Hi Zep516,
Thank you for taking time and responding for the issue. I have the scan done and below is the FRST log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-12-2014
Ran by admin (administrator) on ADMIN-PC on 27-12-2014 10:44:27
Running from C:\Users\admin\Desktop
Loaded Profile: admin (Available profiles: admin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
(New Softwares.net) C:\Windows\SysWOW64\WinFLService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
() C:\Program Files\Reliance Netconnect+\bin\MonServiceUDisk.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\loggingserver.exe
(Symantec) C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
( New Softwares.net) C:\Windows\SysWOW64\WinFLTray.exe
(New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
( New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServ.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2763776 2009-10-28] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3081752 2014-12-10] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [b3d7ad373951cd040fb05f6d6f5bf314] => "C:\Users\admin\AppData\Local\Temp\winlog.exe" ..
HKLM-x32\...\Run: [mbot_in_166] => "C:\Program Files (x86)\mbot_in_166\mbot_in_166.exe"
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\MCShieldRTM.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Run: [WinFLTray] => C:\Windows\SysWow64\WinFLTray.exe [321736 2014-09-13] ( New Softwares.net)
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Run: [FLBackup] => C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [275656 2014-09-13] (New Softwares.net)
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3519936 2013-07-13] (Tonec Inc.)
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Run: [uTorrent] => C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-27] (BitTorrent Inc.)
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Run: [ares] => C:\Program Files (x86)\Ares\Ares.exe [935936 2013-07-19] (Seekar Ltd)
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Run: [b3d7ad373951cd040fb05f6d6f5bf314] => "C:\Users\admin\AppData\Local\Temp\winlog.exe" .. <===== ATTENTION
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\MountPoints2: J - J:\SETUP.EXE
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\MountPoints2: K - "K:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\MountPoints2: S - S:\AutoRun.exe
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\MountPoints2: {0d06b142-bd94-11e2-a8db-806e6f6e6963} - J:\Autorun.exe
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\MountPoints2: {736c575a-d190-11e2-a03c-806e6f6e6963} - "L:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\MountPoints2: {8b5c64b7-4763-11e3-8ff8-8c89a518f86b} - K:\Startme.exe
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\MountPoints2: {9b81d4fc-9785-11e3-882f-001b10002aec} - K:\Setup.exe /Auto
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\MountPoints2: {aa85edd2-7eb9-11e3-b3cc-001b10002aec} - K:\setup.exe -a
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.websse...03RFXX92S5K03RF
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://istart.websse...03RFXX92S5K03RF
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.websse...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.websse...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.websse...03RFXX92S5K03RF
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.websse...03RFXX92S5K03RF
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.websse...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.websse...q={searchTerms}
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKU\S-1-5-21-185604135-3677887699-3063072871-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.websse...03RFXX92S5K03RF
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartse...03RFXX92S5K03RF
SearchScopes: HKU\S-1-5-21-185604135-3677887699-3063072871-1000 -> URL http://www.trovigo.c...rchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-185604135-3677887699-3063072871-1000 -> SuggestionsURL_JSON http://suggest.searc...x={searchTerms}
SearchScopes: HKU\S-1-5-21-185604135-3677887699-3063072871-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.websse...q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DownloadHelper Class -> {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} -> C:\Program Files (x86)\Common Files\Download Helper\DownloadHelperx64.dll (IE Download Helper)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll (AVG)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DownloadHelper Class -> {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} -> C:\Program Files (x86)\Common Files\Download Helper\DownloadHelper.dll (IE Download Helper)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKU\S-1-5-21-185604135-3677887699-3063072871-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll (AVG Secure Search)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9mr8nlll.default-1418472141609
FF NewTab: chrome://quick_start/content/index.html
FF SelectedSearchEngine: webssearches
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.2.0\\npsitesafety.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF Extension: Fast Start - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9mr8nlll.default-1418472141609\Extensions\[email protected] [2014-12-25]
FF Extension: DownloadHelper - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9mr8nlll.default-1418472141609\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-12-17]
FF Extension: Nimbus Screen Capture - editable screenshots. - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9mr8nlll.default-1418472141609\Extensions\[email protected] [2014-12-13]
FF Extension: MeasureIt - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9mr8nlll.default-1418472141609\Extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi [2014-12-13]
FF Extension: Web Developer - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9mr8nlll.default-1418472141609\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-12-13]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-10]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9mr8nlll.default-1418472141609\extensions\[email protected]
FF HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\admin\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\admin\AppData\Roaming\IDM\idmmzcc5 [2013-07-13]
FF HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\admin\AppData\Roaming\IDM\idmmzcc5
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://istart.websse...03RFXX92S5K03RF
Chrome:
=======
CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1419450276&from=exp&uid=TOSHIBAXMK1002TSKB_92S5K03RFXX92S5K03RF
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1419450276&from=exp&uid=TOSHIBAXMK1002TSKB_92S5K03RFXX92S5K03RF"
CHR DefaultSearchKeyword: Default -> webssearches
CHR DefaultSearchURL: Default -> http://istart.websse...q={searchTerms}
CHR DefaultSuggestURL: Default -> http://toolbar.avg.c...earchTerms}&o=1
CHR Plugin: (Shockwave Flash) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll ()
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.550.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java Platform SE 7 U55) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll No File
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-15]
CHR Extension: (AVG Secure Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2014-11-06]
CHR Extension: (Google News) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2014-09-15]
CHR Extension: (Easy Clock) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dplbpgapoedppajbikieafefmcceaagn [2014-09-15]
CHR Extension: (Freemake Video Converter) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2014-03-21]
CHR Extension: (Video Download Helper) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcccbolclahdbkahlppenfodnheapah [2014-11-14]
CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (MeasureIt) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pokhcahijjfkdccinalifdifljglhclm [2014-09-15]
CHR HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\admin\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-07-18]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-03-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - No Path
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://istart.websse...03RFXX92S5K03RF
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CrypKey License; C:\Windows\system32\crypserv.exe [126976 2013-04-12] (CrypKey (Canada) Ltd.) [File not signed]
R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [772608 2014-09-19] (FileZilla Project) [File not signed]
R2 FLService; C:\Windows\SysWow64\WinFLService.exe [92360 2014-09-13] (New Softwares.net)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-03-12] (Freemake) [File not signed]
S3 GenericMount Helper Service; C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [1571336 2009-09-21] (Symantec)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 Norton Ghost; C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe [4584288 2009-10-01] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-06-29] ()
R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [327064 2010-05-18] (Enigma Software Group USA, LLC.)
S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation)
S3 Symantec SymSnap VSS Provider; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation)
R3 SymSnapService; C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2963960 2009-09-21] (Symantec)
R2 UDisk Monitor; C:\Program Files\Reliance Netconnect+\bin\MonServiceUDisk.exe [405504 2011-09-26] () [File not signed]
R2 vToolbarUpdater18.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe [1850392 2014-12-10] (AVG Secure Search)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [52000 2014-12-10] (AVG Technologies)
R3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-09-06] (Sony Mobile Communications)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R1 NetworkX; C:\Windows\System32\ckldrv.sys [31416 2013-04-12] ()
R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2013-12-08] ()
R0 symsnap; C:\Windows\System32\DRIVERS\symsnap.sys [170032 2009-09-21] (StorageCraft)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [20528 2009-09-21] (Symantec Corporation)
R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [34816 2014-09-13] ()
R2 WinVDEDrv; C:\Windows\SysWow64\WinVDEdrv.sys [225680 2013-12-08] (NewSoftwares.net, Inc.)
S3 ztemtusbser; C:\Windows\System32\DRIVERS\CT_ZTEMT_U_USBSER.sys [120704 2010-11-04] (ZTEMT Incorporated)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
U2 V2iMount; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-27 10:44 - 2014-12-27 10:44 - 00000171 _____ () C:\Users\admin\Desktop\to be done dec last week.txt
2014-12-27 10:33 - 2014-12-27 10:37 - 00000061 _____ () C:\Users\admin\Desktop\bank RD and FD.txt
2014-12-27 10:19 - 2014-12-27 10:44 - 00030427 _____ () C:\Users\admin\Desktop\FRST.txt
2014-12-27 10:19 - 2014-12-27 10:42 - 00047841 _____ () C:\Users\admin\Desktop\Addition.txt
2014-12-27 10:18 - 2014-12-27 10:44 - 00000000 ____D () C:\FRST
2014-12-27 10:07 - 2014-12-27 10:08 - 02122752 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-12-26 21:20 - 2014-12-26 21:21 - 00000000 ____D () C:\Users\admin\Downloads\The Secret pdf+mp3 audiobook Rhonda Byrne
2014-12-26 04:01 - 2014-12-26 04:01 - 00000122 _____ () C:\Users\admin\Desktop\geeks to go forum.txt
2014-12-26 01:10 - 2014-12-26 01:15 - 00757598 _____ () C:\Users\admin\Desktop\30 things to failure.psd
2014-12-25 23:41 - 2014-12-25 23:41 - 00000377 _____ () C:\Users\admin\Desktop\question at jagoinvestor website articles.txt
2014-12-25 22:35 - 2014-12-25 23:31 - 00000440 _____ () C:\Users\admin\Desktop\about loans and interests and investments.txt
2014-12-25 19:29 - 2014-12-25 19:38 - 00000000 ____D () C:\Users\admin\Downloads\Lynda.com - SEO Fundamentals
2014-12-25 19:27 - 2014-12-25 19:27 - 00034163 _____ () C:\Users\admin\Downloads\[kickass.so]lynda.com.seo.fundamentals.torrent
2014-12-25 18:49 - 2014-12-25 19:00 - 00000000 ____D () C:\Users\admin\Desktop\seo tuts
2014-12-25 13:17 - 2014-12-25 18:50 - 00000000 ____D () C:\Users\admin\Downloads\Lynda - SEO for Local Visibility
2014-12-25 13:12 - 2014-12-25 16:42 - 00000000 ____D () C:\Users\admin\Downloads\SEO Experts Academy (MP4)
2014-12-25 12:29 - 2014-12-25 12:29 - 00000019 _____ () C:\Users\admin\Desktop\advaith.txt
2014-12-25 03:57 - 2014-12-25 03:57 - 00000813 _____ () C:\Users\admin\Desktop\to be learnt.txt
2014-12-25 02:06 - 2014-12-25 02:06 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-25 01:15 - 2014-12-25 08:04 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-12-25 01:14 - 2014-12-26 21:00 - 00000000 ____D () C:\Program Files (x86)\mbot_in_166
2014-12-25 01:14 - 2014-12-25 02:04 - 00000000 ____D () C:\Users\admin\AppData\Local\mbot_in_166
2014-12-25 01:14 - 2014-12-25 01:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY
2014-12-25 01:13 - 2014-12-25 02:08 - 00000000 ____D () C:\Program Files (x86)\GoForFiles
2014-12-25 01:13 - 2014-12-25 01:14 - 00000000 ____D () C:\Program Files (x86)\GoForFilesUpdater
2014-12-25 01:13 - 2014-12-25 01:13 - 00003096 _____ () C:\Windows\System32\Tasks\Update Service GoForFiles
2014-12-25 01:13 - 2014-12-25 01:13 - 00000000 ____D () C:\Users\admin\AppData\Roaming\GoforFiles
2014-12-25 01:13 - 2014-12-25 01:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\GoForFiles
2014-12-25 01:10 - 2014-12-25 01:22 - 00000000 ____D () C:\Users\admin\Desktop\chats-ebooks
2014-12-25 00:08 - 2014-12-25 00:08 - 00000469 _____ () C:\Users\admin\Desktop\sites.lands.pots to look at buying from developers.txt
2014-12-24 23:58 - 2014-12-24 23:58 - 00003662 _____ () C:\Users\admin\Desktop\property authorities in bangalore.txt
2014-12-24 23:25 - 2014-12-24 23:26 - 00002032 _____ () C:\Users\admin\Desktop\upkar developers.txt
2014-12-24 21:53 - 2014-12-24 21:53 - 00000000 ____D () C:\Users\admin\Downloads\The UX Book Process and Guidelines- Hartson [PDF] [StormRG]
2014-12-24 10:47 - 2014-12-24 10:47 - 00000053 _____ () C:\Users\admin\Desktop\idea call from landline to customer care.txt
2014-12-24 10:06 - 2014-12-24 10:06 - 00000274 _____ () C:\Users\admin\Desktop\bma office address.txt
2014-12-20 19:54 - 2014-12-20 20:00 - 00000000 ____D () C:\Users\admin\Desktop\christmas stuff
2014-12-18 23:31 - 2014-12-18 23:57 - 00000000 ____D () C:\Users\admin\Desktop\print for chaitanya
2014-12-18 00:59 - 2014-12-18 01:45 - 00000000 ____D () C:\Users\admin\Downloads\Top 100 + Beatport Electro House (December 2014) Top100 [320kbps] [EDM RG] -B.Lee-
2014-12-18 00:36 - 2014-12-18 00:48 - 00000000 ____D () C:\Users\admin\Downloads\Ministry Of Sound The Sound Of Deep House 2 (2014)
2014-12-17 23:40 - 2014-12-18 00:12 - 00000000 ____D () C:\Users\admin\Downloads\DMC - DJ Promo 163 [Mp3][www.lokotorrents.com]
2014-12-17 00:48 - 2014-12-17 00:48 - 10804864 _____ () C:\Users\admin\Desktop\Dr_Dani_s_1_Creative_Thinking_Technique.mp4
2014-12-17 00:41 - 2014-12-17 00:42 - 37121595 _____ () C:\Users\admin\Desktop\Creative_thinking_-_how_to_get_out_of_the_box_and_generate_ideas_Giovanni_Corazza_at_TEDxRoma.mp4
2014-12-17 00:01 - 2014-12-17 00:02 - 41063641 _____ () C:\Users\admin\Desktop\Your_Personality_and_Your_Brain_Scott_Schwefel_TEDxBrookings.mp4
2014-12-15 23:22 - 2014-12-15 23:22 - 00000157 _____ () C:\Users\admin\Desktop\printxpress bangalore.txt
2014-12-15 03:12 - 2014-12-15 03:12 - 00000109 _____ () C:\Users\admin\Desktop\what does this mean.txt
2014-12-15 02:00 - 2014-12-15 02:00 - 00000063 _____ () C:\Users\admin\Desktop\awesome quotes.txt
2014-12-14 01:28 - 2014-12-14 01:28 - 00013863 _____ () C:\Users\admin\Desktop\[kickass.so]gnomon.syd.mead.1.thumbnail.sketching.and.line.drawing.avi.torrent
2014-12-14 01:12 - 2014-12-14 01:12 - 00000000 ____D () C:\Users\admin\Downloads\150 Masterpieces of Drawing
2014-12-14 01:11 - 2014-12-14 01:11 - 00009075 _____ () C:\Users\admin\Desktop\[kickass.so]150.masterpieces.of.drawing.dover.fine.art.history.of.art.gnv64.torrent
2014-12-14 01:05 - 2014-12-14 01:05 - 00000000 ____D () C:\Users\admin\Downloads\Illustrator's Guide to Pen and Pencil Drawing Techniques
2014-12-14 01:04 - 2014-12-14 01:04 - 00014405 _____ () C:\Users\admin\Desktop\[kickass.so]illustrator.s.guide.to.pen.and.pencil.drawing.techniques.gnv64.torrent
2014-12-14 00:46 - 2014-12-14 01:04 - 00000000 ____D () C:\Users\admin\Downloads\Transcendence (2014)
2014-12-14 00:39 - 2014-12-14 00:39 - 00009373 _____ () C:\Users\admin\Desktop\[kickass.so]transcendence.2014.720p.brrip.x264.yify.torrent
2014-12-14 00:25 - 2014-12-14 00:25 - 00000000 ____D () C:\Users\admin\Downloads\Gone.Girl.2014.HDRip.XviD-SaM[ETRG]
2014-12-14 00:24 - 2014-12-14 00:24 - 00015035 _____ () C:\Users\admin\Desktop\[kickass.so]gone.girl.2014.hdrip.xvid.sam.etrg.torrent
2014-12-14 00:22 - 2014-12-14 00:33 - 00000000 ____D () C:\Users\admin\Downloads\The Equalizer (2014)
2014-12-14 00:22 - 2014-12-14 00:22 - 00009530 _____ () C:\Users\admin\Desktop\[kickass.so]the.equalizer.2014.720p.brrip.x264.yify.torrent
2014-12-13 23:56 - 2014-12-25 01:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools PDF Unlocker - v3.0 (Demo Version)
2014-12-13 23:56 - 2014-12-13 23:57 - 00000000 ____D () C:\Program Files (x86)\SysTools PDF Unlocker - v3.0 (Demo Version)
2014-12-13 23:56 - 2014-12-13 23:56 - 00001144 _____ () C:\Users\Public\Desktop\SysTools PDF Unlocker - v3.0 (Demo Version).lnk
2014-12-13 23:55 - 2014-12-13 23:56 - 00000000 ____D () C:\Users\admin\Downloads\PDF Unlocker 3.0 incl Cracked-DJiNN
2014-12-13 23:55 - 2014-12-13 23:55 - 00001395 _____ () C:\Users\admin\Desktop\[kickass.so]pdf.unlocker.3.0.incl.cracked.djinn.torrent
2014-12-13 22:54 - 2014-12-25 08:04 - 00000182 ____N () C:\spyhunter.log
2014-12-13 17:32 - 2014-12-13 17:32 - 00000000 ____D () C:\Users\admin\Desktop\Old Firefox Data
2014-12-13 17:25 - 2014-12-25 02:35 - 00000441 _____ () C:\sh4_service.log
2014-12-13 17:10 - 2014-12-13 17:10 - 00003338 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-12-13 17:10 - 2014-12-13 17:10 - 00002291 _____ () C:\Users\admin\Desktop\SpyHunter.lnk
2014-12-13 17:10 - 2014-12-13 17:10 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-12-13 17:10 - 2014-12-13 17:10 - 00000000 ____D () C:\sh4ldr
2014-12-13 17:10 - 2014-12-13 17:10 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-12-13 17:09 - 2014-12-13 17:10 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-12-13 16:59 - 2014-12-13 17:00 - 00000000 ____D () C:\Users\admin\Downloads\SpyHunter 4.1.11.0 + Crack
2014-12-13 15:35 - 2014-12-13 15:35 - 00000000 _____ () C:\autoexec.bat
2014-12-13 02:30 - 2014-12-13 05:26 - 00020500 _____ () C:\Program Files\.tmp
2014-12-13 02:29 - 2014-09-27 17:52 - 00408064 _____ () C:\Program Files\Whatsapp spy tool.exe
2014-12-12 01:45 - 2014-12-12 01:53 - 00000000 ____D () C:\Users\admin\Downloads\Implementing Responsive Design V413HAV
2014-12-12 00:48 - 2014-12-12 00:51 - 00000000 ____D () C:\Users\admin\Downloads\Maxwell Maltz - Psycho-Cybernetics [Mind Control]
2014-12-11 20:20 - 2014-12-11 20:20 - 06126536 _____ (Tim Kosse) C:\Users\admin\Downloads\FileZilla_3.9.0.6_win32-setup.exe
2014-12-11 12:57 - 2014-12-11 12:58 - 00000000 ____D () C:\Users\admin\Downloads\OGWhatsAppv2.11.432 Cracked Apk Is Here From JT Uploader
2014-12-11 12:57 - 2014-12-11 12:57 - 00014388 _____ () C:\Users\admin\Desktop\[kickass.so]ogwhatsappv2.11.432.cracked.2.numbers.in.1.device.from.jt.uploader.torrent
2014-12-10 21:02 - 2014-12-10 21:02 - 00000000 ____D () C:\ProgramData\Avg_Update_1214tb
2014-12-10 00:58 - 2014-12-26 04:01 - 00004703 _____ () C:\Users\admin\Desktop\xx.txt
2014-12-06 22:31 - 2014-12-06 22:58 - 00000000 ____D () C:\Users\admin\Desktop\e-books
2014-12-05 20:52 - 2014-12-09 11:15 - 00000471 _____ () C:\Users\admin\Desktop\TO BE DONE FOR FREELANCE WORKS.txt
2014-12-05 20:48 - 2014-12-14 20:36 - 00000759 _____ () C:\Users\admin\Desktop\december expeneses.txt
2014-12-04 01:55 - 2014-12-04 01:55 - 00000201 _____ () C:\Users\admin\Desktop\ksrtc bus seats - What the... are those.txt
2014-12-01 03:04 - 2014-12-19 01:21 - 00000000 ____D () C:\Users\admin\Desktop\DOC XLS PPT
2014-12-01 03:03 - 2014-12-01 03:04 - 00000000 ____D () C:\Users\admin\Desktop\TEXT FILES
2014-12-01 03:02 - 2014-12-11 13:02 - 00000000 ____D () C:\Users\admin\Desktop\IMAGES
2014-12-01 01:08 - 2014-12-01 01:08 - 00001266 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CC 2014.lnk
2014-11-30 22:47 - 2014-11-30 22:47 - 00000000 ____D () C:\Users\admin\AppData\Local\Apps\2.0
2014-11-30 00:32 - 2014-11-30 20:14 - 00000000 ____D () C:\Users\admin\Downloads\The 7 Habits of Highly Effective People
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-27 10:44 - 2013-06-10 11:18 - 00000000 ____D () C:\Users\admin\Downloads\Video
2014-12-27 10:44 - 2013-05-16 00:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-27 10:42 - 2013-05-23 22:57 - 87677254 _____ () C:\Windows\setupact.log
2014-12-27 10:35 - 2013-06-15 01:32 - 00000000 ____D () C:\Users\admin\AppData\Roaming\uTorrent
2014-12-27 10:35 - 2013-06-10 11:18 - 00000000 ____D () C:\Users\admin\AppData\Roaming\DMCache
2014-12-27 10:18 - 2013-06-10 11:22 - 00000000 ____D () C:\ProgramData\MCShield
2014-12-27 10:10 - 2013-05-16 00:29 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-27 10:06 - 2012-11-16 03:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-27 10:05 - 2009-07-14 10:15 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-27 10:05 - 2009-07-14 10:15 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-27 02:49 - 2012-11-16 02:49 - 00000000 ____D () C:\Users\admin
2014-12-27 02:19 - 2013-06-15 16:37 - 00000000 ____D () C:\Users\admin\AppData\Local\CutePDF Writer
2014-12-27 02:18 - 2012-11-16 04:53 - 00000000 ____D () C:\Users\admin\AppData\Roaming\PrimoPDF
2014-12-27 02:00 - 2014-07-19 14:21 - 00000000 ____D () C:\Users\admin\AppData\Local\Adobe
2014-12-26 22:35 - 2009-07-14 10:43 - 00793008 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-26 21:20 - 2014-01-27 15:31 - 00000000 ____D () C:\Users\admin\Desktop\new torrents
2014-12-26 21:06 - 2012-11-16 03:33 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-26 15:16 - 2012-11-16 03:03 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{69FEF8D0-DC7E-4175-BB5D-65F44A3CE54C}
2014-12-26 13:41 - 2014-11-16 14:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-26 13:40 - 2009-07-14 08:04 - 00000539 _____ () C:\Windows\win.ini
2014-12-26 13:39 - 2014-10-05 15:29 - 00011350 _____ () C:\Windows\errord.log
2014-12-26 13:39 - 2014-10-05 15:29 - 00009548 _____ () C:\Windows\error.log
2014-12-26 13:39 - 2009-07-14 10:38 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-26 04:02 - 2014-11-06 23:55 - 00045762 _____ () C:\Windows\SysWOW64\debug.log
2014-12-26 03:42 - 2013-07-03 00:33 - 00000000 ____D () C:\Users\admin\AppData\Roaming\FileZilla
2014-12-26 01:21 - 2014-11-22 14:40 - 01309270 _____ () C:\Users\admin\Desktop\MY ACHIEVEMENTS FOR REST OF THE LIFE - PERSONAL AND PROFESSIONAL GROWTH - WHERE I STAND ver02.ai
2014-12-25 23:11 - 2014-11-12 02:03 - 00000034 _____ () C:\Users\admin\AppData\Roaming\AdobeWLCMCache.dat
2014-12-25 04:02 - 2014-08-29 22:45 - 00000000 ____D () C:\Users\admin\Downloads\Self.Help.-.Hypnosis.-.NLP.-.Neuro.Linguistic.Programming.-.Evil.Minded.Guy.-.Curse.[bleep].Growth
2014-12-25 03:36 - 2014-09-11 00:53 - 00000000 ____D () C:\Users\admin\AppData\Local\Avg2015
2014-12-25 03:25 - 2013-08-11 03:05 - 00000000 ____D () C:\Program Files (x86)\Ares
2014-12-25 02:40 - 2014-11-10 22:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-25 02:03 - 2009-07-14 10:38 - 00032614 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-25 01:16 - 2014-11-16 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-25 01:16 - 2014-10-05 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AceMoney
2014-12-25 01:16 - 2014-10-05 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash
2014-12-25 01:16 - 2014-09-22 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server
2014-12-25 01:16 - 2014-09-11 00:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-12-25 01:16 - 2014-08-28 01:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Unlocker
2014-12-25 01:16 - 2014-08-28 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daossoft ZIP Password Recovery
2014-12-25 01:16 - 2014-02-07 00:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Make Your Words Sell!
2014-12-25 01:16 - 2013-12-08 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Lock
2014-12-25 01:16 - 2013-09-14 00:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R-Studio
2014-12-25 01:16 - 2013-08-25 22:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6
2014-12-25 01:16 - 2013-08-11 03:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares
2014-12-25 01:16 - 2013-07-18 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-12-25 01:16 - 2013-07-15 02:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2014-12-25 01:16 - 2013-07-13 01:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-12-25 01:16 - 2013-07-11 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-12-25 01:16 - 2013-07-06 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule
2014-12-25 01:16 - 2013-07-03 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-12-25 01:16 - 2013-06-29 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speed Gear
2014-12-25 01:16 - 2013-06-29 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thumbnail Selector
2014-12-25 01:16 - 2013-06-29 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WT-4 Setup Utility
2014-12-25 01:16 - 2013-06-15 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-12-25 01:16 - 2013-06-15 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Talk
2014-12-25 01:16 - 2013-06-11 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APC
2014-12-25 01:16 - 2013-05-23 22:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2014-12-25 01:16 - 2012-11-16 04:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimoPDF
2014-12-25 01:16 - 2012-11-16 04:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
2014-12-25 01:16 - 2012-11-16 04:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-12-25 01:16 - 2012-11-16 03:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy
2014-12-25 01:16 - 2012-11-16 03:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-12-25 01:16 - 2012-11-16 03:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-25 01:16 - 2012-11-16 03:29 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-25 01:16 - 2012-11-16 03:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-25 01:16 - 2012-11-16 03:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-12-25 01:16 - 2009-07-14 11:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-25 01:16 - 2009-07-14 08:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-25 01:16 - 2009-07-14 08:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-25 01:15 - 2014-11-26 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-25 01:15 - 2014-09-13 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-12-25 01:15 - 2014-04-09 00:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments Traktor DJ Studio 3
2014-12-25 01:15 - 2013-12-08 21:00 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IETester
2014-12-25 01:15 - 2013-09-17 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-12-25 01:15 - 2013-06-29 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capture NX 2
2014-12-25 01:15 - 2013-06-15 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-12-25 01:15 - 2013-06-10 11:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-12-25 01:15 - 2012-11-16 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-12-25 01:15 - 2012-11-16 03:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7
2014-12-25 01:14 - 2012-11-16 03:34 - 00002055 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-12-25 01:14 - 2012-11-16 02:50 - 00001634 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-24 21:44 - 2014-10-05 15:29 - 00002240 _____ () C:\Windows\system32\esnecil.ind
2014-12-24 21:44 - 2014-10-05 15:29 - 00000004 _____ () C:\Windows\vx86036.dat
2014-12-24 21:44 - 2014-10-05 15:29 - 00000000 ____D () C:\Users\admin\Documents\MProfit Data
2014-12-24 04:48 - 2013-06-15 16:45 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype
2014-12-19 22:57 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-18 09:50 - 2013-05-16 00:29 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-18 09:50 - 2012-11-16 03:24 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-18 09:50 - 2012-11-16 03:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-17 00:01 - 2014-02-08 01:57 - 00000000 ____D () C:\Users\admin\dwhelper
2014-12-15 01:48 - 2012-11-16 03:35 - 00000000 ____D () C:\Users\admin\AppData\Roaming\vlc
2014-12-14 02:02 - 2013-09-08 11:39 - 00001456 _____ () C:\Users\admin\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-12-13 18:36 - 2013-06-10 11:18 - 00000000 ____D () C:\Users\admin\Downloads\Compressed
2014-12-13 17:22 - 2014-03-21 22:39 - 00000000 ____D () C:\Users\admin\AppData\Local\cache
2014-12-13 17:21 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\Registration
2014-12-13 17:06 - 2013-06-15 14:10 - 00221964 _____ () C:\Windows\PFRO.log
2014-12-13 16:08 - 2014-09-11 00:56 - 00000000 ____D () C:\ProgramData\AVG2015
2014-12-11 10:15 - 2013-05-23 22:56 - 08924944 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-11 10:15 - 2012-11-16 03:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-11 00:53 - 2013-05-23 22:57 - 00611064 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-10 22:07 - 2014-11-06 23:55 - 00052000 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-12-10 22:07 - 2014-11-06 23:55 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-12-02 21:35 - 2014-05-13 22:00 - 00000000 ____D () C:\Users\admin\Desktop\DOC AND XLS
2014-12-01 01:12 - 2013-09-01 14:08 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-12-01 01:07 - 2012-11-16 04:29 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Adobe
2014-12-01 01:07 - 2012-11-16 04:27 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-01 01:05 - 2013-06-10 11:14 - 00068959 _____ () C:\Windows\WindowsUpdate.log
2014-11-30 20:47 - 2014-08-28 00:50 - 00000000 ____D () C:\Users\admin\Desktop\personal
2014-11-29 17:09 - 2014-08-29 23:42 - 00000000 ____D () C:\Users\admin\Downloads\NLP Hypnosis Dr Richard Bandler VIDEO seminars Compilation
2014-11-29 17:03 - 2013-09-01 13:30 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-11-29 17:03 - 2013-09-01 13:30 - 00000000 ____D () C:\Program Files\Adobe
2014-11-29 17:01 - 2012-11-16 04:29 - 00000000 ____D () C:\ProgramData\Adobe
Files to move or delete:
====================
C:\Users\admin\en_res.dll
C:\Users\admin\es_res.dll
C:\Users\admin\fr_res.dll
C:\Users\admin\grm_res.dll
C:\Users\admin\it_res.dll
C:\Users\admin\jp_res.dll
C:\Users\admin\mfc80u.dll
C:\Users\admin\msvcr80.dll
C:\Users\admin\PCPE Setup.exe
C:\Users\admin\pt_res.dll
C:\Users\admin\ResourceReader.dll
C:\Users\admin\ru_res.dll
C:\Users\admin\zh_res.dll
C:\ProgramData\win_mpwd_sys.dat
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-26 22:30
==================== End Of Log ============================
And below is the Addition log:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2014
Ran by admin at 2014-12-27 10:44:59
Running from C:\Users\admin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
AceMoney (HKLM-x32\...\AceMoney_is1) (Version: - MechCAD Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2014 (HKLM-x32\...\{766255CE-D156-11E3-8DBC-A136EB52ACCF}) (Version: 14.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
AMD Catalyst Install Manager (HKLM\...\{10ADF519-706B-6EC7-A1A7-A2580D920457}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Ares 2.2.5 (HKLM-x32\...\Ares) (Version: 2.2.5-Build#3049 - Seekar Ltd)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4257 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.5.7 - AVG Technologies)
CanSecure-Retail (HKLM-x32\...\{5E4D6466-1917-4F6A-91FC-0A3EE4F31181}) (Version: 1.1.912 - Canara Bank)
Capture NX 2 (HKLM-x32\...\Capture NX 2) (Version: 2.0.0 - NIKON CORPORATION)
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B92076C0-C5FE-4DB1-AA8D-855430CDF098}) (Version: 16.0.0.707 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 16.0.707 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 16.0.707 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - EN (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (HKLM-x32\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.0.0.707 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x32 Version: 16.0 - Corel Corporation) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
Daossoft ZIP Password Recovery 7.0.0.1 (HKLM-x32\...\Daossoft ZIP Password Recovery) (Version: 7.0.0.1 - Daossoft)
DAPlayer 1.0.1.9 (HKLM-x32\...\DAPlayer_is1) (Version: - Digiarty Software,Inc.)
Dropbox (HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Dropbox) (Version: 2.10.41 - Dropbox, Inc.)
eMule (HKLM-x32\...\eMule) (Version: - )
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version: 1.0 - )
EVEREST Ultimate Edition v2.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 2.50 - Lavalys Inc)
File Uploader (HKLM-x32\...\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}) (Version: 1.0.0 - Nikon)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.47 - FileZilla Project)
Folder Lock (HKLM-x32\...\Folder Lock) (Version: - New Softwares.net)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Freemake Video Converter version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
gBurner (HKLM-x32\...\gBurner) (Version: - )
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
GnuCash 2.6.3 (HKLM-x32\...\GnuCash_is1) (Version: - GnuCash Development Team)
GoForFiles (HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\GoForFiles) (Version: 3.14.52 - http://www.fansfile.biz) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth (HKLM-x32\...\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}) (Version: 4.2.198.2451 - Google)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
High-Definition Video Playback (x32 Version: 11.1.10400.2.65 - Nero AG) Hidden
HydraVision (x32 Version: 4.2.210.0 - Advanced Micro Devices, Inc.) Hidden
IE Download Helper (HKLM-x32\...\{424E1389-2414-4394-9476-5D26316F291F}) (Version: 3.5 - IE Download Helper)
IETester v0.5.2 (remove only) (HKLM-x32\...\IETester) (Version: 0.5.2 - Core Services)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
K-Lite Mega Codec Pack 10.7.1 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.7.1 - )
Make Your Words Sell! (HKLM-x32\...\MYWSuninstall) (Version: - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2005) (Version: - Microsoft Corporation)
Microsoft SharePoint Designer 2013 (HKLM-x32\...\Office15.SharePointDesigner) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
MoneyManagerEX 1.1.0 (HKLM\...\{2C48DC11-E113-4912-8AFC-366D1918101E}_is1) (Version: 1.1.0 - Money Manager EX)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 en-US)) (Version: 24.6.0 - Mozilla)
MProfit Investor - Portfolio Management Software (HKLM-x32\...\{2656F6FE-7B95-4F33-9B56-8998C78C451C}) (Version: 9.4.1013 - MProfit)
MyBestOffersToday 016.166 (HKLM-x32\...\mbot_in_166_is1) (Version: - MYBESTOFFERSTODAY) <==== ATTENTION
Native Instruments Traktor DJ Studio 3 (HKLM-x32\...\Native Instruments Traktor DJ Studio 3) (Version: - )
Nero 11 (HKLM-x32\...\{F021D637-BBDA-486B-96F0-225B62596C3B}) (Version: 11.0.11000 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.10000.1.0 - Nero AG)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon RAW Codec (HKLM-x32\...\{C8616041-2802-4DE2-B3BD-6285AAD65C2A}) (Version: 1.00.0000 - Nikon)
Nikon Transfer (HKLM-x32\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.1.1 - Nikon)
Norton Ghost (HKLM-x32\...\{B0255743-165B-4BD5-8DA8-37DFB9930015}) (Version: 15.0.0.35659 - Symantec Corporation)
Opera 12.01 (HKLM-x32\...\Opera 12.01.1532) (Version: 12.01.1532 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.2 - Nikon)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.6 - PowerISO Computing, Inc.)
PrimoPDF -- by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5.0.0.19 - Nitro PDF Software)
QuickTime (HKLM-x32\...\{8DC42D05-680B-41B0-8878-6C14D24602DB}) (Version: 7.55.90.70 - Apple Inc.)
RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version: - Password Unlocker Studio)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
Reliance Netconnect+ (HKLM\...\ZTEWireless-101_is1) (Version: - )
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
R-Studio 5.0 (HKLM-x32\...\R-Studio 5.0NSIS) (Version: 5.0.129021 - R-Tools Technology Inc.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.12.201408250841 - Sony Mobile Communications AB)
Sony PC Companion 2.10.221 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.221 - Sony)
Sony Sound Forge 8.0 (HKLM-x32\...\{767572FD-4D01-4FA3-B0A6-4B09FB2CFC37}) (Version: 8.0.53 - Sony)
Speed Gear v7.2 (HKLM-x32\...\Speed Gear_is1) (Version: - )
SpyHunter (HKLM-x32\...\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}) (Version: 4.1.11 - Enigma Software Group USA, LLC)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SysTools PDF Unlocker - v3.0 (HKLM-x32\...\{FBD68E88-2999-43B7-B249-E1B08FA2B065}_is1) (Version: - SysTools Software)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
TeraCopy 2.3 beta (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
Thumbnail Selector (HKLM-x32\...\{DD6967E0-904C-4394-A4AE-C2335E495933}) (Version: 1.1.0 - Nikon)
Update Service GoForFiles (HKU\S-1-5-21-185604135-3677887699-3063072871-1000\...\Update Service GoForFiles) (Version: 3.14.52 - http://www.fansfile.biz) <==== ATTENTION
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
ViewNX (HKLM-x32\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.1.1 - Nikon)
VirtuaGirl HD (HKLM\...\vghd) (Version: - )
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN)
webssearches uninstall (HKLM-x32\...\webssearches uninstall) (Version: - webssearches) <==== ATTENTION
welcome (x32 Version: 11.0.21500.0.4 - Nero AG) Hidden
Who Is On My Wifi version 2.0.9 (HKLM-x32\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 2.0.9 - IO3O LLC)
Winamp (HKLM-x32\...\Winamp) (Version: 5.56 - Nullsoft, Inc)
WinHTTrack Website Copier 3.47-21 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.47.21 - HTTrack)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
WinZip 11.1 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}) (Version: 11.1.7466 - WinZip Computing, S.L. )
WordWeb (HKLM-x32\...\WordWeb) (Version: 7 - WordWeb Software)
WT-4 Setup Utility (HKLM-x32\...\{6C89746F-CB7A-4BCA-88B9-03BBD2BA5600}) (Version: 1.1.0 - Nikon)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.4.2012.1 - URSoft, Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-185604135-3677887699-3063072871-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185604135-3677887699-3063072871-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185604135-3677887699-3063072871-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185604135-3677887699-3063072871-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185604135-3677887699-3063072871-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185604135-3677887699-3063072871-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185604135-3677887699-3063072871-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185604135-3677887699-3063072871-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185604135-3677887699-3063072871-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
27-12-2014 00:08:14 Scheduled Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 08:04 - 2014-12-26 13:39 - 00006959 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
There are 169 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {07FB937F-0DE2-452F-8D4F-55F8BBD251D6} - System32\Tasks\Update Service GoForFiles => C:\Program Files (x86)\GoForFilesUpdater\GoForFilesUpdater.exe <==== ATTENTION
Task: {2E8CF13D-A2CC-49A7-9413-39568BC0335C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {30FB5F1B-1184-407D-A75A-45B3C9C8559D} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-09-04] ()
Task: {382ED54F-9F20-442F-892D-AEF7F3AA3912} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-16] (Google Inc.)
Task: {5718ADA5-16AA-4529-9DA6-B280FD224AE1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {5DE6264B-2042-4C12-9084-36127CB2865A} - System32\Tasks\AdobeAAMUpdater-1.0-admin-PC-admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {71B400E5-CDCE-4DF3-AFDE-F4C1C983C545} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-18] (Adobe Systems Incorporated)
Task: {C6448A3A-32A9-4C6E-B0B2-BE171EFD116B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {D6CD6B98-747E-4D6E-BBD2-C8E5F4004EBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-16] (Google Inc.)
Task: {F99419AA-0A11-4879-9FFB-51B88C233367} - System32\Tasks\SpyHunter4Startup => C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-12-13] (Enigma Software Group USA, LLC.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-11-16 04:29 - 2012-10-04 19:49 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2012-11-16 04:30 - 2009-07-31 07:28 - 00090624 _____ () C:\Windows\System32\Primomonnt.dll
2014-05-03 23:19 - 2013-06-06 11:54 - 00020472 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2013-06-29 01:38 - 2013-06-29 01:38 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-18 09:17 - 2011-09-26 12:05 - 00405504 _____ () C:\Program Files\Reliance Netconnect+\bin\MonServiceUDisk.exe
2014-12-10 22:08 - 2014-12-10 22:07 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\loggingserver.exe
2012-10-01 20:34 - 2012-10-01 20:34 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-11-16 03:29 - 2008-06-20 00:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-11-16 03:37 - 2012-01-20 10:55 - 00678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2014-05-02 00:59 - 2014-05-02 00:59 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-05-23 22:43 - 2009-05-07 14:21 - 00071680 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-05-23 22:43 - 2009-05-07 14:23 - 00379392 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-05-23 22:43 - 2008-01-18 12:20 - 00098816 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2013-05-23 22:43 - 2009-10-28 07:56 - 47601664 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2014-11-06 23:55 - 2014-12-10 22:07 - 03081752 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2011-07-28 17:55 - 2011-07-28 17:55 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-12-10 22:08 - 2014-12-10 22:07 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\log4cplusU.dll
2014-11-06 23:55 - 2014-11-06 23:55 - 01685528 ____N () C:\Program Files (x86)\AVG Web TuneUp\TBAPI.dll
2014-09-06 22:14 - 2014-09-06 22:14 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 22:11 - 2014-05-24 22:11 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 22:11 - 2014-05-24 22:11 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-11-10 22:54 - 2014-12-10 22:08 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-12-18 09:50 - 2014-12-18 09:50 - 16843952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^APC UPS Status.lnk => C:\Windows\pss\APC UPS Status.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Nikon Monitor.lnk => C:\Windows\pss\Nikon Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Who Is On My Wifi.lnk => C:\Windows\pss\Who Is On My Wifi.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopVideoPlayer.lnk => C:\Windows\pss\DesktopVideoPlayer.lnk.Startup
MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: Display => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe
MSCONFIG\startupreg: FileZilla Server Interface => "C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe"
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: googletalk => C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: uTorrent => "C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: WordWeb => "C:\Program Files (x86)\WordWeb\wweb32.exe" -startup
========================= Accounts: ==========================
admin (S-1-5-21-185604135-3677887699-3063072871-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-185604135-3677887699-3063072871-500 - Administrator - Disabled)
ASPNET (S-1-5-21-185604135-3677887699-3063072871-1003 - Limited - Enabled)
Guest (S-1-5-21-185604135-3677887699-3063072871-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: BAPIDRV
Description: BAPIDRV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BAPIDRV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/27/2014 10:22:23 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.17929 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 9036. Message ID: [0x2509].
Error: (12/26/2014 01:41:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2014 11:13:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2014 02:36:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2014 02:06:08 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mbam.exe version 1.0.0.532 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: b88
Start Time: 01d01fb8f08ec72a
Termination Time: 37
Application Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
Report Id: 7bcee2fd-8bac-11e4-a696-001b10002aec
Error: (12/25/2014 02:05:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2014 01:14:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 34.0.5.5443, time stamp: 0x5475dd5d
Faulting module name: mozalloc.dll, version: 34.0.5.5443, time stamp: 0x5475d664
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process id: 0x1f90
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (12/23/2014 08:48:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/21/2014 11:51:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/20/2014 07:19:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (12/27/2014 02:51:45 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.
Error: (12/26/2014 11:19:31 PM) (Source: Virtual Disk Service) (EventID: 9) (User: )
Description: Unexpected provider failure. Restarting the service may fix the problem. Error code: 80004005@02000014
Error: (12/26/2014 11:19:31 PM) (Source: Virtual Disk Service) (EventID: 9) (User: )
Description: Unexpected provider failure. Restarting the service may fix the problem. Error code: 80004005@02000014
Error: (12/26/2014 11:19:30 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: D@01010004
Error: (12/26/2014 11:19:30 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: D@01010004
Error: (12/26/2014 01:41:09 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {7D1933CB-86F6-4A98-8628-01BE94C9A575}
Error: (12/26/2014 04:02:19 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (12/25/2014 11:13:20 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {7D1933CB-86F6-4A98-8628-01BE94C9A575}
Error: (12/25/2014 04:45:21 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (12/25/2014 02:36:35 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {7D1933CB-86F6-4A98-8628-01BE94C9A575}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-10-18 13:03:45.380
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\admin\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-10-18 13:03:45.355
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\admin\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-10-18 13:03:45.035
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-10-18 13:03:45.004
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-11 00:47:05.591
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\admin\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-11 00:47:05.572
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\admin\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-11 00:47:04.803
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-11 00:47:04.783
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-05-03 23:11:03.895
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\admin\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-05-03 23:11:03.879
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\admin\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Pentium® Dual-Core CPU E5700 @ 3.00GHz
Percentage of memory in use: 47%
Total physical RAM: 4095.18 MB
Available physical RAM: 2140.77 MB
Total Pagefile: 8188.54 MB
Available Pagefile: 5155.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (WINDOWS) (Fixed) (Total:150.39 GB) (Free:40.47 GB) NTFS
Drive d: (SKA) (Fixed) (Total:150.39 GB) (Free:17.96 GB) NTFS
Drive e: (MOVIES) (Fixed) (Total:150.39 GB) (Free:4.75 GB) NTFS
Drive f: (MUSIC) (Fixed) (Total:150.39 GB) (Free:8.36 GB) NTFS
Drive g: (GAMES) (Fixed) (Total:150.39 GB) (Free:7.03 GB) NTFS
Drive h: (SOFTWARES) (Fixed) (Total:165.33 GB) (Free:10.31 GB) NTFS
Drive i: (RECOVERY PARTITION) (Fixed) (Total:14.12 GB) (Free:6.3 GB) NTFS
Drive j: (GTA IV Disc 1) (CDROM) (Total:7.03 GB) (Free:0 GB) UDF
Drive l: (WD SmartWare) (CDROM) (Total:0.62 GB) (Free:0 GB) UDF
Drive n: (My Book) (Fixed) (Total:930.86 GB) (Free:8.38 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2CBCDF0E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=150.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=150.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=630.6 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 930.9 GB) (Disk ID: 000564D0)
Partition 1: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Edited by Dave_83, 26 December 2014 - 11:19 PM.