Hi Naat, thanks for your reply.
I would still like to use Twitter, youTube,Flickr and codecadamy, where I'm already signed in, is that ok?
Here are the logs you asked for:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:8-08-2014
Ran by User (administrator) on USER-PC on 08-08-2014 19:41:39
Running from C:\Users\User\Desktop
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimDrivers\SlimDrivers.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files\Hotspot Shield\bin\hsswd.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Solid Documents, LLC) C:\Program Files\SolidDocuments\SolidPDFCreator\SPC\SolidPdfService.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Aeria Games & Entertainment) C:\Program Files\Aeria Games\Ignite\aeriaignite.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files\Pando Networks\Media Booster\PMB.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\HSSCP.exe
(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Users\User\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Harmony Hollow Software) C:\Program Files\Screen Highlighter\shl.exe
(Siber Systems) C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(J. Eric Vaughan) C:\Program Files\Stay On Top\StayOnTop.exe
(Fabio Martin) C:\Program Files\7 Sticky Notes\7StickyNotes.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-4165335087-975643669-458432890-1000\...\Run: [Pando Media Booster] => C:\Program Files\Pando Networks\Media Booster\PMB.exe [4287536 2013-11-14] ()
HKU\S-1-5-21-4165335087-975643669-458432890-1000\...\Run: [Akamai NetSession Interface] => C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4165335087-975643669-458432890-1000\...\Run: [Spotify Web Helper] => C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-21] (Spotify Ltd)
HKU\S-1-5-21-4165335087-975643669-458432890-1000\...\Run: [Amazon Cloud Player] => C:\Users\User\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-4165335087-975643669-458432890-1000\...\Run: [Screen Highlighter] => C:\Program Files\Screen Highlighter\shl.exe [643072 2013-12-20] (Harmony Hollow Software)
HKU\S-1-5-21-4165335087-975643669-458432890-1000\...\Run: [RoboForm] => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-07-12] (Siber Systems)
HKU\S-1-5-21-4165335087-975643669-458432890-1000\...\Policies\Explorer: [RestrictRun] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stay On Top.lnk
ShortcutTarget: Stay On Top.lnk -> C:\Windows\Installer\{5C6C0192-BA75-4932-8931-B2FF88346E49}\_16dd6dc4.exe ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7 Sticky Notes.lnk
ShortcutTarget: 7 Sticky Notes.lnk -> C:\Program Files\7 Sticky Notes\7StickyNotes.exe (Fabio Martin)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * bootdelete
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.roboform.com
SearchScopes: HKLM - DefaultScope value is missing.
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Handler: linkscanner - No CLSID Value -
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default
FF Homepage: https://my.yahoo.com/
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll No File
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @siber.com/RoboForm -> C:\Program Files\Siber Systems\AI RoboForm\chrome\plugin\np-rf-plugin.dll (Siber Systems Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @TrianglePlayer - C:\Users\User\AppData\Roaming\TrianglePlayer\NPTrianglePlayer.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Extension: Add to Amazon Wish List Button - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-05]
FF Extension: Double-click To Reload Tab - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-05]
FF Extension: FireRainbow - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-05]
FF Extension: ProxTube - Unblock YouTube - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-07-27]
FF Extension: My-Translator - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2011-12-13]
FF Extension: Remove Cookies for Site - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\{06997db0-c027-4d5f-bd37-b0d9230226ea} [2014-08-05]
FF Extension: Lightshot (screenshot tool) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} [2014-06-15]
FF Extension: AddThis - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2012-08-29]
FF Extension: Page Zoom Button - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-05]
FF Extension: AmazonOnClick - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-06]
FF Extension: Autofill Forms - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-05]
FF Extension: Duplicate This Tab - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-05]
FF Extension: Firebug - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-05]
FF Extension: Firepicker - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-05]
FF Extension: AOL One Click - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-05]
FF Extension: LanguageToolFx - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-05]
FF Extension: Personas Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-05]
FF Extension: Simple White - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-05]
FF Extension: Simple Timer - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-05]
FF Extension: Sticky Notes - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-05]
FF Extension: Tabbed View Source - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\[email protected] [2014-08-05]
FF Extension: abcTajpu - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\{15a7ef52-8a77-426e-9e17-e21af257d7c8}.xpi [2014-08-05]
FF Extension: ProxTube - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-08-05]
FF Extension: Reload Tab On Double-Click - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\{aede9b05-c23c-479b-a90e-9146ed62d377}.xpi [2014-08-05]
FF Extension: Easy Youtube Video Downloader Express - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2014-08-05]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-05]
FF Extension: Hotspot Shield Extension - C:\Program Files\Mozilla Firefox\browser\extensions\[email protected] [2014-07-23]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-06-25]
FF HKLM\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-25]
FF HKLM\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files\Siber Systems\AI RoboForm\Firefox [2014-03-11]
FF HKCU\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files\Siber Systems\AI RoboForm\Firefox
Chrome:
=======
CHR StartupUrls: "https://www.google.com/?hl=de"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime Alternative\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime Alternative\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime Alternative\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime Alternative\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime Alternative\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime Alternative\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime Alternative\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (RealNetworks Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\system32\npDeployJava1.dll No File
CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll No File
CHR Plugin: (RealPlayer Download Plugin) - c:\program files\real\realplayer\Netscape6\nprpplugin.dll No File
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-04]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-28]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-04]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-04]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-04]
CHR Extension: (RoboForm) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-03-14]
CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\User\AppData\Local\newhb2.crx [2013-09-27]
CHR HKLM\...\Chrome\Extension: [efbkdhmfnmnmfimllbjamfodcoanhmdd] - C:\Users\User\AppData\Local\WebToSave.crx [2013-09-27]
CHR HKLM\...\Chrome\Extension: [ekekpckhcfhhaagbmdeimlipagihocje] - C:\Users\User\AppData\Local\CRE\ekekpckhcfhhaagbmdeimlipagihocje.crx [2014-01-30]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-01]
CHR HKLM\...\Chrome\Extension: [ohlfohjgijhjlpidbbnmcdooegafnnnm] - C:\Program Files\SockshareDownloader\SockshareDownloader10.crx [2014-08-01]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-03-11]
CHR HKCU\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\User\AppData\Local\newhb2.crx [2013-09-27]
CHR HKCU\...\Chrome\Extension: [efbkdhmfnmnmfimllbjamfodcoanhmdd] - C:\Users\User\AppData\Local\WebToSave.crx [2013-09-27]
CHR HKCU\...\Chrome\Extension: [ekekpckhcfhhaagbmdeimlipagihocje] - C:\Users\User\AppData\Local\CRE\ekekpckhcfhhaagbmdeimlipagihocje.crx [2014-01-30]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-07-11] (SUPERAntiSpyware.com) [File not signed]
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-07] (ArcSoft Inc.)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2000-01-01] (LSI Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-01] (AVAST Software)
R2 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [File not signed]
S3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()
R2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe [430344 2014-05-17] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)
S2 SetupARService; C:\Program Files\Realtek\Audio\SetupAfterRebootService.exe [24576 2014-07-26] (Realtek Semiconductor.) [File not signed]
R2 SPDFCreatorReadSpool; C:\Program Files\SolidDocuments\SolidPDFCreator\SPC\SolidPdfService.exe [180552 2011-10-03] (Solid Documents, LLC)
S3 ArcService; C:\Program Files\Perfect World Entertainment\Arc\ArcService.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 apf003; C:\Windows\system32\apf003.sys [13232 2013-12-04] () [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-08-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-08-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-08-01] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-08-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-08-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-08-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-08-01] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-08-01] ()
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [3234304 2013-08-25] (Qualcomm Atheros Communications, Inc.)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [39624 2014-05-17] (AnchorFree Inc.)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [209016 2013-05-31] (QFX Software Corporation)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [34432 2012-07-20] (ManyCam LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [25088 2012-07-20] (ManyCam LLC)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-11-04] (Secunia)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [15672 2013-05-22] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-08-07] ()
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2014-05-17] (Anchorfree Inc.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [43520 2012-02-15] (Apple, Inc.) [File not signed]
R2 windrvNT; C:\Windows\system32\windrvNT.sys [35363 2010-07-27] () [File not signed]
S2 adfs; No ImagePath
S3 catchme; \??\C:\Users\User\AppData\Local\Temp\catchme.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [X]
S3 XDva405; \??\C:\Windows\system32\XDva405.sys [X]
S3 XDva409; \??\C:\Windows\system32\XDva409.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-08 19:41 - 2014-08-08 19:42 - 00030287 _____ () C:\Users\User\Desktop\FRST.txt
2014-08-08 19:41 - 2014-08-08 19:41 - 00000000 ____D () C:\FRST
2014-08-08 19:38 - 2014-08-08 19:38 - 00380416 _____ () C:\Users\User\Desktop\giw4wdoc.exe
2014-08-08 19:37 - 2014-08-08 19:37 - 01084928 _____ (Farbar) C:\Users\User\Desktop\FRST.exe
2014-08-07 23:34 - 2014-08-07 23:34 - 00143312 _____ () C:\Windows\Minidump\080714-21699-01.dmp
2014-08-07 16:07 - 2014-08-07 16:07 - 00029441 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2014-08-05 21:55 - 2014-08-05 21:55 - 00002286 _____ () C:\Users\User\Desktop\[QUOTE=malignus;[bleep]
2014-08-05 20:26 - 2014-08-05 20:26 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-05 20:25 - 2014-08-05 20:25 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-05 20:25 - 2014-08-05 20:25 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-05 20:25 - 2014-08-05 20:25 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-05 20:25 - 2014-08-05 20:25 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-08-05 20:25 - 2014-08-05 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-05 20:19 - 2014-08-05 20:19 - 29421992 _____ (Oracle Corporation) C:\Users\User\Desktop\jre-7u67-windows-i586.exe
2014-08-05 17:19 - 2014-08-05 17:19 - 00001077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-05 17:19 - 2014-08-05 17:19 - 00001065 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-05 17:19 - 2014-08-05 17:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-04 02:43 - 2014-08-04 02:44 - 92772269 _____ () C:\Users\User\Desktop\Sittin' On The Dock Of The Bay _ Playing For Change.mp4
2014-08-01 15:11 - 2014-08-01 15:08 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-01 15:10 - 2014-08-01 15:08 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-01 15:08 - 2014-08-01 15:08 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-01 15:06 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 15:06 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 15:06 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 15:06 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 15:05 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 15:05 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 15:05 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 15:05 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 15:05 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-29 10:16 - 2014-07-29 10:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\Spotydl
2014-07-29 10:16 - 2014-07-29 10:16 - 00000949 _____ () C:\Users\User\Desktop\Spotydl.lnk
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\Program Files\Spotydl
2014-07-27 16:44 - 2014-07-27 16:44 - 00000000 ___RD () C:\Program Files\Skype
2014-07-27 16:44 - 2014-07-27 16:44 - 00000000 ____D () C:\Users\User\AppData\Local\Skype
2014-07-27 16:44 - 2014-07-27 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-27 16:44 - 2014-07-27 16:44 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-07-27 16:12 - 2014-07-27 16:12 - 13542851 _____ () C:\Users\User\Desktop\karaoke Sudirman - dari jauh ku pohon maaf.mp4
2014-07-27 15:54 - 2014-07-27 15:54 - 00000000 ____D () C:\ProgramData\APN
2014-07-23 15:11 - 2014-08-05 17:19 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-21 15:26 - 2014-07-21 15:26 - 00001939 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flickr Uploadr.lnk
2014-07-21 15:26 - 2014-07-21 15:26 - 00001927 _____ () C:\Users\User\Desktop\Flickr Uploadr.lnk
2014-07-21 15:26 - 2014-07-21 15:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\Flickr
2014-07-21 15:26 - 2014-07-21 15:26 - 00000000 ____D () C:\Users\User\AppData\Local\Flickr
2014-07-21 15:25 - 2014-07-21 15:26 - 00000000 ____D () C:\Program Files\Flickr Uploadr
2014-07-19 16:21 - 2014-07-19 16:21 - 00000000 ____D () C:\Program Files\Educational Simulations
2014-07-16 09:25 - 2014-07-21 13:41 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-16 09:25 - 2014-07-16 09:25 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-16 09:25 - 2014-07-16 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-16 09:25 - 2014-07-16 09:25 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-16 09:25 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-16 09:25 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-12 13:42 - 2014-07-12 13:42 - 16656408 _____ (Siber Systems) C:\Users\User\Desktop\RoboForm-Setup-cnetc.exe
2014-07-11 12:48 - 2014-07-11 12:49 - 00000000 ____D () C:\Users\User\Documents\My Kindle Content
2014-07-11 12:48 - 2014-07-11 12:48 - 00002221 _____ () C:\Users\User\Desktop\Kindle.lnk
2014-07-11 12:48 - 2014-07-11 12:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-07-11 12:47 - 2014-07-11 12:48 - 00000000 ____D () C:\Users\User\AppData\Local\Amazon
2014-07-09 13:20 - 2014-07-09 13:20 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-07-09 13:08 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 13:08 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 13:08 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 13:08 - 2014-06-19 01:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 13:08 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 13:08 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 13:08 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 13:08 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 13:08 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 13:08 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 13:08 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 13:08 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 13:08 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 13:08 - 2014-06-19 01:23 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 13:08 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 13:08 - 2014-06-19 01:16 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 13:08 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 13:08 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 13:08 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 13:08 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 13:08 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 13:08 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 13:08 - 2014-06-19 00:52 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 13:08 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 13:08 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 13:08 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 13:08 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 13:08 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 13:08 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 13:08 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 13:08 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 13:08 - 2014-06-18 02:52 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 13:07 - 2014-06-30 03:40 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 13:07 - 2014-06-30 03:36 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 13:07 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 13:07 - 2014-06-05 16:26 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 13:07 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 13:07 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 13:07 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 13:07 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 13:07 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 13:07 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 13:07 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 13:07 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-08 19:42 - 2014-08-08 19:41 - 00030287 _____ () C:\Users\User\Desktop\FRST.txt
2014-08-08 19:42 - 2013-11-14 02:25 - 00000000 ____D () C:\Users\User\AppData\Local\PMB Files
2014-08-08 19:41 - 2014-08-08 19:41 - 00000000 ____D () C:\FRST
2014-08-08 19:41 - 2009-10-24 20:57 - 01751423 _____ () C:\Windows\WindowsUpdate.log
2014-08-08 19:38 - 2014-08-08 19:38 - 00380416 _____ () C:\Users\User\Desktop\giw4wdoc.exe
2014-08-08 19:37 - 2014-08-08 19:37 - 01084928 _____ (Farbar) C:\Users\User\Desktop\FRST.exe
2014-08-08 19:24 - 2011-02-20 17:17 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-08 19:20 - 2012-07-15 00:55 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-08 18:35 - 2009-07-14 06:34 - 00017168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-08 18:35 - 2009-07-14 06:34 - 00017168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-08 14:41 - 2013-09-14 12:29 - 00000000 ____D () C:\Users\User\AppData\Roaming\FileAdvisor
2014-08-08 14:40 - 2014-03-23 01:31 - 00000000 ___RD () C:\Users\User\Desktop\Security
2014-08-08 13:25 - 2013-03-15 17:15 - 00000000 ____D () C:\Windows\rescache
2014-08-08 12:19 - 2011-02-20 17:17 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-08 09:32 - 2014-07-05 14:58 - 00000000 ____D () C:\Users\User\AppData\Local\gtk-2.0
2014-08-08 09:32 - 2013-12-04 01:12 - 00000000 ____D () C:\Users\User\AppData\Local\Akamai
2014-08-08 09:32 - 2013-11-18 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-08 09:32 - 2013-11-14 02:25 - 00000000 ____D () C:\ProgramData\PMB Files
2014-08-08 09:32 - 2011-02-09 18:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\PhotoScape
2014-08-08 09:32 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-08-08 09:31 - 2013-05-20 20:46 - 00000000 ___RD () C:\Users\User\Dropbox
2014-08-08 09:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-08-08 02:05 - 2013-12-15 20:30 - 05407232 ___SH () C:\Users\User\Desktop\Thumbs.db
2014-08-08 00:34 - 2009-10-24 23:53 - 00384248 _____ () C:\Windows\system32\prfh0804.dat
2014-08-08 00:34 - 2009-10-24 23:53 - 00119918 _____ () C:\Windows\system32\prfc0804.dat
2014-08-08 00:34 - 2009-10-24 21:05 - 02115974 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-07 23:41 - 2013-07-05 21:19 - 00000000 ____D () C:\Program Files\Opera
2014-08-07 23:36 - 2012-02-01 15:04 - 00000000 ____D () C:\Users\User\AppData\Roaming\7 Sticky Notes
2014-08-07 23:35 - 2013-11-10 16:09 - 00000384 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2014-08-07 23:34 - 2014-08-07 23:34 - 00143312 _____ () C:\Windows\Minidump\080714-21699-01.dmp
2014-08-07 23:34 - 2014-06-10 16:33 - 00006655 _____ () C:\Windows\setupact.log
2014-08-07 23:34 - 2013-11-10 16:09 - 00013464 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-08-07 23:34 - 2012-01-29 20:33 - 00000000 ____D () C:\Windows\Minidump
2014-08-07 23:34 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-07 23:33 - 2014-04-01 13:36 - 256625834 _____ () C:\Windows\MEMORY.DMP
2014-08-07 16:08 - 2014-07-05 12:13 - 00000000 ____D () C:\Users\User\.gimp-2.8
2014-08-07 16:07 - 2014-08-07 16:07 - 00029441 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2014-08-05 21:55 - 2014-08-05 21:55 - 00002286 _____ () C:\Users\User\Desktop\[QUOTE=malignus;[bleep]
2014-08-05 20:26 - 2014-08-05 20:26 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-05 20:25 - 2014-08-05 20:25 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-05 20:25 - 2014-08-05 20:25 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-05 20:25 - 2014-08-05 20:25 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-05 20:25 - 2014-08-05 20:25 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-08-05 20:25 - 2014-08-05 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-05 20:25 - 2014-04-19 12:16 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-05 20:19 - 2014-08-05 20:19 - 29421992 _____ (Oracle Corporation) C:\Users\User\Desktop\jre-7u67-windows-i586.exe
2014-08-05 20:00 - 2013-05-20 20:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2014-08-05 19:58 - 2013-09-13 04:13 - 00364094 _____ () C:\Windows\PFRO.log
2014-08-05 19:52 - 2013-09-13 19:48 - 00000000 ____D () C:\Program Files\File Type Advisor
2014-08-05 17:19 - 2014-08-05 17:19 - 00001077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-05 17:19 - 2014-08-05 17:19 - 00001065 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-05 17:19 - 2014-08-05 17:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-05 17:19 - 2014-07-23 15:11 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-05 16:02 - 2014-04-01 13:40 - 00002007 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-05 15:56 - 2014-03-21 14:14 - 00000000 ___RD () C:\Users\User\Desktop\HTML5
2014-08-05 15:56 - 2013-09-23 19:53 - 00000000 ____D () C:\ProgramData\Licenses
2014-08-05 15:56 - 2012-10-22 23:28 - 00000000 ____D () C:\ProgramData\iWin Games
2014-08-05 15:56 - 2009-10-24 23:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-08-05 15:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-04 02:44 - 2014-08-04 02:43 - 92772269 _____ () C:\Users\User\Desktop\Sittin' On The Dock Of The Bay _ Playing For Change.mp4
2014-08-03 20:30 - 2009-10-24 21:42 - 00000000 ____D () C:\ProgramData\Temp
2014-08-03 02:01 - 2013-01-21 13:13 - 00000000 ____D () C:\Users\User\AppData\Local\Spotify
2014-08-01 15:16 - 2014-05-11 17:24 - 00000020 _____ () C:\sccfg(30).sys
2014-08-01 15:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-08-01 15:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-01 15:11 - 2012-11-25 02:36 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-01 15:08 - 2014-08-01 15:11 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-01 15:08 - 2014-08-01 15:10 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-01 15:08 - 2014-08-01 15:08 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-01 15:08 - 2013-09-18 13:46 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-01 15:08 - 2013-09-18 13:46 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-01 15:08 - 2012-11-25 02:36 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-01 15:08 - 2012-11-25 02:36 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-01 15:08 - 2012-11-25 02:36 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-01 15:08 - 2012-11-25 02:35 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-29 10:39 - 2014-07-29 10:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\Spotydl
2014-07-29 10:19 - 2013-01-21 13:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\Spotify
2014-07-29 10:16 - 2014-07-29 10:16 - 00000949 _____ () C:\Users\User\Desktop\Spotydl.lnk
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\Program Files\Spotydl
2014-07-28 02:59 - 2013-09-05 14:10 - 00000000 ___RD () C:\Users\User\Desktop\friends
2014-07-28 02:59 - 2012-09-03 21:17 - 00000000 ___RD () C:\Users\User\Desktop\family pics
2014-07-28 02:58 - 2012-11-24 14:42 - 00000000 ___RD () C:\Users\User\Desktop\music vids
2014-07-28 02:54 - 2013-12-15 15:24 - 00000000 ___RD () C:\Users\User\Desktop\albums
2014-07-27 16:44 - 2014-07-27 16:44 - 00000000 ___RD () C:\Program Files\Skype
2014-07-27 16:44 - 2014-07-27 16:44 - 00000000 ____D () C:\Users\User\AppData\Local\Skype
2014-07-27 16:44 - 2014-07-27 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-27 16:44 - 2014-07-27 16:44 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-07-27 16:44 - 2009-10-24 23:17 - 00000000 ____D () C:\ProgramData\Skype
2014-07-27 16:12 - 2014-07-27 16:12 - 13542851 _____ () C:\Users\User\Desktop\karaoke Sudirman - dari jauh ku pohon maaf.mp4
2014-07-27 15:54 - 2014-07-27 15:54 - 00000000 ____D () C:\ProgramData\APN
2014-07-27 15:51 - 2011-08-18 21:32 - 00000000 ____D () C:\Program Files\Java
2014-07-27 15:18 - 2009-07-14 06:53 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-27 15:18 - 2009-07-14 06:53 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU(32).TXT
2014-07-26 17:46 - 2013-11-10 16:48 - 00000000 ___HD () C:\Program Files\Temp
2014-07-26 17:42 - 2013-11-10 16:49 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-07-26 17:40 - 2009-10-24 21:44 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-25 13:47 - 2013-05-20 20:43 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-25 13:44 - 2012-07-16 21:45 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 03:02 - 2012-07-16 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-23 10:52 - 2010-10-29 02:05 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-07-22 00:03 - 2012-09-03 21:19 - 00000000 ___RD () C:\Users\User\Desktop\pics
2014-07-21 15:26 - 2014-07-21 15:26 - 00001939 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flickr Uploadr.lnk
2014-07-21 15:26 - 2014-07-21 15:26 - 00001927 _____ () C:\Users\User\Desktop\Flickr Uploadr.lnk
2014-07-21 15:26 - 2014-07-21 15:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\Flickr
2014-07-21 15:26 - 2014-07-21 15:26 - 00000000 ____D () C:\Users\User\AppData\Local\Flickr
2014-07-21 15:26 - 2014-07-21 15:25 - 00000000 ____D () C:\Program Files\Flickr Uploadr
2014-07-21 13:41 - 2014-07-16 09:25 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-19 16:21 - 2014-07-19 16:21 - 00000000 ____D () C:\Program Files\Educational Simulations
2014-07-17 13:35 - 2013-07-01 15:04 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-16 19:52 - 2013-09-13 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Type Advisor
2014-07-16 09:25 - 2014-07-16 09:25 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-16 09:25 - 2014-07-16 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-16 09:25 - 2014-07-16 09:25 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-16 09:25 - 2011-05-04 12:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes
2014-07-16 09:25 - 2011-05-04 12:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-16 09:25 - 2011-05-04 12:15 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-07-12 13:44 - 2014-03-11 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2014-07-12 13:42 - 2014-07-12 13:42 - 16656408 _____ (Siber Systems) C:\Users\User\Desktop\RoboForm-Setup-cnetc.exe
2014-07-11 12:49 - 2014-07-11 12:48 - 00000000 ____D () C:\Users\User\Documents\My Kindle Content
2014-07-11 12:48 - 2014-07-11 12:48 - 00002221 _____ () C:\Users\User\Desktop\Kindle.lnk
2014-07-11 12:48 - 2014-07-11 12:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-07-11 12:48 - 2014-07-11 12:47 - 00000000 ____D () C:\Users\User\AppData\Local\Amazon
2014-07-09 16:51 - 2009-07-14 06:33 - 02522512 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 16:49 - 2014-05-06 22:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 16:49 - 2009-07-14 09:50 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 16:45 - 2009-10-24 21:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 16:41 - 2013-08-22 15:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 16:37 - 2011-11-21 18:38 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 13:20 - 2014-07-09 13:20 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-07-09 13:20 - 2012-07-15 00:55 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 13:20 - 2012-07-15 00:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
Files to move or delete:
====================
C:\Users\User\jagex_cl_runescape_LIVE.dat
C:\Users\User\random.dat
Some content of TEMP:
====================
C:\Users\User\AppData\Local\temp\APNSetup.exe
C:\Users\User\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8fi5_h.dll
C:\Users\User\AppData\Local\temp\HitmanPro.exe
C:\Users\User\AppData\Local\temp\jre-7u65-windows-i586-iftw.exe
C:\Users\User\AppData\Local\temp\npp.6.6.3.Installer.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-07 13:07
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:8-08-2014
Ran by User at 2014-08-08 19:43:07
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7 Sticky Notes (HKLM\...\{2DB7DD8E-F17B-408A-B93B-92867EF7974D}_is1) (Version: - Fabio Martin)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\{0099B484-C24C-4D5F-8167-B0F6DF196E72}) (Version: 12.0.3.133 - Adobe Systems, Inc)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Advanced Uninstaller PRO - Version 11 (HKLM\...\AU11_is1) (Version: 11 - Innovative Solutions)
Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AGEIA PhysX v2.6.0 (HKLM\...\{582876EC-A178-44D4-9823-C10D6C62EAFF}) (Version: 2.6.0.4 - AGEIA Technologies, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
AMD Catalyst Install Manager (HKLM\...\{121A3F18-E386-B7EF-CEEB-32864884E594}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft WebCam Companion 3 (HKLM\...\{7B937101-FD85-4CA9-9176-ADA6492314AF}) (Version: 3.0.0.117 - ArcSoft)
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
AVG 2013 (Version: 13.0.2677 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.2740 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.2741 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.2742 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center InstallProxy (Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
Eden Eternal (HKLM\...\Eden Eternal) (Version: - )
Elsword version v3.1120.7.1 (HKLM\...\{E655DDFC-24DB-4FC3-8474-271E911309B4}_is1) (Version: v3.1120.7.1 - Kill3rCombo)
Facebook Messenger 2.1.4814.0 (HKLM\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
File Type Advisor 1.3 (HKLM\...\File Type Advisor_is1) (Version: - filetypeadvisor.com)
Flickr Uploadr 3.1.2 (HKLM\...\Flickr Uploadr) (Version: - )
Free M4a to MP3 Converter 8.2 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free YouTube to MP3 Converter Studio 8.2 (HKLM\...\Free YouTube to MP3 Converter Studio_is1) (Version: - ManiacTools.com)
FreeApps (HKLM\...\FreeApp v1) (Version: 1.3.1 - VTools)
GameXN GO (HKCU\...\Game Organizer) (Version: - GameXN AS)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 3.72 - Happy Cloud, Inc.)
Heroes Of Hellas (Version: 3.4.16.3 - Alawar) Hidden
Hotspot Shield 3.42 (HKLM\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
KeyScrambler (HKLM\...\KeyScrambler) (Version: 3.3.0.0 - QFX Software Corporation)
K-Lite Mega Codec Pack 5.7.0 (HKLM\...\KLiteCodecPack_is1) (Version: 5.7.0 - )
Luxor 2 (Version: 3.4.14.106 - MumboJumbo) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
ManyCam 3.0.91 (remove only) (HKLM\...\ManyCam) (Version: 3.0.91 - ManyCam LLC)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
MostFun.com Games - Heroes Of Hellas (remove only) (HKLM\...\MostFun.com Games - Heroes Of Hellas) (Version: 3.4.16.3 - )
MostFun.com Games - Luxor 2 (remove only) (HKLM\...\MostFun.com Games - Luxor 2) (Version: 3.4.14.106 - )
MostFun.com Games - Super Granny 4 (remove only) (HKLM\...\MostFun.com Games - Super Granny 4) (Version: 3.4.16.27 - )
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MPC-HC 1.7.0 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
MyPaint 1.0.0 (HKCU\...\MyPaint) (Version: 1.0.0 - Martin Renold & MyPaint Development Team)
Nero 8 Essentials (HKLM\...\{523DF39E-DF7D-488F-8022-783946571033}) (Version: 8.10.135 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.3 - Notepad++ Team)
Opera Stable 23.0.1522.60 (HKLM\...\Opera 23.0.1522.60) (Version: 23.0.1522.60 - Opera Software ASA)
Opera Stable 23.0.1522.72 (HKLM\...\Opera 23.0.1522.72) (Version: 23.0.1522.72 - Opera Software ASA)
Pale Moon 24.6.1 (x86 en-US) (HKLM\...\Pale Moon 24.6.1 (x86 en-US)) (Version: 24.6.1 - Moonchild Productions)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Qualcomm Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTime Alternative 2.9.2 (HKLM\...\QuicktimeAlt_is1) (Version: 2.9.2 - )
Ravensburger tiptoi (HKLM\...\Ravensburger tiptoi) (Version: - )
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30130 - Realtek Semiconductor Corp.)
RoboForm 7-9-8-5 (All Users) (HKLM\...\AI RoboForm) (Version: 7-9-8-5 - Siber Systems)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
Screen Highlighter 1.0 (HKLM\...\Screen Highlighter_is1) (Version: - Harmony Hollow Software)
Screencast-O-Matic (HKCU\...\Screencast-O-Matic) (Version: - Screencast-O-Matic)
Secunia PSI (3.0.0.9015) (HKLM\...\Secunia PSI) (Version: 3.0.0.9015 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SlimDrivers (HKLM\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Smart Defrag 2 (HKLM\...\Smart Defrag 2_is1) (Version: 2.8 - IObit)
SolidPDFCreator (HKLM\...\{DFE70CCC-0ACB-45B7-94F4-9DC6F01B7928}) (Version: 7.1.879.0 - SolidDocuments)
SPEEDLINK Strike 2 Gamepad (HKLM\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Spotydl 0.9.36.0 (HKLM\...\Spotydl_is1) (Version: 0.9.36.0 - spotydl.com)
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Stay On Top (HKLM\...\{5C6C0192-BA75-4932-8931-B2FF88346E49}) (Version: 1.0.0 - J. Eric Vaughan)
StickMen War 2.5 (HKLM\...\StickMen War 2.5) (Version: - )
Sublime Text Build 3059 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Super Granny 4 (Version: 3.4.16.27 - Sandlot) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1012 - SUPERAntiSpyware.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Uninstall TrianglePlayer (HKLM\...\TrianglePlayer_is1) (Version: 2012 - Fuzhou Zhuo Yue Wu Xian Software Development Company Limited)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
VBA (2627.01) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VS10RuntimeWin32 (Version: 1.0.0 - immunet) Hidden
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8098.930 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
ZTE Handset USB Driver 5.2066.1.8B02 (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2066.1.8B02 - ZTE Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\GameXN\ezGameXN.dll (GameXN AS)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\GameXN\ezGameXN.dll (GameXN AS)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{b226c901-b163-53c9-a14c-5b55ebb03907}\InprocServer32 -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\ProgramData\GameXN\ezGameXN.dll (GameXN AS)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\ProgramData\GameXN\ezGameXN.dll (GameXN AS)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\ProgramData\GameXN\ezGameXN.dll (GameXN AS)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4165335087-975643669-458432890-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2014-01-31 14:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {001A919F-5486-4F80-B76F-B12381E6F0BF} - System32\Tasks\Opera scheduled Autoupdate 1392134183 => C:\Program Files\Opera\launcher.exe [2014-08-05] (Opera Software)
Task: {02345B74-772A-44F8-A563-F33F7F68A837} - System32\Tasks\{FBC71A6A-8D24-4264-8D8B-660359524319} => C:\AeriaGames\EdenEternal\aeria_launcher.exe [2012-02-17] (Aeria Games & Entertainment)
Task: {041FCAE9-E352-431F-AD25-C26D4623EB5F} - System32\Tasks\{1F529A44-4E7F-4EEB-9387-B009EA33FE4D} => C:\Program Files\MostFun\SuperGranny3\SuperGranny3.exe
Task: {0DCD5759-D02C-4EB7-BC32-41D7D06D35EA} - System32\Tasks\{C0CCC3A8-5FC2-4086-A869-3E21F7C524E9} => C:\AeriaGames\EdenEternal\aeria_launcher.exe [2012-02-17] (Aeria Games & Entertainment)
Task: {1CB5B6C4-90E4-45C9-9496-17458C2181AD} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4165335087-975643669-458432890-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {1FFB5CAB-D0C8-4971-A6C6-52243A608C52} - System32\Tasks\{B0A60467-7396-4B3F-9092-61133D6E365D} => C:\Program Files\MostFun\SuperGranny3\SuperGranny3.exe
Task: {29A3B4DA-2552-4B1B-AC98-0DAA160CD171} - System32\Tasks\{E06706D7-83A8-4D3F-A875-DC73898C373C} => C:\AeriaGames\EdenEternal\aeria_launcher.exe [2012-02-17] (Aeria Games & Entertainment)
Task: {342242AF-68DC-48E8-BAD2-FCF35B2790C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-20] (Google Inc.)
Task: {377645D7-BADA-4E0E-AD5B-C7D00FEE7171} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4165335087-975643669-458432890-1000UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {3A6520B3-0426-44D3-B409-796B928DAB32} - System32\Tasks\{EF9E28E4-BEED-4229-8760-020756DA18C3} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {3FF042CC-586D-4653-8E50-3485D59F6B9F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {4025D84B-DA4C-44AE-923E-7CC6A0CD655E} - System32\Tasks\{93F49872-654E-438E-9457-172EA0309781} => C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Task: {45EF2C7E-71D1-4ED0-A13A-1BF2A768DBCB} - System32\Tasks\{DC4EA453-4ECE-4831-96CD-7EE3A2282ADC} => C:\AeriaGames\EdenEternal\aeria_launcher.exe [2012-02-17] (Aeria Games & Entertainment)
Task: {481EC8F6-E220-4A39-8D0E-9C07C6F2AA32} - System32\Tasks\LaunchApp => C:\Program Files\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {528AC02D-D334-4AB8-BD2B-78F8F839DA58} - System32\Tasks\FileAdvisorUpdate => C:\Program Files\File Type Advisor\fileadvisor.exe [2013-08-19] (File Type Advisor)
Task: {6435EE6F-CDC5-4CD0-A969-A9BB3C9BE48F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4165335087-975643669-458432890-1000Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {67349CB0-9F9D-4F4D-AC84-0B4FBDCE1198} - System32\Tasks\{7B007186-814F-435A-A7CD-69CD63A1639D} => C:\AeriaGames\EdenEternal\aeria_launcher.exe [2012-02-17] (Aeria Games & Entertainment)
Task: {6B075062-6B5A-4E41-A30C-F0042246B8F0} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {6B0E942B-0495-4EF7-AEDD-9569A16DA9FB} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe
Task: {74458643-781C-4690-A8D0-792BAAAB7F6F} - System32\Tasks\FileAdvisorCheck => C:\Program Files\File Type Advisor\file-type-advisor.exe [2013-08-19] (filetypeadvisor.com )
Task: {7EB660CE-8E8C-4552-9102-38BF0F931FB6} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {86908A13-EF76-44A2-9128-6CB4E28B1C03} - System32\Tasks\{D8D22849-AEE6-403E-8BF2-E57B7BAECE7E} => C:\Program Files\MostFun\SuperGranny3\SuperGranny3.exe
Task: {8B1D7F29-DEAE-4408-B06A-D4E32ED49061} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4165335087-975643669-458432890-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {8ED4C510-AC55-4E81-BAFE-7E14E3057FC3} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {9426C8C4-F48B-4F4B-BDC8-FA4AFC22FD1D} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-07-12] (Siber Systems)
Task: {9532703A-89D8-44B9-A93F-57991BCF286E} - System32\Tasks\SlimDrivers Startup => C:\Program Files\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {A846F772-2615-4772-9EFC-EEAAFF0E705B} - System32\Tasks\{7609A13F-987A-42CF-ACD7-2B486192D64D} => Chrome.exe http://ui.skype.com/...eligiblebrowser
Task: {BB56D7FE-84FE-4430-9291-DE31702A45EF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-01] (AVAST Software)
Task: {C2F37DB4-70B3-4512-A59C-D87535D45802} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4165335087-975643669-458432890-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {D2DC7330-6327-44D8-BC2F-7EB0D2699C25} - System32\Tasks\AWC Startup => C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
Task: {D642B505-8B33-4423-808B-6FC0A013B9DB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {D8BF779F-02BC-43F1-AFBC-B2FEF2E06E36} - System32\Tasks\Real Player online update program => C:\Program Files\Real\RealPlayer\update\realsched.exe
Task: {D9A2CB5D-65DA-4E56-92CC-7EA4A64D5E81} - System32\Tasks\{0547064D-DEF4-4974-9118-363654A9FDA8} => C:\AeriaGames\EdenEternal\aeria_launcher.exe [2012-02-17] (Aeria Games & Entertainment)
Task: {DCE555C0-C6A0-45C3-BAE9-7B8FAA34A6E5} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4165335087-975643669-458432890-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {DE22063C-A5B8-4A63-9AAC-7A4947C1E411} - System32\Tasks\RunAsStdUser Task => C:\Program Files\iWin Games\iWinGames.exe
Task: {E3E4BF41-77EE-46A8-9C03-E3B3AEF480F3} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform....GJKJMIBNKJHIKJ"
Task: {EA576C5D-754E-45F2-BFAF-EFC358395475} - System32\Tasks\{97A61C17-B5EE-4468-AEF4-97888E1CCB8F} => C:\AeriaGames\EdenEternal\aeria_launcher.exe [2012-02-17] (Aeria Games & Entertainment)
Task: {EDC6164A-1E23-4EDB-A508-1AD325B14F84} - System32\Tasks\{4448998A-9201-4534-B754-A54F4161D074} => C:\AeriaGames\EdenEternal\aeria_launcher.exe [2012-02-17] (Aeria Games & Entertainment)
Task: {F691F962-614B-4E3E-9D4E-A9309806F902} - System32\Tasks\{0CFBB036-AB2E-4437-820E-C84B27A05FC1} => C:\AeriaGames\EdenEternal\aeria_launcher.exe [2012-02-17] (Aeria Games & Entertainment)
Task: {FAC084F0-4C38-409D-80A1-37C4956E9370} - System32\Tasks\{BFD45D47-291B-4732-B969-BBA93DA76939} => C:\AeriaGames\EdenEternal\aeria_launcher.exe [2012-02-17] (Aeria Games & Entertainment)
Task: {FB21C170-BB29-4EF4-A5EB-0EE01CD13C6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-20] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files\SlimDrivers\SlimDrivers.exe
==================== Loaded Modules (whitelisted) =============
2014-08-01 15:08 - 2014-08-01 15:08 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-05 17:15 - 2014-08-05 17:15 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14080500\algo.dll
2014-08-08 12:13 - 2014-08-08 12:13 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14080800\algo.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2009-10-24 21:17 - 2007-09-21 03:34 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll
2011-11-21 20:59 - 2011-10-03 20:59 - 00027976 _____ () C:\Windows\System32\solidlocalmon.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-17 02:11 - 2014-05-17 02:11 - 00908584 _____ () C:\Program Files\Hotspot Shield\bin\af_proxy.dll
2014-05-17 02:37 - 2014-05-17 02:37 - 00506664 _____ () C:\Program Files\Hotspot Shield\bin\HssRep.dll
2014-05-17 00:34 - 2014-05-17 00:34 - 00430344 _____ () C:\Program Files\Hotspot Shield\bin\hsswd.exe
2014-08-01 15:08 - 2014-08-01 15:08 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2013-11-14 02:25 - 2013-11-14 02:25 - 04287536 _____ () C:\Program Files\Pando Networks\Media Booster\PMB.exe
2014-01-13 01:26 - 2014-03-07 22:39 - 03168576 _____ () C:\Users\User\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2012-02-01 15:03 - 2011-08-16 00:13 - 00802816 _____ () C:\Windows\system32\EditCtlsU.ocx
2014-08-07 23:36 - 2014-08-07 23:36 - 00043008 _____ () c:\users\user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8fi5_h.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows\system32\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\Windows\system32\zlib.dll:SummaryInformation
AlternateDataStreams: C:\Windows\system32\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\User\Downloads\poppy pic.jpg:com.dropbox.attributes
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OfficeSAS.lnk => C:\Windows\pss\OfficeSAS.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => c:\program files\common files\apple\apple application support\apsdaemon.exe
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: BCSSync => "c:\program files\microsoft office\office14\bcssync.exe" /delayservices
MSCONFIG\startupreg: DivXMediaServer => c:\program files\divx\divx media server\divxmediaserver.exe
MSCONFIG\startupreg: DivXUpdate => "c:\program files\divx\divx update\divxupdate.exe" /checknow
MSCONFIG\startupreg: FreeRAM XP => "c:\program files\yourware solutions\freeram xp pro\freeram xp pro.exe" -win
MSCONFIG\startupreg: GameXN GO => "c:\programdata\gamexn\gamexngo.exe" /startup
MSCONFIG\startupreg: iTunesHelper => c:\program files\itunes\ituneshelper.exe
MSCONFIG\startupreg: KiesPreload => c:\program files\samsung\kies\kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => c:\program files\samsung\kies\kiestrayagent.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
MSCONFIG\startupreg: QuickTime Task => "c:\program files\quicktime alternative\qttask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Spotify => "c:\users\user\appdata\roaming\spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => c:\users\user\appdata\roaming\spotify\data\spotifywebhelper.exe
==================== Faulty Device Manager Devices =============
Name: adfs
Description: adfs
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: adfs
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/08/2014 01:20:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/08/2014 01:20:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/08/2014 01:19:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/08/2014 01:19:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/08/2014 01:19:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/08/2014 01:18:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/08/2014 00:45:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/08/2014 00:45:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/08/2014 00:45:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/08/2014 00:45:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (08/08/2014 01:34:52 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (08/08/2014 01:34:52 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (08/08/2014 01:34:52 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (08/08/2014 01:34:52 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (08/08/2014 01:34:52 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (08/08/2014 01:32:49 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (08/08/2014 01:32:49 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (08/08/2014 01:32:49 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (08/08/2014 01:32:49 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (08/08/2014 01:32:49 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Microsoft Office Sessions:
=========================
Error: (08/08/2014 01:20:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\Users\User\AppData\Local\temp\7zSE2D4.tmp\WDM\vncutil64.exe
Error: (08/08/2014 01:20:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\Users\User\AppData\Local\temp\7zSE2D4.tmp\Vista64\vncutil64.exe
Error: (08/08/2014 01:19:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\Users\User\AppData\Local\temp\7zSE2D4.tmp\Vista64\RAVCpl64.exe
Error: (08/08/2014 01:19:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\Users\User\AppData\Local\temp\7zSE2D4.tmp\Vista64\RAVBg64.exe
Error: (08/08/2014 01:19:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\Users\User\AppData\Local\temp\7zSE2D4.tmp\Vista64\MaxxAudioControl64.exe
Error: (08/08/2014 01:18:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\keyscrambler\x64\KeyScrambler.exe
Error: (08/08/2014 00:45:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\Users\User\AppData\Local\temp\7zSE2D4.tmp\WDM\vncutil64.exe
Error: (08/08/2014 00:45:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\Users\User\AppData\Local\temp\7zSE2D4.tmp\Vista64\vncutil64.exe
Error: (08/08/2014 00:45:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\Users\User\AppData\Local\temp\7zSE2D4.tmp\Vista64\RAVCpl64.exe
Error: (08/08/2014 00:45:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\Users\User\AppData\Local\temp\7zSE2D4.tmp\Vista64\RAVBg64.exe
==================== Memory info ===========================
Percentage of memory in use: 43%
Total physical RAM: 3578.9 MB
Available physical RAM: 2017.01 MB
Total Pagefile: 7156.09 MB
Available Pagefile: 5597.31 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.63 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:224.73 GB) (Free:125.44 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive g: () (Fixed) (Total:73.36 GB) (Free:55.99 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 4C3F8CFC)
Partition 1: (Active) - (Size=225 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=73 GB) - (Type=07 NTFS)
==================== End Of Log ============================