Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Very slow Windows\IExplorer and Chrome [Solved]


  • This topic is locked This topic is locked

#1
tal5

tal5

    Member

  • Member
  • PipPip
  • 42 posts

Hello.

It seems that my computer acting very slow since two weeks ago, what I need to do? very slow Google Chrome and IE, and windows browser also acting very heavy. 

Any help will be blessed, I trusting you :)

Thanks in advance!!

 


  • 0

Advertisements


#2
tal5

tal5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

Any attention Please??


  • 0

#3
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hello and welcome to Geeks to Go! :welcome:

My name is Dan, and I'll be helping you with your issues. If someone else is helping you, either here or at another malware removal assistance site, please let me know so that I may direct my efforts to helping another user.  ALL staff here at Geeks To Go are volunteers; please keep that in mind if I don’t answer your post as quickly as you’d like. I give what time I can.  PLEASE be patient. ;)

I am currently in training, so there will be another person reviewing my work.  This may cause a bit of a delay in my responses, but on the positive side, you will have two sets of eyes reviewing your logs instead of one... :cool:
 

  • Please note that you should have Administrator rights to perform any fixes. Also note that multiple identity PC’s (family PC’s) can present a different problem; please tell me if your PC has more than one individual’s setting, but continue with the fix.
  • Before we proceed, you may wish to print these instructions for easy reference during the fix, although please be aware that many of the required URLs are hyperlinks in the blue names shown on your screen. Part of the fix may require you to be in Safe Mode, which might not allow you to access the internet, or my instructions.
  • Please understand that malware removal is a complicated, multi-step process.  Therefore please stay with me until I tell you that your system is clean.  Attempting malware removal or clean-up yourself will only extend the time it will take to get your system clean.  If you get stuck or have questions, please stop and ask so I can help you.
  • Be sure to back up any personal data files you need to keep (documents, photos, etc.) to a USB flash drive or external hard disk.  While every attempt will be made to precisely repair the infections on your computer, due to the complexity and unpredictability of malware clean-up, there is always a risk of data loss.
  • When posting logs, please Copy & Paste the log file contents into a reply.  Use multiple posts if necessary, but please do not attach them or post them on a file hosting site.

OK, now we can get started...

 

First

 

As an FYI, replying to or "bumping" your own posts only makes it less likely you will receive help, because we look for posts with no replies.  A post with one or more replies appears to have been responded to already... ;)  If you haven't received a response after 3 days, you can try posting in The Waiting Room.

 

This topic gives instructions on how things work here.  :)  I will need you to post some logs by following the below steps:

 

Next

 

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 

  • Right click on FRST on your Desktop and choose Run as Administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens, if asked, click Yes to disclaimer.
  • Make sure the Addition.txt check-box is checked.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste the contents of that log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste the contents of  that along with the FRST.txt into your reply.

 

 

 

 

 


  • 0

#4
tal5

tal5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

thanks, i will give you my reports later, do not close. 


  • 0

#5
tal5

tal5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

hello and thank you again for the reply- here are my first reports- 

 

the FRST :prop:  one- 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-08-2014 01
Ran by Tal (administrator) on TAL-PC on 31-08-2014 03:45:12
Running from C:\Users\Tal\Downloads
Platform: Microsoft Windows 7 Ultimate  (X86) OS Language: עברית (ישראל)‏
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(DT Soft Ltd) E:\Program Files\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Google Inc.) C:\Users\Tal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tal\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6265376 2008-07-24] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5187088 2014-08-11] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2640408 2014-08-30] ()
HKU\S-1-5-21-3579686740-1948245414-1388583087-1001\...\Run: [Google Update] => C:\Users\Tal\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-22] (Google Inc.)
HKU\S-1-5-21-3579686740-1948245414-1388583087-1001\...\Run: [DAEMON Tools Lite] => E:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKU\S-1-5-21-3579686740-1948245414-1388583087-1001\...\MountPoints2: {0e11ed53-afa4-11e0-8406-001fd0d54707} - H:\AUTORUN.EXE
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://il.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = he
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ynet.co.il/
SearchScopes: HKCU - DefaultScope {9E9F6E56-2C4C-412A-A8F5-00EF260A2962} URL = http://www.google.co...q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={EF63917F-8F81-4F45-9527-48631223000E}&mid=a852dbc529c4250ab22dee7d01b77686-11f619284a5c84eca1f1e817de7930dd4e9e0c3b&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-30 23:22:57&v=18.1.9.786&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9E9F6E56-2C4C-412A-A8F5-00EF260A2962} URL = http://www.google.co...q={searchTerms}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> E:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Secure Search\18.1.9.786\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.9.786\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefi...r_5.0.127.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...yri_4.5.1.0.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://bhome.bezeq....SetupClient.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
 
FireFox:
========
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-01-04]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Users\Tal\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U17) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Tal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\system32\npDeployJava1.dll No File
CHR CustomProfile: C:\Users\Tal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Tal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-06-17]
CHR Extension: (Google Wallet) - C:\Users\Tal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3244048 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-11] (AVG Technologies CZ, s.r.o.)
S3 BITCOMET_HELPER_SERVICE; E:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [660992 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-30] (AVG Secure Search)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [199960 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-30] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-07-16] (DT Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [17488 2011-09-30] (Windows ® 2000 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [17488 2011-09-30] (Windows ® 2000 DDK provider)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-14] (Microsoft Corporation)
U5 GVTDrv; C:\Windows\system32\Drivers\GVTDrv.sys [24944 2011-09-30] ()
S4 NVHDA; system32\drivers\nvhda32v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-31 03:45 - 2014-08-31 03:45 - 00015751 _____ () C:\Users\Tal\Downloads\FRST.txt
2014-08-31 03:44 - 2014-08-31 03:45 - 00000000 ____D () C:\FRST
2014-08-31 03:43 - 2014-08-31 03:43 - 01095680 _____ (Farbar) C:\Users\Tal\Downloads\FRST.exe
2014-08-30 23:23 - 2014-08-31 03:23 - 00000000 ____D () C:\Users\Tal\AppData\Local\AVG Secure Search
2014-08-30 23:23 - 2014-08-30 23:23 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-08-30 23:22 - 2014-08-30 23:22 - 00042784 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2014-08-30 23:22 - 2014-08-30 23:22 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-30 23:22 - 2014-08-30 23:22 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-08-30 23:22 - 2014-08-30 23:22 - 00000000 ____D () C:\Program Files\AVG Secure Search
2014-08-27 01:54 - 2014-08-27 01:54 - 00143216 _____ () C:\Windows\Minidump\082714-28002-01.dmp
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-31 03:45 - 2014-08-31 03:45 - 00015751 _____ () C:\Users\Tal\Downloads\FRST.txt
2014-08-31 03:45 - 2014-08-31 03:44 - 00000000 ____D () C:\FRST
2014-08-31 03:43 - 2014-08-31 03:43 - 01095680 _____ (Farbar) C:\Users\Tal\Downloads\FRST.exe
2014-08-31 03:40 - 2012-09-23 19:36 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001UA.job
2014-08-31 03:27 - 2012-04-08 23:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-31 03:23 - 2014-08-30 23:23 - 00000000 ____D () C:\Users\Tal\AppData\Local\AVG Secure Search
2014-08-31 03:04 - 2011-10-21 16:18 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-31 02:13 - 2011-01-01 01:49 - 01567204 _____ () C:\Windows\WindowsUpdate.log
2014-08-30 23:23 - 2014-08-30 23:23 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-08-30 23:22 - 2014-08-30 23:22 - 00042784 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2014-08-30 23:22 - 2014-08-30 23:22 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-30 23:22 - 2014-08-30 23:22 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-08-30 23:22 - 2014-08-30 23:22 - 00000000 ____D () C:\Program Files\AVG Secure Search
2014-08-30 23:22 - 2012-09-23 19:36 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001Core.job
2014-08-30 23:22 - 2011-10-21 16:18 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-30 23:21 - 2011-10-17 19:39 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-29 00:22 - 2014-06-17 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-29 00:22 - 2013-10-03 16:36 - 00000939 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-27 23:32 - 2009-07-14 07:34 - 00014016 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-27 23:32 - 2009-07-14 07:34 - 00014016 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-27 23:24 - 2013-07-31 11:12 - 00021376 _____ () C:\Windows\setupact.log
2014-08-27 23:24 - 2009-07-14 07:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-27 03:01 - 2013-09-27 02:02 - 00000000 ____D () C:\Users\Tal\Documents\FIFA 14
2014-08-27 01:54 - 2014-08-27 01:54 - 00143216 _____ () C:\Windows\Minidump\082714-28002-01.dmp
2014-08-27 01:54 - 2014-01-27 17:41 - 250060783 _____ () C:\Windows\MEMORY.DMP
2014-08-27 01:54 - 2012-06-06 14:20 - 00000000 ____D () C:\Windows\Minidump
2014-08-27 01:38 - 2011-10-01 06:20 - 00000000 ____D () C:\ProgramData\Origin
2014-08-15 23:43 - 2012-09-23 19:37 - 00002354 _____ () C:\Users\Tal\Desktop\Google Chrome.lnk
2014-08-02 18:44 - 2012-05-02 17:21 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
 
Some content of TEMP:
====================
C:\Users\Tal\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Tal\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-27 22:56
 
==================== End Of Log ============================
 
and the "Addition" - 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version:30-08-2014 01
Ran by Tal at 2014-08-31 03:45:42
Running from C:\Users\Tal\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
4500_G510gm_Help (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510gm (Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{3825F8BD-F784-6FBB-A5CD-857559148007}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AVG 2013 (Version: 13.0.2638 - AVG Technologies) Hidden
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4745 - AVG Technologies)
AVG 2014 (Version: 14.0.4015 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4577 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4745 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.1.9.786 - AVG Technologies)
Battlefield Heroes (HKLM\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
BitComet 1.35 (HKLM\...\BitComet) (Version: 1.35 - CometNetwork)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike (HKLM\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - )
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
Counter-Strike: Source Beta (HKLM\...\Steam App 260) (Version:  - )
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CSS FULL DZ [Oct 15 2007] v18.1 (HKLM\...\CSS FULL DZ [Oct 15 2007]) (Version: v18.1 - GrCs2Ek~)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Debugging Tools for Windows (HKLM\...\{F567DC55-F59A-4019-BBC3-9D12C5875487}) (Version: 6.5.3.8 - Microsoft Corporation)
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
EA.com Matchup (HKLM\...\{2F173C40-563E-11D4-89C5-0010ADDAAC33}) (Version:  - )
EA.com Update (HKLM\...\{9AB97F52-512B-43EF-AAEC-4825C17B32ED}) (Version:  - )
Easy Tune 6 B11.0630.1 (HKLM\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0630.1 (Version: 1.00.0000 - GIGABYTE) Hidden
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FIFA 13 (HKLM\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.1.0.0 - Electronic Arts)
FIFA 14 (HKLM\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
GPU Temp version 1.0 (HKLM\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Image Resizer for Windows (HKLM\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Image Resizer for Windows (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
join.me (HKCU\...\JoinMe) (Version: 1.14.0.132 - LogMeIn, Inc.)
K-Lite Codec Pack 9.7.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 9.7.0 - )
Malwarebytes Anti-Malware גירסה 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 HEB Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Compatibility Toolkit 5.6 (HKLM\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office Access MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Hebrew) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Russian) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Network (Version: 130.0.374.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Origin (HKLM\...\Origin) (Version: 9.0.13.2141 - Electronic Arts, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5672 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.0.11033_25 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.0.0.11033_25 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2300.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
גלריית התמונות של Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ערכת שפה של Microsoft .NET Framework 4.5 HEB (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1037) (Version: 4.5.50709 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Tal\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Tal\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
 
==================== Restore Points  =========================
 
20-07-2014 19:55:35 נקודת ביקורת מתוזמנת
30-07-2014 12:39:11 נקודת ביקורת מתוזמנת
30-07-2014 16:05:22 Windows Update
07-08-2014 19:34:10 נקודת ביקורת מתוזמנת
15-08-2014 20:38:39 נקודת ביקורת מתוזמנת
25-08-2014 08:18:28 נקודת ביקורת מתוזמנת
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 05:04 - 2014-05-12 13:18 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {034512C9-DAB7-4DAD-85FA-261B462887CB} - System32\Tasks\RealCreateProcessScheduledTask592623321S-1-5-21-3579686740-1948245414-1388583087-1001 => C:\Program Files\Real\RealPlayer\update\realsched.exe
Task: {066AF6D1-10B3-47B0-9377-8AC2B9324C8B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001UA => C:\Users\Tal\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-22] (Google Inc.)
Task: {12D5E9F1-F36A-4A6E-87BE-AFA2A07BD35E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-21] (Google Inc.)
Task: {130B5DED-1960-4DB5-B2D4-A511F0D98C98} - System32\Tasks\{61255D31-CEDF-40D1-87E0-412897187C17} => E:\Program Files\EA SPORTS\FIFA 2002\fifa2002.exe
Task: {3005F8EC-CF0A-4975-8CA0-35B010CF5BBE} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3579686740-1948245414-1388583087-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {428F2437-5796-420E-84D9-F5A67DDF9E66} - System32\Tasks\{43EC1AD6-6AD1-4EDA-8775-97BB3CBA0E4F} => E:\keen\keen1\keen1\KEEN1.EXE [1998-10-17] ()
Task: {6887D8C4-FD0E-4F03-93A7-79BE694393B8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001Core => C:\Users\Tal\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-22] (Google Inc.)
Task: {BC83CB1D-80DE-4760-BA9C-3207A31833AA} - System32\Tasks\{42323D30-C6FC-47E6-9476-4E1610D7FC7C} => E:\keen\keen1\keen1\KEEN1.EXE [1998-10-17] ()
Task: {D989273E-B6CA-4DAC-B8F5-EFAA2E0A126C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-21] (Google Inc.)
Task: {DF2ACAF7-B6A4-46B7-9219-A65ABBDEECBA} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3579686740-1948245414-1388583087-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {E223D02C-23D6-4923-88E5-868992CE70FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001Core.job => C:\Users\Tal\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001UA.job => C:\Users\Tal\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-01-03 19:53 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2014-08-30 23:22 - 2014-08-30 23:22 - 01654296 _____ () C:\Program Files\AVG Secure Search\TBAPI.dll
2014-08-30 23:22 - 2014-08-30 23:22 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2014-08-30 23:22 - 2014-08-30 23:22 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2014-08-30 23:22 - 2014-08-30 23:22 - 02640408 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2014-08-15 23:43 - 2014-08-07 06:20 - 00718152 _____ () C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-15 23:43 - 2014-08-07 06:20 - 00126280 _____ () C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-15 23:43 - 2014-08-07 06:20 - 08537928 _____ () C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 23:43 - 2014-08-07 06:20 - 00353096 _____ () C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 23:43 - 2014-08-07 06:20 - 01732936 _____ () C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Tal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FIFA 11 Registration.lnk => C:\Windows\pss\FIFA 11 Registration.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: BitComet => "E:\Program Files\BitComet\BitComet.exe" /tray
MSCONFIG\startupreg: DAEMON Tools Lite => "E:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EasyTune => "C:\Program Files\GIGABYTE\ET6\ETCall.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Tal\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: KiesHelper => C:\Program Files\Samsung\Kies\KiesHelper.exe /s
MSCONFIG\startupreg: KiesPDLR => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Steam => "D:\Program Files\Steam\steam.exe" -silent
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/30/2014 11:22:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.2.183.21, חותמת זמן: 0x4b95e661
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x00034190
מזהה תהליך שחלות בו תקלות: 0xac4
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
Error: (08/30/2014 11:22:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.3.21.103, חותמת זמן: 0x4f3c6d6c
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x00034190
מזהה תהליך שחלות בו תקלות: 0x1734
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
Error: (08/29/2014 00:29:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.3.21.103, חותמת זמן: 0x4f3c6d6c
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x00034190
מזהה תהליך שחלות בו תקלות: 0x15e4
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
Error: (08/29/2014 00:27:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.2.183.21, חותמת זמן: 0x4b95e661
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x00034190
מזהה תהליך שחלות בו תקלות: 0x13e4
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
Error: (08/27/2014 10:19:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.2.183.21, חותמת זמן: 0x4b95e661
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x00034190
מזהה תהליך שחלות בו תקלות: 0x6f0
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
Error: (08/25/2014 10:46:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.3.21.103, חותמת זמן: 0x4f3c6d6c
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x00034190
מזהה תהליך שחלות בו תקלות: 0xc8c
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
Error: (08/24/2014 01:54:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.3.21.103, חותמת זמן: 0x4f3c6d6c
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x00034190
מזהה תהליך שחלות בו תקלות: 0xc4c
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
Error: (08/22/2014 08:06:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.3.21.103, חותמת זמן: 0x4f3c6d6c
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x00034190
מזהה תהליך שחלות בו תקלות: 0x1668
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
Error: (08/22/2014 08:04:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.2.183.21, חותמת זמן: 0x4b95e661
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x00034190
מזהה תהליך שחלות בו תקלות: 0x484
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
Error: (08/17/2014 01:35:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.2.183.21, חותמת זמן: 0x4b95e661
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x0005ea89
מזהה תהליך שחלות בו תקלות: 0x1054
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
 
System errors:
=============
Error: (08/27/2014 10:12:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות Netman.
 
Error: (08/27/2014 01:54:23 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000000a (0x00000028, 0x00000002, 0x00000001, 0x832681b9)C:\Windows\MEMORY.DMP082714-28002-01
 
Error: (08/27/2014 01:54:11 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 01:52:11 on ‎27/‎08/‎2014 was unexpected.
 
Error: (08/27/2014 00:16:11 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות Netman.
 
Error: (08/26/2014 08:53:51 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות ShellHWDetection.
 
Error: (08/20/2014 06:19:01 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות Netman.
 
Error: (08/17/2014 01:25:45 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות Netman.
 
Error: (08/14/2014 03:12:39 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות ShellHWDetection.
 
Error: (08/13/2014 01:57:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות Netman.
 
Error: (08/12/2014 00:24:19 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות Netman.
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU E7400 @ 2.80GHz
Percentage of memory in use: 36%
Total physical RAM: 3326.49 MB
Available physical RAM: 2096.18 MB
Total Pagefile: 6651.26 MB
Available Pagefile: 4747.65 MB
Total Virtual: 2047.88 MB
Available Virtual: 1888.54 MB
 
==================== Drives ================================
 
Drive c: (Vol1) (Fixed) (Total:175.78 GB) (Free:132.01 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Vol2) (Fixed) (Total:195.31 GB) (Free:168.54 GB) NTFS
Drive e: (Vol3) (Fixed) (Total:225.07 GB) (Free:178.35 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 4A894A89)
Partition 1: (Active) - (Size=175.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=420.4 GB) - (Type=OF Extended)
 
==================== End Of Log ============================
 
can you please explain what that reports mean? 

Edited by tal5, 30 August 2014 - 06:58 PM.

  • 0

#6
tal5

tal5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

bump again...


  • 0

#7
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hi tal5.  Please allow a couple of days for a response. 

 

I have seen that you posted logs and need some time to properly research your situation and get approval before posting back here.

 

Please be patient.  :whistling:


  • 0

#8
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hello tal5, and thanks for your patience.

 

First

 

Please answer the following question for me:

  1. Do you know why there are two Program Files folder locations (C:\Program Files and E:\Program Files) on your system?  Did you install software this way?

Step 2

 

Please uninstall the following programs from your system:

  1. MyFreeCodec
  2. Java 7 Update 45

Step 3

 

Remove DAEMON Tools:

DAEMON Tools can demonstrate rootkit behavior, and interfere with malware cleanup.  Please download the SPTD standalone installer from Duplex Secure:

32-bit: http://www.duplexsec...st-v186-x86.exe

Run it and choose Uninstall.  If you want to resume using it after we're done, you can easily reinstall it, but please keep from using it until we're all done here.

 

Step 4

 

You have BitComet P2P Software installed and running.  While this software may have been intentionally installed on the system, and the program itself may be safe, the files shared with these programs often carry an unknown malware payload.  

Besides installing malware,  the use of these programs can expose sensitive information beloning to you or your employer to the Internet, make your system vulnerable to unwanted attacks by exploiting known security issues, block your Internet access, and can possibly subject you to copyright infringement prosecution.

If you do decice to keep any P2P programs, please uninstall them until after we've finished and your system is declared clean.

You can read more about the risks of using P2P software at these links:

 

 

Step 5

 

You have traces of 5 different AVG versions on your system.  Let's clean that up, and try a different Anti-Virus program to see if that is less resource-intensive on your system. 

 

First, download the Avast! Anti-Virus install program from here, but don't run it just yet.

 

Then, please download and run the following AVG Uninstallers and run them in this order.  If prompted to reboot, please do this and resume the steps afterwards:

  1. AVG Remover(32bit) 2014
  2. AVG Remover(32bit) 2013

 

Step 6

 

Install Avast! Anti-Virus from the installer you downloaded earlier.

 

Finally

 

Please download a new copy of the Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click on FRST on your Desktop and choose Run as Administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens, if asked, click Yes to disclaimer.
Download attached fixlist.txt file and save it to your Desktop.

 

Attached File  fixlist.txt   4.22KB   116 downloads

 

(NOTE. It's important that both files, FRST/FRST64 and fixlist.txt, are in the same location or the fix will not work.)

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Run FRST/FRST64 and press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally.  After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt).

 

 

Please post the contents of that log file to your next reply.

 


  • 0

#9
tal5

tal5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

First-

The others program files folders are because I created them, not because something else

 

Step 2

 

Please uninstall the following programs from your system:

  1. MyFreeCodec- Done
  2. Java 7 Update 45- At the ending there was an DLL error- what thats mean???

 

 

Step 3

 

Remove DAEMON Tools:

DAEMON Tools can demonstrate rootkit behavior, and interfere with malware cleanup.  Please download the SPTD standalone installer from Duplex Secure:

32-bit: http://www.duplexsec...st-v186-x86.exe

Run it and choose Uninstall.  - This option was disable. I removed it via Control panel.

 

and- the report- 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:31-08-2014 02
Ran by Tal at 2014-09-02 00:07:03 Run:1
Running from C:\Users\Tal\Downloads\FRST
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-3579686740-1948245414-1388583087-1001\...\MountPoints2: {0e11ed53-afa4-11e0-8406-001fd0d54707} - H:\AUTORUN.EXE
BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> E:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
S4 NVHDA; system32\drivers\nvhda32v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
C:\Windows\system32\Drivers\nvhda32v.sys
C:\Windows\system32\Drivers\nvlddmkm.sys
2014-08-27 23:32 - 2009-07-14 07:34 - 00014016 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-27 23:32 - 2009-07-14 07:34 - 00014016 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
Task: {034512C9-DAB7-4DAD-85FA-261B462887CB} - System32\Tasks\RealCreateProcessScheduledTask592623321S-1-5-21-3579686740-1948245414-1388583087-1001 => C:\Program Files\Real\RealPlayer\update\realsched.exe
Task: {066AF6D1-10B3-47B0-9377-8AC2B9324C8B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001UA => C:\Users\Tal\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-22] (Google Inc.)
Task: {12D5E9F1-F36A-4A6E-87BE-AFA2A07BD35E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-21] (Google Inc.)
Task: {130B5DED-1960-4DB5-B2D4-A511F0D98C98} - System32\Tasks\{61255D31-CEDF-40D1-87E0-412897187C17} => E:\Program Files\EA SPORTS\FIFA 2002\fifa2002.exe
Task: {3005F8EC-CF0A-4975-8CA0-35B010CF5BBE} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3579686740-1948245414-1388583087-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {428F2437-5796-420E-84D9-F5A67DDF9E66} - System32\Tasks\{43EC1AD6-6AD1-4EDA-8775-97BB3CBA0E4F} => E:\keen\keen1\keen1\KEEN1.EXE [1998-10-17] ()
Task: {6887D8C4-FD0E-4F03-93A7-79BE694393B8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001Core => C:\Users\Tal\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-22] (Google Inc.)
Task: {BC83CB1D-80DE-4760-BA9C-3207A31833AA} - System32\Tasks\{42323D30-C6FC-47E6-9476-4E1610D7FC7C} => E:\keen\keen1\keen1\KEEN1.EXE [1998-10-17] ()
Task: {D989273E-B6CA-4DAC-B8F5-EFAA2E0A126C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-21] (Google Inc.)
Task: {DF2ACAF7-B6A4-46B7-9219-A65ABBDEECBA} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3579686740-1948245414-1388583087-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
EmptyTemp:
*****************
 
"HKU\S-1-5-21-3579686740-1948245414-1388583087-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0e11ed53-afa4-11e0-8406-001fd0d54707}" => Key deleted successfully.
"HKCR\CLSID\{0e11ed53-afa4-11e0-8406-001fd0d54707}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}" => Key not found.
"HKCR\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
"HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
"HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\linkscanner" => Key not found.
"HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => Key not found.
NVHDA => Service deleted successfully.
nvlddmkm => Service deleted successfully.
"C:\Windows\system32\Drivers\nvhda32v.sys" => File/Directory not found.
"C:\Windows\system32\Drivers\nvlddmkm.sys" => File/Directory not found.
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 => Moved successfully.
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 => Moved successfully.
"HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}" => Key deleted successfully.
"HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.
"HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}" => Key deleted successfully.
"HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}" => Key deleted successfully.
"HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}" => Key deleted successfully.
"HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}" => Key deleted successfully.
"HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{034512C9-DAB7-4DAD-85FA-261B462887CB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{034512C9-DAB7-4DAD-85FA-261B462887CB}" => Key deleted successfully.
C:\Windows\System32\Tasks\RealCreateProcessScheduledTask592623321S-1-5-21-3579686740-1948245414-1388583087-1001 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealCreateProcessScheduledTask592623321S-1-5-21-3579686740-1948245414-1388583087-1001" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{066AF6D1-10B3-47B0-9377-8AC2B9324C8B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{066AF6D1-10B3-47B0-9377-8AC2B9324C8B}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001UA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001UA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12D5E9F1-F36A-4A6E-87BE-AFA2A07BD35E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12D5E9F1-F36A-4A6E-87BE-AFA2A07BD35E}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{130B5DED-1960-4DB5-B2D4-A511F0D98C98}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{130B5DED-1960-4DB5-B2D4-A511F0D98C98}" => Key deleted successfully.
C:\Windows\System32\Tasks\{61255D31-CEDF-40D1-87E0-412897187C17} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{61255D31-CEDF-40D1-87E0-412897187C17}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3005F8EC-CF0A-4975-8CA0-35B010CF5BBE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3005F8EC-CF0A-4975-8CA0-35B010CF5BBE}" => Key deleted successfully.
C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3579686740-1948245414-1388583087-1001 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3579686740-1948245414-1388583087-1001" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{428F2437-5796-420E-84D9-F5A67DDF9E66}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{428F2437-5796-420E-84D9-F5A67DDF9E66}" => Key deleted successfully.
C:\Windows\System32\Tasks\{43EC1AD6-6AD1-4EDA-8775-97BB3CBA0E4F} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{43EC1AD6-6AD1-4EDA-8775-97BB3CBA0E4F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6887D8C4-FD0E-4F03-93A7-79BE694393B8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6887D8C4-FD0E-4F03-93A7-79BE694393B8}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001Core => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001Core" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC83CB1D-80DE-4760-BA9C-3207A31833AA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC83CB1D-80DE-4760-BA9C-3207A31833AA}" => Key deleted successfully.
C:\Windows\System32\Tasks\{42323D30-C6FC-47E6-9476-4E1610D7FC7C} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{42323D30-C6FC-47E6-9476-4E1610D7FC7C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D989273E-B6CA-4DAC-B8F5-EFAA2E0A126C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D989273E-B6CA-4DAC-B8F5-EFAA2E0A126C}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF2ACAF7-B6A4-46B7-9219-A65ABBDEECBA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF2ACAF7-B6A4-46B7-9219-A65ABBDEECBA}" => Key deleted successfully.
C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3579686740-1948245414-1388583087-1001 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3579686740-1948245414-1388583087-1001" => Key deleted successfully.
EmptyTemp: => Removed 609.5 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

  • 0

#10
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Thank you.

 

 

Run it and choose Uninstall.  - This option was disable. I removed it via Control panel.

OK

 

What happened to Steps 4 and 5?  Those are important.  Did you have any questions about the instructions I posted?

 

If BitComet or other P2P programs (Step 4) are running, I'm afraid I may not be allowed to continue to help you. 

 

The AVG cleanup step (Step 5) is required because there are components present on your system from different versions.  There are also a LOT of background processes and activity present with AVG, and I've heard that there have been an increasing number of complaints about system slow-downs with AVG lately.  I'd like you to try Avast! FREE Anti-Virus instead to see if that improves your system slowdown issues.


  • 0

Advertisements


#11
tal5

tal5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

Step 4

 

BitComet P2P Software - Removed before I upload my log, I dunno why It still working...

Step 5

 

 

  1. AVG Remover(32bit) 2014- I tried to delete it but as you said- many resets...
  2. AVG Remover(32bit) 2013- removed... 

 

I dont know why you still see the process from those programs.. 

Maybe there is another solution?? 


  • 0

#12
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hi tal5,

 

I haven't seen a new log yet to tell me whether or not BitComet and AVG were removed.  Those entries were in the initial log you posted above in Post # 5. I was just asking about those steps since it seemed like you might have missed them. :)

 

A few more questions for you:

  1. So you were successful in uninstalling BitComet and AVG?
  2. Have you installed Avast and updated it?  If you haven't installed it yet, here's a direct download link for Avast Free Anti-Virus. Please try installing it, but only if AVG has been completely uninstalled..
  3. How is the system running now?

  • 0

#13
tal5

tal5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

 

Hi tal5,

 

I haven't seen a new log yet to tell me whether or not BitComet and AVG were removed.  Those entries were in the initial log you posted above in Post # 5. I was just asking about those steps since it seemed like you might have missed them. :)

 

A few more questions for you:

  1. So you were successful in uninstalling BitComet and AVG? YES, there is no AVG on Add\Remove programs
  2. Have you installed Avast and updated it? YES

 

 

 

Let me check how my computer works now, I'll give you my report later. 

Thank you very much until now!!!   :spoton:


Edited by tal5, 02 September 2014 - 02:27 PM.

  • 0

#14
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Thank you for the feedback.  I'd like to get a new set of logs please:
 
 
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click on FRST on your Desktop and choose Run as Administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens, if asked, click Yes to disclaimer.
  • Make sure the Addition.txt check-box is checked.
  • Press Scan button.
  • It will produce two logs called FRST.txt and Addition.txt in the same directory the tool is run from.
  • Please copy and paste the contents of both of those logs back here.

  • 0

#15
tal5

tal5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

FRST log- 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2014
Ran by Tal (administrator) on TAL-PC on 03-09-2014 16:12:15
Running from C:\Users\Tal\Downloads
Platform: Microsoft Windows 7 Ultimate  (X86) OS Language: עברית (ישראל)‏
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Users\Tal\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Users\Tal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tal\AppData\Local\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Tal\Downloads\FRST (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6265376 2008-07-24] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [vProt] => "C:\Program Files\AVG Secure Search\vprot.exe"
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-01] (AVAST Software)
HKU\S-1-5-21-3579686740-1948245414-1388583087-1001\...\Run: [Google Update] => C:\Users\Tal\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-22] (Google Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://il.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = he
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ynet.co.il/
SearchScopes: HKCU - DefaultScope {9E9F6E56-2C4C-412A-A8F5-00EF260A2962} URL = http://www.google.co...q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={EF63917F-8F81-4F45-9527-48631223000E}&mid=a852dbc529c4250ab22dee7d01b77686-11f619284a5c84eca1f1e817de7930dd4e9e0c3b&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-30 23:22:57&v=18.1.9.799&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9E9F6E56-2C4C-412A-A8F5-00EF260A2962} URL = http://www.google.co...q={searchTerms}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefi...r_5.0.127.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...yri_4.5.1.0.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://bhome.bezeq....SetupClient.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
 
FireFox:
========
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-01-04]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-01]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Users\Tal\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U17) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Tal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\system32\npDeployJava1.dll No File
CHR CustomProfile: C:\Users\Tal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Tal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-06-17]
CHR Extension: (Google Wallet) - C:\Users\Tal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-01]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-01] (AVAST Software)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [660992 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-30] (AVG Secure Search)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-09-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-09-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-09-01] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-09-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-09-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-09-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-09-01] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-09-01] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-30] (AVG Technologies)
S3 etdrv; C:\Windows\etdrv.sys [17488 2011-09-30] (Windows ® 2000 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [17488 2011-09-30] (Windows ® 2000 DDK provider)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-14] (Microsoft Corporation)
U5 GVTDrv; C:\Windows\system32\Drivers\GVTDrv.sys [24944 2011-09-30] ()
S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-03 16:09 - 2014-09-03 16:09 - 01096704 _____ (Farbar) C:\Users\Tal\Downloads\FRST (1).exe
2014-09-02 16:40 - 2014-09-02 16:40 - 00000017 _____ () C:\Users\Tal\AppData\Local\resmon.resmoncfg
2014-09-02 00:10 - 2014-09-02 16:55 - 00005984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-02 00:10 - 2014-09-02 16:55 - 00005984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-02 00:10 - 2014-09-02 00:10 - 00000552 _____ () C:\Windows\system32\spsys.log
2014-09-01 23:57 - 2014-09-02 00:07 - 00000000 ____D () C:\Users\Tal\Downloads\FRST
2014-09-01 23:47 - 2014-09-01 23:47 - 00002127 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-01 23:47 - 2014-09-01 23:47 - 00000000 ____D () C:\Users\Tal\AppData\Roaming\AVAST Software
2014-09-01 23:47 - 2014-09-01 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-01 23:46 - 2014-09-01 23:46 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-01 23:46 - 2014-09-01 23:46 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-01 23:46 - 2014-09-01 23:46 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-01 23:46 - 2014-09-01 23:46 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-01 23:46 - 2014-09-01 23:46 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-01 23:46 - 2014-09-01 23:46 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-01 23:46 - 2014-09-01 23:46 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-01 23:46 - 2014-09-01 23:46 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-01 23:46 - 2014-09-01 23:46 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-01 23:46 - 2014-09-01 23:46 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-01 23:45 - 2014-09-01 23:45 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-01 23:44 - 2014-09-01 23:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-01 23:43 - 2014-09-01 23:43 - 03529160 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tal\Downloads\avg_remover_stf_x86_2013_3341 (1).exe
2014-09-01 23:39 - 2014-09-01 23:43 - 00758534 _____ () C:\Users\Tal\Downloads\avgremover.log
2014-09-01 23:39 - 2014-09-01 23:39 - 04862664 _____ (AVAST Software) C:\Users\Tal\Downloads\avast_free_antivirus_setup_online.exe
2014-09-01 23:39 - 2014-09-01 23:39 - 03529160 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tal\Downloads\avg_remover_stf_x86_2013_3341.exe
2014-09-01 23:39 - 2014-09-01 23:39 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tal\Downloads\avg_remover_stf_x86_2014_4116.exe
2014-09-01 23:18 - 2014-09-01 23:18 - 00522360 _____ (Duplex Secure Ltd.) C:\Users\Tal\Downloads\SPTDinst-v186-x86.exe
2014-08-31 03:45 - 2014-09-03 16:12 - 00014107 _____ () C:\Users\Tal\Downloads\FRST.txt
2014-08-31 03:45 - 2014-08-31 03:46 - 00038813 _____ () C:\Users\Tal\Downloads\Addition.txt
2014-08-31 03:44 - 2014-09-03 16:12 - 00000000 ____D () C:\FRST
2014-08-31 03:43 - 2014-08-31 03:43 - 01095680 _____ (Farbar) C:\Users\Tal\Downloads\FRST.exe
2014-08-30 23:23 - 2014-08-31 03:23 - 00000000 ____D () C:\Users\Tal\AppData\Local\AVG Secure Search
2014-08-30 23:22 - 2014-09-01 23:40 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-30 23:22 - 2014-08-30 23:22 - 00042784 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2014-08-30 23:22 - 2014-08-30 23:22 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-08-27 01:54 - 2014-08-27 01:54 - 00143216 _____ () C:\Windows\Minidump\082714-28002-01.dmp
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-03 16:12 - 2014-08-31 03:45 - 00014107 _____ () C:\Users\Tal\Downloads\FRST.txt
2014-09-03 16:12 - 2014-08-31 03:44 - 00000000 ____D () C:\FRST
2014-09-03 16:09 - 2014-09-03 16:09 - 01096704 _____ (Farbar) C:\Users\Tal\Downloads\FRST (1).exe
2014-09-03 16:08 - 2012-04-08 23:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-03 16:08 - 2011-01-01 01:49 - 01599575 _____ () C:\Windows\WindowsUpdate.log
2014-09-02 16:55 - 2014-09-02 00:10 - 00005984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-02 16:55 - 2014-09-02 00:10 - 00005984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-02 16:40 - 2014-09-02 16:40 - 00000017 _____ () C:\Users\Tal\AppData\Local\resmon.resmoncfg
2014-09-02 00:40 - 2013-07-31 11:12 - 00021824 _____ () C:\Windows\setupact.log
2014-09-02 00:40 - 2009-07-14 07:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-02 00:10 - 2014-09-02 00:10 - 00000552 _____ () C:\Windows\system32\spsys.log
2014-09-02 00:08 - 2013-07-31 11:12 - 00122854 _____ () C:\Windows\PFRO.log
2014-09-02 00:07 - 2014-09-01 23:57 - 00000000 ____D () C:\Users\Tal\Downloads\FRST
2014-09-02 00:04 - 2011-10-21 16:18 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-01 23:47 - 2014-09-01 23:47 - 00002127 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-01 23:47 - 2014-09-01 23:47 - 00000000 ____D () C:\Users\Tal\AppData\Roaming\AVAST Software
2014-09-01 23:47 - 2014-09-01 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-01 23:46 - 2014-09-01 23:46 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-01 23:46 - 2014-09-01 23:46 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-01 23:46 - 2014-09-01 23:46 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-01 23:46 - 2014-09-01 23:46 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-01 23:46 - 2014-09-01 23:46 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-01 23:46 - 2014-09-01 23:46 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-01 23:46 - 2014-09-01 23:46 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-01 23:46 - 2014-09-01 23:46 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-01 23:46 - 2014-09-01 23:46 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-01 23:46 - 2014-09-01 23:46 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-01 23:45 - 2014-09-01 23:45 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-01 23:45 - 2014-09-01 23:44 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-01 23:43 - 2014-09-01 23:43 - 03529160 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tal\Downloads\avg_remover_stf_x86_2013_3341 (1).exe
2014-09-01 23:43 - 2014-09-01 23:39 - 00758534 _____ () C:\Users\Tal\Downloads\avgremover.log
2014-09-01 23:42 - 2011-10-21 16:18 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-01 23:40 - 2014-08-30 23:22 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-09-01 23:40 - 2012-09-23 19:36 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001UA.job
2014-09-01 23:39 - 2014-09-01 23:39 - 04862664 _____ (AVAST Software) C:\Users\Tal\Downloads\avast_free_antivirus_setup_online.exe
2014-09-01 23:39 - 2014-09-01 23:39 - 03529160 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tal\Downloads\avg_remover_stf_x86_2013_3341.exe
2014-09-01 23:39 - 2014-09-01 23:39 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tal\Downloads\avg_remover_stf_x86_2014_4116.exe
2014-09-01 23:18 - 2014-09-01 23:18 - 00522360 _____ (Duplex Secure Ltd.) C:\Users\Tal\Downloads\SPTDinst-v186-x86.exe
2014-09-01 13:51 - 2011-10-01 06:20 - 00000000 ____D () C:\ProgramData\Origin
2014-09-01 05:17 - 2013-09-27 02:02 - 00000000 ____D () C:\Users\Tal\Documents\FIFA 14
2014-08-31 16:40 - 2012-09-23 19:36 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001Core.job
2014-08-31 03:46 - 2014-08-31 03:45 - 00038813 _____ () C:\Users\Tal\Downloads\Addition.txt
2014-08-31 03:43 - 2014-08-31 03:43 - 01095680 _____ (Farbar) C:\Users\Tal\Downloads\FRST.exe
2014-08-31 03:23 - 2014-08-30 23:23 - 00000000 ____D () C:\Users\Tal\AppData\Local\AVG Secure Search
2014-08-30 23:22 - 2014-08-30 23:22 - 00042784 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2014-08-30 23:22 - 2014-08-30 23:22 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-08-27 01:54 - 2014-08-27 01:54 - 00143216 _____ () C:\Windows\Minidump\082714-28002-01.dmp
2014-08-27 01:54 - 2014-01-27 17:41 - 250060783 _____ () C:\Windows\MEMORY.DMP
2014-08-27 01:54 - 2012-06-06 14:20 - 00000000 ____D () C:\Windows\Minidump
2014-08-25 06:53 - 2011-01-01 03:01 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-15 23:43 - 2012-09-23 19:37 - 00002354 _____ () C:\Users\Tal\Desktop\Google Chrome.lnk
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-27 22:56
 
==================== End Of Log ============================
 
Addition Log-
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-09-2014
Ran by Tal at 2014-09-03 16:12:45
Running from C:\Users\Tal\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
4500_G510gm_Help (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510gm (Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{3825F8BD-F784-6FBB-A5CD-857559148007}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battlefield Heroes (HKLM\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike (HKLM\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - )
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
Counter-Strike: Source Beta (HKLM\...\Steam App 260) (Version:  - )
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CSS FULL DZ [Oct 15 2007] v18.1 (HKLM\...\CSS FULL DZ [Oct 15 2007]) (Version: v18.1 - GrCs2Ek~)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Debugging Tools for Windows (HKLM\...\{F567DC55-F59A-4019-BBC3-9D12C5875487}) (Version: 6.5.3.8 - Microsoft Corporation)
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
EA.com Matchup (HKLM\...\{2F173C40-563E-11D4-89C5-0010ADDAAC33}) (Version:  - )
EA.com Update (HKLM\...\{9AB97F52-512B-43EF-AAEC-4825C17B32ED}) (Version:  - )
Easy Tune 6 B11.0630.1 (HKLM\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0630.1 (Version: 1.00.0000 - GIGABYTE) Hidden
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FIFA 13 (HKLM\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.1.0.0 - Electronic Arts)
FIFA 14 (HKLM\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
GPU Temp version 1.0 (HKLM\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Image Resizer for Windows (HKLM\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Image Resizer for Windows (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
join.me (HKCU\...\JoinMe) (Version: 1.14.0.132 - LogMeIn, Inc.)
K-Lite Codec Pack 9.7.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 9.7.0 - )
Malwarebytes Anti-Malware גירסה 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 HEB Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Compatibility Toolkit 5.6 (HKLM\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office Access MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Hebrew) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Russian) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Hebrew) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
Network (Version: 130.0.374.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Origin (HKLM\...\Origin) (Version: 9.0.13.2141 - Electronic Arts, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5672 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.0.11033_25 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.0.0.11033_25 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2300.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
גלריית התמונות של Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ערכת שפה של Microsoft .NET Framework 4.5 HEB (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1037) (Version: 4.5.50709 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Tal\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Tal\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3579686740-1948245414-1388583087-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tal\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
 
==================== Restore Points  =========================
 
30-07-2014 12:39:11 נקודת ביקורת מתוזמנת
30-07-2014 16:05:22 Windows Update
07-08-2014 19:34:10 נקודת ביקורת מתוזמנת
15-08-2014 20:38:39 נקודת ביקורת מתוזמנת
25-08-2014 08:18:28 נקודת ביקורת מתוזמנת
01-09-2014 20:14:48 Removed Java 7 Update 45
01-09-2014 20:18:45 SPTD setup V1.86
01-09-2014 20:45:19 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 05:04 - 2014-05-12 13:18 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {7031048E-07F6-434A-8FE5-10F67EA5D677} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-01] (AVAST Software)
Task: {E223D02C-23D6-4923-88E5-868992CE70FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001Core.job => C:\Users\Tal\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3579686740-1948245414-1388583087-1001UA.job => C:\Users\Tal\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-09-01 23:46 - 2014-09-01 23:46 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-01 23:46 - 2014-09-01 23:46 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\14090102\algo.dll
2014-09-03 16:08 - 2014-09-03 16:08 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\14090300\algo.dll
2014-08-30 23:22 - 2014-08-30 23:22 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2014-08-30 23:22 - 2014-08-30 23:22 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2011-01-03 19:53 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2014-09-01 23:46 - 2014-09-01 23:46 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-15 23:43 - 2014-08-07 06:20 - 00718152 _____ () C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-15 23:43 - 2014-08-07 06:20 - 00126280 _____ () C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-15 23:43 - 2014-08-07 06:20 - 08537928 _____ () C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 23:43 - 2014-08-07 06:20 - 00353096 _____ () C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 23:43 - 2014-08-07 06:20 - 01732936 _____ () C:\Users\Tal\AppData\Local\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Tal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FIFA 11 Registration.lnk => C:\Windows\pss\FIFA 11 Registration.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: BitComet => "E:\Program Files\BitComet\BitComet.exe" /tray
MSCONFIG\startupreg: DAEMON Tools Lite => "E:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EasyTune => "C:\Program Files\GIGABYTE\ET6\ETCall.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Tal\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: KiesHelper => C:\Program Files\Samsung\Kies\KiesHelper.exe /s
MSCONFIG\startupreg: KiesPDLR => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Steam => "D:\Program Files\Steam\steam.exe" -silent
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/01/2014 11:45:17 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, ‏‏הגישה נדחתה.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
פעולה:
   אוסף נתוני כותב
 
הקשר:
   מזהה מחלקה של כותב: {e8132975-6f93-4464-a53e-1050253ae220}
   שם כותב: System Writer
   מזהה מופע של כותב: {b9368cf9-0928-4acb-9ca9-852b495fc243}
 
Error: (09/01/2014 11:18:44 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, ‏‏הגישה נדחתה.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
פעולה:
   אוסף נתוני כותב
 
הקשר:
   מזהה מחלקה של כותב: {e8132975-6f93-4464-a53e-1050253ae220}
   שם כותב: System Writer
   מזהה מופע של כותב: {8c841032-1779-4067-9386-db8d80670a9e}
 
Error: (09/01/2014 00:28:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: vprot.exe, גירסה: 18.1.9.786, חותמת זמן: 0x53e1081e
שם מודול שחלות בו תקלות: avgdttbx.dll_unloaded, גירסה: 0.0.0.0, חותמת זמן: 0x53aa7a6f
קוד חריגה: 0xc0000005
היסט תקלה: 0x6f7c73eb
מזהה תהליך שחלות בו תקלות: 0x17fc
שעת ההפעלה של היישום שחלות בו תקלות: 0xvprot.exe0
נתיב היישום שחלות בו תקלות: vprot.exe1
נתיב המודול שחלות בו תקלות: vprot.exe2
מזהה דוח: vprot.exe3
 
Error: (09/01/2014 00:28:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: vprot.exe, גירסה: 18.1.9.786, חותמת זמן: 0x53e1081e
שם מודול שחלות בו תקלות: avgdttbx.dll_unloaded, גירסה: 0.0.0.0, חותמת זמן: 0x53aa7a6f
קוד חריגה: 0xc0000005
היסט תקלה: 0x6f7f0c74
מזהה תהליך שחלות בו תקלות: 0x17fc
שעת ההפעלה של היישום שחלות בו תקלות: 0xvprot.exe0
נתיב היישום שחלות בו תקלות: vprot.exe1
נתיב המודול שחלות בו תקלות: vprot.exe2
מזהה דוח: vprot.exe3
 
Error: (08/30/2014 11:22:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.2.183.21, חותמת זמן: 0x4b95e661
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x00034190
מזהה תהליך שחלות בו תקלות: 0xac4
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
Error: (08/30/2014 11:22:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.3.21.103, חותמת זמן: 0x4f3c6d6c
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x00034190
מזהה תהליך שחלות בו תקלות: 0x1734
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
Error: (08/29/2014 00:29:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.3.21.103, חותמת זמן: 0x4f3c6d6c
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x00034190
מזהה תהליך שחלות בו תקלות: 0x15e4
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
Error: (08/29/2014 00:27:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.2.183.21, חותמת זמן: 0x4b95e661
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x00034190
מזהה תהליך שחלות בו תקלות: 0x13e4
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
Error: (08/27/2014 10:19:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.2.183.21, חותמת זמן: 0x4b95e661
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x00034190
מזהה תהליך שחלות בו תקלות: 0x6f0
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
Error: (08/25/2014 10:46:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏יישום שחלות בו תקלות: GoogleUpdate.exe, גירסה: 1.3.21.103, חותמת זמן: 0x4f3c6d6c
שם מודול שחלות בו תקלות: ntdll.dll, גירסה: 6.1.7600.16385, חותמת זמן: 0x4a5bdadb
קוד חריגה: 0xc0000005
היסט תקלה: 0x00034190
מזהה תהליך שחלות בו תקלות: 0xc8c
שעת ההפעלה של היישום שחלות בו תקלות: 0xGoogleUpdate.exe0
נתיב היישום שחלות בו תקלות: GoogleUpdate.exe1
נתיב המודול שחלות בו תקלות: GoogleUpdate.exe2
מזהה דוח: GoogleUpdate.exe3
 
 
System errors:
=============
Error: (08/27/2014 10:12:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות Netman.
 
Error: (08/27/2014 01:54:23 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000000a (0x00000028, 0x00000002, 0x00000001, 0x832681b9)C:\Windows\MEMORY.DMP082714-28002-01
 
Error: (08/27/2014 01:54:11 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 01:52:11 on ‎27/‎08/‎2014 was unexpected.
 
Error: (08/27/2014 00:16:11 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות Netman.
 
Error: (08/26/2014 08:53:51 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות ShellHWDetection.
 
Error: (08/20/2014 06:19:01 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות Netman.
 
Error: (08/17/2014 01:25:45 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות Netman.
 
Error: (08/14/2014 03:12:39 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות ShellHWDetection.
 
Error: (08/13/2014 01:57:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות Netman.
 
Error: (08/12/2014 00:24:19 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: ‏‏המערכת הגיעה לפרק זמן קצוב (30000 אלפיות שניה) במהלך המתנה לתגובת טרנזקציה משירות Netman.
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU E7400 @ 2.80GHz
Percentage of memory in use: 32%
Total physical RAM: 3326.49 MB
Available physical RAM: 2251.67 MB
Total Pagefile: 6651.26 MB
Available Pagefile: 4947.86 MB
Total Virtual: 2047.88 MB
Available Virtual: 1911.58 MB
 
==================== Drives ================================
 
Drive c: (Vol1) (Fixed) (Total:175.78 GB) (Free:134.03 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Vol2) (Fixed) (Total:195.31 GB) (Free:168.54 GB) NTFS
Drive e: (Vol3) (Fixed) (Total:225.07 GB) (Free:178.39 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 4A894A89)
Partition 1: (Active) - (Size=175.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=420.4 GB) - (Type=OF Extended)
 
==================== End Of Log ============================
 
The machine works better, but the IE still not. 

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP