19:50 AM)
 
Repairs Stopped By User.
   Done at (12/27/2014 12:19:50 AM)
   Total Repair Time: 00:56:29
 
Tweaking.com - Windows Repair v2.10.2
--------------------------------------------------------------------------------
 
System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: KIM-PC
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\kim
Current Profile SID: S-1-5-21-302902420-2564238836-351937433-1000
Current Profile Classes: S-1-5-21-302902420-2564238836-351937433-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\kim\AppData\Local
--------------------------------------------------------------------------------
 
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 02:02:17
 
Process Count: 49
Commit Total: 1.72 GB
Commit Limit: 5.46 GB
Commit Peak: 2.63 GB
Handle Count: 17261
Kernel Total: 251.00 MB
Kernel Paged: 206.89 MB
Kernel Non Paged: 44.10 MB
System Cache: 1.34 GB
Thread Count: 764
--------------------------------------------------------------------------------
 
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 2.73 GB
Memory Used: 949.32 MB(33.9661%)
Memory Avail.: 1.80 GB
--------------------------------------------------------------------------------
 
Cleaning Memory Before Starting Repairs...
 
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 2.73 GB
Memory Used: 743.67 MB(26.608%)
Memory Avail.: 2.00 GB
--------------------------------------------------------------------------------
 
Starting Repairs...
   Started at (12/27/2014 12:20:28 AM)
 
 
The current repair has failed to start for over 30 sec.
Trying Again....
 
Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 0
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (12/27/2014 12:20:39 AM)
   Running Repair Under Current User Account
   Done (12/27/2014 12:21:14 AM)
 
01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (12/27/2014 12:21:14 AM)
   Running Repair Under Current User Account
   Done (12/27/2014 1:13:26 AM)
 
01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (12/27/2014 1:13:26 AM)
   Running Repair Under Current User Account
   Done (12/27/2014 1:50:15 AM)
 
03 - Reset Service Permissions
   Start (12/27/2014 1:50:15 AM)
   Running Repair Under Current User Account
   Done (12/27/2014 1:51:44 AM)
 
04 - Register System Files
   Start (12/27/2014 1:51:44 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 1:57:29 AM)
 
05 - Repair WMI
   Start (12/27/2014 1:57:29 AM)
 
   Starting Security Center So We Can Export The Security Info.
 
   Exporting Antivirus Info...
   Emsisoft Anti-Malware Exported.
   avast! Antivirus Exported.
 
   Exporting AntiSpyware Info...
   Windows Defender Exported.
   Emsisoft Anti-Malware Exported.
   avast! Antivirus Exported.
 
   Exporting 3rd Party Firewall Info...
   No Firewall Products Reported.
 
   Running Repair Under Current User Account
   Done (12/27/2014 2:40:22 AM)
 
06 - Repair Windows Firewall
   Start (12/27/2014 2:40:22 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 2:41:56 AM)
 
07 - Repair Internet Explorer
   Start (12/27/2014 2:41:56 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 2:47:57 AM)
 
08 - Repair MDAC/MS Jet
   Start (12/27/2014 2:47:57 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 2:49:40 AM)
 
09 - Repair Hosts File
   Start (12/27/2014 2:49:40 AM)
   Running Repair Under Current User Account
   Done (12/27/2014 2:49:43 AM)
 
10 - Remove Policies Set By Infections
   Start (12/27/2014 2:49:43 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 2:50:07 AM)
 
11 - Repair Start Menu Icons Removed By Infections
   Start (12/27/2014 2:50:07 AM)
   Running Repair Under Current User Account
   Done (12/27/2014 2:50:11 AM)
 
12 - Repair Icons
   Start (12/27/2014 2:50:11 AM)
   Running Repair Under Current User Account
   Done (12/27/2014 2:50:15 AM)
 
13 - Repair Winsock & DNS Cache
   Start (12/27/2014 2:50:15 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 2:51:11 AM)
 
15 - Repair Proxy Settings
   Start (12/27/2014 2:51:11 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 2:51:17 AM)
 
17 - Repair Windows Updates
   Start (12/27/2014 2:51:17 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
   Done (12/27/2014 2:58:42 AM)
 
18 - Repair CD/DVD Missing/Not Working
   Start (12/27/2014 2:58:42 AM)
   iTunes not found, not applying UpperFilters iTunes Reg Key
   Done (12/27/2014 2:58:42 AM)
 
19 - Repair Volume Shadow Copy Service
   Start (12/27/2014 2:58:42 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:00:41 AM)
 
21 - Repair MSI (Windows Installer)
   Start (12/27/2014 3:00:41 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:01:54 AM)
 
23.01 - Repair bat Association
   Start (12/27/2014 3:01:54 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:01:59 AM)
 
23.02 - Repair cmd Association
   Start (12/27/2014 3:01:59 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:02:05 AM)
 
23.03 - Repair com Association
   Start (12/27/2014 3:02:05 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:02:10 AM)
 
23.04 - Repair Directory Association
   Start (12/27/2014 3:02:10 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:02:16 AM)
 
23.05 - Repair Drive Association
   Start (12/27/2014 3:02:16 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:02:22 AM)
 
23.06 - Repair exe Association
   Start (12/27/2014 3:02:22 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:02:27 AM)
 
23.07 - Repair Folder Association
   Start (12/27/2014 3:02:27 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:02:33 AM)
 
23.08 - Repair inf Association
   Start (12/27/2014 3:02:33 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:02:38 AM)
 
23.09 - Repair lnk (Shortcuts) Association
   Start (12/27/2014 3:02:38 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:02:43 AM)
 
23.10 - Repair msc Association
   Start (12/27/2014 3:02:43 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:02:49 AM)
 
23.11 - Repair reg Association
   Start (12/27/2014 3:02:49 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:02:54 AM)
 
23.12 - Repair scr Association
   Start (12/27/2014 3:02:54 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:02:59 AM)
 
24 - Repair Windows Safe Mode
   Start (12/27/2014 3:02:59 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:03:04 AM)
 
25 - Repair Print Spooler
   Start (12/27/2014 3:03:04 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:04:16 AM)
 
26 - Restore Important Windows Services
   Start (12/27/2014 3:04:16 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:05:51 AM)
 
27 - Set Windows Services To Default Startup
   Start (12/27/2014 3:05:51 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:07:18 AM)
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1
 
31 - Repair Windows 'New' Submenu
   Start (12/27/2014 3:07:18 AM)
   Running Repair Under Current User Account
   Running Repair Under Current User Account
   Done (12/27/2014 3:07:24 AM)
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done at (12/27/2014 3:07:24 AM)
   Total Repair Time: 02:46:58
 
 
...YOU MUST RESTART YOUR SYSTEM...
 
 


#9 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:09 PM

Posted 27 December 2014 - 08:20 AM

Still problems?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#10 KWR5

KWR5
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 27 December 2014 - 05:48 PM

no change

Kim



#11 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:09 PM

Posted 28 December 2014 - 07:19 AM

Which printer do you have?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#12 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:09 PM

Posted 01 January 2015 - 07:33 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users