Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Slow running computer with crashes [Solved]


  • This topic is locked This topic is locked

#1
mpearsonmadrid

mpearsonmadrid

    Member

  • Member
  • PipPip
  • 59 posts

I have been experiencing a slower than usual computer speed with crashes for the last few days. It may or may not be relevant but my anti virus programme keeps blocking 'fbexternal-a-akamaihd.net on the FB site. This blocking can happen several times a minute and is becoming extremely annoying. I wonder if you could help me out? 


Edited by mpearsonmadrid, 22 February 2015 - 10:18 AM.

  • 0

Advertisements


#2
mpearsonmadrid

mpearsonmadrid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

Now another site is being blocked frequently when I am on the BBC site: new.bbcimg.co.uk. I can't remember ever having so many of these pop up blocking reports before. 


  • 0

#3
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Hi there,

 

Let's have a look with this tool.

 

FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please copy and paste their content into your next reply.


  • 0

#4
mpearsonmadrid

mpearsonmadrid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

Thank you for coming to my assistance, you are very kind.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2015
Ran by michael (administrator) on MICHAEL-PC on 23-02-2015 18:01:02
Running from C:\Users\michael\Desktop
Loaded Profiles: michael (Available profiles: michael)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Docking\ASUS Docking.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\michael\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Logitech Inc.) C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDPOP3.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(CyberLink) C:\Program Files (x86)\ASUS\ASUS Cam\YCMMirage.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(CyberLink Corp.) C:\Program Files (x86)\ASUS\ASUS Cam\YouCam.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager Suite\AsShellApplication.exe
(SlySoft, Inc.) D:\CloneCD\CloneCDTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Message Controller\AsMessageController.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Touch Tech\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Touch Tech\QuickGesture\x64\QuickGesture64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Touch Tech\AsusMagnifier3D.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager Suite\ASUSManager.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager Suite\EMOSDControl\EMOSDControl.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager Suite\EMMessageParser.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager Suite\AsEjectHelper.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
() C:\Users\michael\Desktop\unblock-us.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12558440 2011-07-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
HKLM\...\Run: [ASUS Docking] => C:\Program Files\ASUS\ASUS Docking\ASUS Docking.exe [443568 2011-06-29] (ASUSTek Computer Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe [790552 2007-04-26] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-02-18] (Intel Corporation)
HKLM-x32\...\Run: [ASUS Easy Update] => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [188416 2011-12-21] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\ASUS\ASUS Cam\YCMMirage.exe [136488 2011-04-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\ASUS\ASUS Cam\YouCam.exe [228448 2011-04-27] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2984688 2012-02-07] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [AsShellApplication] => C:\Program Files (x86)\ASUS\ASUS Manager Suite\AsShellApplication.exe [232064 2010-08-04] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [OOBESetup] => C:\Program Files (x86)\asus\OOBERegBackup\OOBERegBackup.exe [334848 2009-11-12] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [740736 2012-08-03] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [CloneCDTray] => D:\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKU\S-1-5-21-1766344377-2534232920-1847158327-1001\...\Run: [Spotify Web Helper] => C:\Users\michael\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-22] (Spotify Ltd)
HKU\S-1-5-21-1766344377-2534232920-1847158327-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [109480 2015-02-19] (SlySoft, Inc.)
HKU\S-1-5-21-1766344377-2534232920-1847158327-1001\...\Run: [IRNeroReboot] => "C:\Users\michael\Downloads\Nero_BurningROM2015_setup-16.3c_trial.exe" /reboot="1"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1766344377-2534232920-1847158327-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com/
HKU\S-1-5-21-1766344377-2534232920-1847158327-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/es-es/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKU\S-1-5-21-1766344377-2534232920-1847158327-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{12A45CB6-6944-46AE-BE08-DD0DB3A41E96}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{5285B095-A5B5-4F8F-AFD8-B2000FCD4C47}: [NameServer] 208.122.23.22,208.122.23.23
 
FireFox:
========
FF ProfilePath: C:\Users\michael\AppData\Roaming\Mozilla\Firefox\Profiles\it7rhiz6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1766344377-2534232920-1847158327-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF user.js: detected! => C:\Users\michael\AppData\Roaming\Mozilla\Firefox\Profiles\it7rhiz6.default\user.js
FF Extension: Media Player for YouTube™ - C:\Users\michael\AppData\Roaming\Mozilla\Firefox\Profiles\it7rhiz6.default\Extensions\[email protected] [2014-09-12]
FF Extension: Adblock Plus - C:\Users\michael\AppData\Roaming\Mozilla\Firefox\Profiles\it7rhiz6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected]
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected]
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected]
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected]
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected]
FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] [2014-09-21]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://uk.yahoo.com/
CHR StartupUrls: Default -> "hxxp://www.yahoo.co.uk/"
CHR DefaultSearchKeyword: Default -> yahoo.co.uk
CHR DefaultSearchURL: Default -> http://uk.search.yah...-8&fr=yfp-t-702
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-12]
CHR Extension: (Google Drive) - C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-21]
CHR Extension: (YouTube) - C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-12]
CHR Extension: (Google Search) - C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-12]
CHR Extension: (Kaspersky Protection) - C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-21]
CHR Extension: (jobehlihkogkaopjdeomandehpjiljjn) - C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\jobehlihkogkaopjdeomandehpjiljjn [2014-09-16]
CHR Extension: (Google Wallet) - C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-12]
CHR Extension: (ScriptSafe) - C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2015-02-22]
CHR Extension: (Gmail) - C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-12]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.googl...jjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.googl...jjmlmojhbllhbho [Not Found]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-15] (Hewlett-Packard) [File not signed]
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-15] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 DVB7700ALL; C:\Windows\System32\Drivers\dvb7700all.sys [994304 2011-01-03] (DiBcom) [File not signed]
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R0 hidfilter; C:\Windows\System32\DRIVERS\hidfilter.sys [25728 2011-12-28] (ASUS Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-10-08] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-10-08] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 NWVoltron; C:\Windows\system32\drivers\NWVoltron.sys [28440 2011-05-25] ()
S3 NWWakeFilterV; C:\Windows\system32\drivers\NWWakeFilterV.sys [16152 2011-05-25] (n/a)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-09-12] ()
S3 JMCR; system32\DRIVERS\jmcr.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-23 18:01 - 2015-02-23 18:01 - 00024016 _____ () C:\Users\michael\Desktop\FRST.txt
2015-02-23 17:59 - 2015-02-23 18:01 - 00000000 ____D () C:\FRST
2015-02-23 17:59 - 2015-02-23 17:59 - 02087424 _____ (Farbar) C:\Users\michael\Desktop\FRST64.exe
2015-02-22 13:23 - 2015-02-22 13:23 - 00001757 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-22 13:23 - 2015-02-22 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-22 13:22 - 2015-02-22 13:23 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-22 13:22 - 2015-02-22 13:23 - 00000000 ____D () C:\Program Files\iTunes
2015-02-22 13:22 - 2015-02-22 13:22 - 00000000 ____D () C:\Program Files\iPod
2015-02-22 13:22 - 2015-02-22 13:22 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-21 16:57 - 2015-02-21 16:57 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\3A604F52.sys
2015-02-21 13:53 - 2015-02-21 13:53 - 11737488 _____ () C:\Users\michael\Downloads\SetupAnyDVD7580.exe
2015-02-20 11:08 - 2015-02-20 11:08 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\62AD7685.sys
2015-02-17 17:40 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-17 17:40 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-17 17:40 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-17 17:40 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-16 18:47 - 2015-02-16 18:48 - 00012369 _____ () C:\Users\michael\Desktop\Prescription.odt
2015-02-14 19:41 - 2015-02-14 19:41 - 00000000 ____D () C:\Users\michael\AppData\Local\{4243A5FB-D22F-47FD-BE23-944A44BB0F6D}
2015-02-12 14:34 - 2015-02-12 14:34 - 00000000 ____D () C:\Users\michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BBC iPlayer
2015-02-12 14:34 - 2015-02-12 14:34 - 00000000 ____D () C:\Users\michael\AppData\Local\BBC
2015-02-12 14:33 - 2015-02-12 14:33 - 21602304 _____ () C:\Users\michael\Downloads\BBC-iPlayer-Downloads-1.11.1(2).msi
2015-02-12 14:32 - 2015-02-12 14:32 - 21602304 _____ () C:\Users\michael\Downloads\BBC-iPlayer-Downloads-1.11.1(1).msi
2015-02-12 14:31 - 2015-02-12 14:31 - 21602304 _____ () C:\Users\michael\Downloads\BBC-iPlayer-Downloads-1.11.1.msi
2015-02-12 09:26 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 09:26 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 09:26 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 09:26 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 09:00 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 09:00 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 09:00 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 09:00 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 09:00 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 09:00 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 09:00 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 09:00 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 09:00 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 09:00 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 09:00 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 09:00 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 09:00 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 09:00 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 09:00 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 09:00 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 09:00 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 09:00 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 09:00 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 09:00 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 09:00 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 09:00 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 09:00 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 09:00 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 09:00 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 09:00 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 09:00 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 09:00 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 09:00 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 09:00 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 09:00 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 09:00 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 09:00 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 09:00 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 09:00 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 09:00 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 09:00 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 09:00 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 09:00 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 09:00 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 09:00 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 09:00 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 09:00 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 09:00 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 09:00 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 09:00 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 09:00 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 09:00 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 09:00 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 09:00 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 09:00 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 09:00 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 09:00 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 09:00 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 09:00 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 09:00 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 09:00 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 09:00 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 09:00 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 09:00 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 09:00 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 09:00 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 09:00 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 09:00 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 09:00 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 09:00 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 09:00 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 09:00 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 09:00 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 09:00 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 09:00 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 09:00 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 09:00 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 09:00 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 08:59 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 08:59 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 08:59 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 08:59 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 08:59 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 08:59 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 08:59 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 08:59 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 08:59 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 08:59 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 08:59 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 08:59 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 08:59 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 08:59 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 08:59 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 08:59 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 08:59 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 08:59 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 08:59 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 08:59 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 08:59 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 08:59 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 08:59 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 08:59 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 08:59 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 08:59 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 08:59 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 08:58 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 08:58 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 08:58 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 08:58 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 08:58 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 08:58 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 08:58 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 08:58 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 08:58 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 08:58 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-09 20:26 - 2015-02-09 20:26 - 00018646 _____ () C:\Users\michael\Downloads\Ficha ayuntamiento.zip
2015-02-05 08:08 - 2015-02-05 10:05 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\00F658BF.sys
2015-02-02 13:11 - 2015-02-02 13:11 - 00000000 ____D () C:\Users\michael\AppData\Local\{911C44FC-1D2F-42E6-BA0D-1F48DCDACAAE}
2015-02-02 09:29 - 2015-02-23 16:10 - 00003284 _____ () C:\Windows\System32\Tasks\Unblock-us
2015-02-01 19:06 - 2015-02-01 19:06 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\004317B7.sys
2015-01-30 19:01 - 2015-01-30 19:01 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\39E877DA.sys
2015-01-27 13:05 - 2015-01-27 13:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-23 17:49 - 2014-09-12 16:26 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-23 17:40 - 2014-09-12 15:26 - 02062237 _____ () C:\Windows\WindowsUpdate.log
2015-02-23 17:38 - 2014-10-28 21:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-23 17:08 - 2014-10-14 17:51 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-23 16:26 - 2014-09-21 18:21 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-23 16:18 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-23 16:18 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-23 16:15 - 2009-07-14 06:13 - 00797850 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-23 16:10 - 2014-09-12 16:26 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-23 16:09 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-23 16:09 - 2009-07-14 05:51 - 00180982 _____ () C:\Windows\setupact.log
2015-02-23 13:32 - 2014-09-13 08:25 - 00000000 ____D () C:\Users\michael\AppData\Roaming\Spotify
2015-02-23 13:07 - 2014-09-13 08:26 - 00000000 ____D () C:\Users\michael\AppData\Local\Spotify
2015-02-22 19:21 - 2014-11-10 13:59 - 00000166 ___SH () C:\ProgramData\.zreglib
2015-02-22 13:22 - 2014-09-25 17:34 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-22 12:21 - 2014-09-12 18:19 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-02-21 13:54 - 2014-11-10 09:11 - 00001109 _____ () C:\Users\Public\Desktop\AnyDVD.lnk
2015-02-20 00:51 - 2014-09-12 16:27 - 00002243 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-18 08:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-14 10:12 - 2009-07-14 06:08 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-13 20:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 19:56 - 2015-01-07 00:10 - 00000000 ____D () C:\Users\michael\Documents\ASUS Cam
2015-02-12 19:56 - 2014-09-12 15:35 - 00000000 ____D () C:\ProgramData\CyberLink
2015-02-12 14:34 - 2014-10-10 12:39 - 00001166 _____ () C:\Users\michael\Desktop\BBC iPlayer Downloads.lnk
2015-02-11 14:05 - 2009-07-14 05:45 - 00295024 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 14:03 - 2014-12-12 11:01 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 14:03 - 2014-09-13 08:21 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 09:42 - 2015-01-06 12:05 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 09:39 - 2015-01-06 12:05 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-04 23:38 - 2014-10-28 21:38 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 23:38 - 2014-09-12 15:55 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-04 23:38 - 2012-02-07 00:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 22:44 - 2014-09-12 16:26 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-03 22:44 - 2014-09-12 16:26 - 00003844 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-28 00:25 - 2014-09-12 15:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
 
==================== Files in the root of some directories =======
 
2014-11-10 13:59 - 2015-02-22 19:21 - 0000166 ___SH () C:\ProgramData\.zreglib
2014-09-12 15:36 - 2014-09-12 15:36 - 0000108 _____ () C:\ProgramData\{2637C347-9DAD-11D6-9EA2-00055D0CA761}.log
2014-09-12 15:37 - 2014-09-12 15:37 - 0000114 _____ () C:\ProgramData\{70CC0095-AA68-45BE-AE98-D8170182E9EB}.log
 
Some content of TEMP:
====================
C:\Users\michael\AppData\Local\Temp\drm_dyndata_7340016.dll
C:\Users\michael\AppData\Local\Temp\DSETUP.dll
C:\Users\michael\AppData\Local\Temp\dsetup32.dll
C:\Users\michael\AppData\Local\Temp\DXSETUP.exe
C:\Users\michael\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\michael\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\michael\AppData\Local\Temp\Medal of Honor_uninst.exe
C:\Users\michael\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\michael\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\michael\AppData\Local\Temp\nvStInst.exe
C:\Users\michael\AppData\Local\Temp\post1.exe
C:\Users\michael\AppData\Local\Temp\post2.dll
C:\Users\michael\AppData\Local\Temp\post2.exe
C:\Users\michael\AppData\Local\Temp\sfamcc00001.dll
C:\Users\michael\AppData\Local\Temp\sfamcc00002.dll
C:\Users\michael\AppData\Local\Temp\sfextra.dll
C:\Users\michael\AppData\Local\Temp\wget.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-23 09:41
 
==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2015
Ran by michael at 2015-02-23 18:01:40
Running from C:\Users\michael\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.2.12610 - Adobe Systems Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.02.15 - ASUSTeK Computer Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.5.8.0 - SlySoft)
Apple Application Support (32 bits) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Cam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4022 - CyberLink Corp.)
ASUS Cam (x32 Version: 3.1.4022 - CyberLink Corp.) Hidden
ASUS Cinema (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 7.1.5527 - CyberLink Corp.)
ASUS Cinema (x32 Version: 7.1.5527 - CyberLink Corp.) Hidden
ASUS Docking (HKLM\...\{85EA6D4E-04CC-48b0-B526-EA9E2FEF56FA}) (Version: 3.11.0 - ASUSTek Computer Inc.)
ASUS Easy Update (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 2.00.26 - ASUSTeK Computer Inc)
ASUS Manager Suite (HKLM-x32\...\{36ABA598-A28F-46C9-AEB6-DD58A02A4AB9}) (Version: 3.00.03 - ASUSTeK Computer Inc.)
ASUS Memo (HKLM-x32\...\{CF5451E4-DA6F-44AE-88D4-BCEC1508C17E}) (Version: 1.19.12 - ASUSTEK)
ASUS Paint (HKLM-x32\...\InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}) (Version: 1.2.3013 - CyberLink Corp.)
ASUS Paint (x32 Version: 1.2.3013 - CyberLink Corp.) Hidden
ASUS Touch Tech (HKLM-x32\...\{CFE60FBD-073C-4C15-8840-ACAB92A74136}) (Version: 1.0.10 - ASUS)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.143.296 - ASUS Cloud Corporation)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.6.125 - ASUSTEK)
BBC iPlayer Downloads (HKLM-x32\...\{C3794B09-6C43-4B93-9CA8-F10BECCF2971}) (Version: 1.11.1 - BBC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version:  - Canon Inc.)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EA Download Manager (HKLM-x32\...\EA Download Manager) (Version: 6.0.4.124 - Electronic Arts, Inc.)
EA Download Manager UI (HKLM-x32\...\com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 6.0.4.124 - Electronic Arts)
EA Download Manager UI (x32 Version: 6.0.4 - Electronic Arts) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Logitech Z-series Software 1.04 (HKLM\...\{B38BCB00-1C17-48F5-BB94-584BB89D34D0}) (Version: 1.04.153 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Medal of Honor ™ (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}) (Version: 1.2.0238 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{57660847-B1F7-35BD-9118-F62EB863A598}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 es-ES)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OOBERegBackup (HKLM-x32\...\OOBERegBackup_is1) (Version:  - ASUSTeK Computer Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{86F2B095-3998-41D5-833D-1C5075300950}) (Version: 4.11.9775 - Apache Software Foundation)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6410 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-1766344377-2534232920-1847158327-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Windows Driver Package - ASUS Tek. Corporation hidfilter HIDClass  (12/27/2011 1.0.0.31) (HKLM\...\6FF7B7460FF51BA4E535BE1E8120658FF0E07F04) (Version: 12/27/2011 1.0.0.31 - ASUS Tek. Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
21-02-2015 23:29:33 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {100F9ACD-2C64-4ABC-9726-53103BDA298E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {2BCCB219-0F4E-4C30-8E67-72D7B9A67AB5} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {341EB9DD-4250-4010-AC7B-7875C843AEFE} - System32\Tasks\ASUS\AsMessageController => C:\Program Files (x86)\ASUS\Message Controller\AsMessageController.exe [2009-12-22] (ASUSTeK Computer Inc.)
Task: {3F32D76F-8E24-41C0-85BD-86F1BD817582} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-27] (ASUSTeK Computer Inc.)
Task: {4EF175A6-0AC2-4F94-9D57-E1E4614A390D} - \{449C9108-BA01-4357-9621-D70F6702350A} No Task File <==== ATTENTION
Task: {5197511C-49B5-4623-B239-7EB74699E065} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Touch Tech\QuickGesture\x86\QuickGesture.exe [2011-12-28] (AsusTek)
Task: {7D113733-2370-4001-8581-BD75BCB3D178} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {93DE9674-57B6-4E3D-8842-BFA60FDEAE02} - System32\Tasks\Unblock-us => C:\Users\michael\Desktop\unblock-us.exe [2014-10-26] ()
Task: {9F038251-919D-41A0-930A-072E0349AB5E} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {A0234B04-24BB-409D-830F-316493CA629A} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Touch Tech\QuickGesture\x64\QuickGesture64.exe [2011-12-28] (AsusTek)
Task: {A2277BA6-451F-4F85-9449-AE09EC5C53A7} - System32\Tasks\ASUS\ASUSManagerSuiteHelper => C:\Program Files (x86)\ASUS\ASUS Manager Suite\AsEMRunHelper.exe [2011-06-21] (ASUSTeK Computer Inc.)
Task: {A35CADFF-265A-4C7A-B9A2-CEE7E1E15863} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B4921E69-1E95-4ECB-9653-80C7EBFAC680} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {B62152B8-7BAE-4730-B387-D252D93FF07D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-12] (Google Inc.)
Task: {B82F890D-E9C7-48CA-88EC-632EF5D4EEA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-12] (Google Inc.)
Task: {CDDCD35D-AB31-4D13-97E6-EE4ABD3007E5} - System32\Tasks\ASUS Magnifier => C:\Program Files (x86)\ASUS\ASUS Touch Tech\AsusMagnifier3D.exe [2011-12-28] (AsusTek)
Task: {F056D635-F189-4393-A1A0-B2F513E6B45C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {F1F3CB69-ED6E-4F9F-A83B-04E61188A49B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-09-12 15:28 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-07 00:11 - 2010-10-21 18:52 - 00586880 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2014-09-30 01:51 - 2014-09-30 01:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2014-10-26 20:29 - 2014-10-26 20:29 - 00318243 _____ () C:\Users\michael\Desktop\unblock-us.exe
2014-03-06 14:00 - 2014-03-06 14:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2012-02-07 00:11 - 2005-10-25 01:02 - 00050688 _____ () C:\Program Files (x86)\ASUS\ASUS Easy Update\AsMultiLang.dll
2014-09-12 15:35 - 2009-09-16 10:17 - 00098304 _____ () C:\Program Files (x86)\ASUS\Message Controller\AsKeyboardHooker.dll
2014-09-12 15:35 - 2008-11-04 20:23 - 00077824 _____ () C:\Program Files (x86)\ASUS\Message Controller\AsRemoteControlHooker.dll
2012-02-07 00:11 - 2011-07-13 04:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2012-02-07 00:11 - 2010-10-05 17:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2012-02-07 00:11 - 2011-10-14 00:57 - 01077248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2012-02-07 00:11 - 2011-09-21 03:11 - 00985600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2012-02-07 00:12 - 2011-10-25 19:25 - 01296384 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2012-02-07 00:11 - 2011-09-20 05:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2012-02-07 00:11 - 2011-07-21 18:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2012-02-07 00:11 - 2011-10-15 05:03 - 00885248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2012-02-07 00:11 - 2010-10-05 17:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-09-12 15:35 - 2007-10-31 16:51 - 00061440 _____ () C:\Program Files (x86)\ASUS\ASUS Manager Suite\AsMultiLang.dll
2014-09-12 15:35 - 2008-10-28 19:52 - 00176128 _____ () C:\Program Files (x86)\ASUS\ASUS Manager Suite\ImageMgr.dll
2014-09-12 15:35 - 2007-10-31 16:51 - 00061440 _____ () C:\Program Files (x86)\ASUS\ASUS Manager Suite\EMOSDControl\MultiLang\AsMultiLang.dll
2014-09-12 15:35 - 2007-10-31 16:51 - 00061440 _____ () C:\Program Files (x86)\ASUS\ASUS Manager Suite\MessageParser\AsMultiLang.dll
2014-12-11 10:54 - 2014-12-11 10:54 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\17c296575fad30d021e6370dc70cf800\IsdiInterop.ni.dll
2012-02-07 00:05 - 2011-02-18 17:16 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-02-20 00:51 - 2015-02-17 23:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-20 00:51 - 2015-02-17 23:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-20 00:51 - 2015-02-17 23:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1766344377-2534232920-1847158327-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\michael\AppData\Roaming\Mozilla\Firefox\Fondo de escritorio.bmp
DNS Servers: 208.122.23.22 - 208.122.23.23
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1766344377-2534232920-1847158327-500 - Administrator - Disabled)
Guest (S-1-5-21-1766344377-2534232920-1847158327-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1766344377-2534232920-1847158327-1002 - Limited - Enabled)
michael (S-1-5-21-1766344377-2534232920-1847158327-1001 - Administrator - Enabled) => C:\Users\michael
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Base System Device
Description: Base System Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/23/2015 05:59:39 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:39 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:39 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:39 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:26 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:26 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:26 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:26 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:19 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:19 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
 
System errors:
=============
Error: (02/23/2015 05:59:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 19 time(s).
 
Error: (02/23/2015 05:59:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Search service terminated with the following error: 
%%1224
 
Error: (02/23/2015 05:59:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 18 time(s).
 
Error: (02/23/2015 05:59:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Search service terminated with the following error: 
%%1224
 
Error: (02/23/2015 05:59:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 17 time(s).
 
Error: (02/23/2015 05:59:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Search service terminated with the following error: 
%%1224
 
Error: (02/23/2015 05:58:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 16 time(s).
 
Error: (02/23/2015 05:58:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Search service terminated with the following error: 
%%1224
 
Error: (02/23/2015 05:58:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 15 time(s).
 
Error: (02/23/2015 05:58:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Search service terminated with the following error: 
%%1224
 
 
Microsoft Office Sessions:
=========================
Error: (02/23/2015 05:59:39 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:39 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:39 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:39 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
Search.TripoliIndexer
 
Error: (02/23/2015 05:59:26 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:26 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:26 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:26 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
Search.TripoliIndexer
 
Error: (02/23/2015 05:59:19 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
Error: (02/23/2015 05:59:19 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application
 
 
Details:
The requested operation cannot be performed on a file with a user-mapped section open.  (HRESULT : 0x800704c8) (0x800704c8)
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-02-23 12:15:34.540
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-23 08:53:44.866
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-23 01:35:23.353
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-23 00:25:16.846
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-16 17:37:17.523
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-10 20:41:57.634
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-09 16:57:00.356
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-03 21:52:51.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-27 16:52:04.630
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-25 12:46:50.467
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2400S CPU @ 2.50GHz
Percentage of memory in use: 31%
Total physical RAM: 6125.35 MB
Available physical RAM: 4165.53 MB
Total Pagefile: 12248.89 MB
Available Pagefile: 9605.85 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (WIN7) (Fixed) (Total:80 GB) (Free:14.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:831.47 GB) (Free:470.31 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B14A6B0A)
Partition 1: (Not Active) - (Size=20 GB) - (Type=1B)
Partition 2: (Active) - (Size=80 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=831.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=39 MB) - (Type=EF)
 
==================== End Of Log ============================

  • 0

#5
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Thank you for coming to my assistance, you are very kind.

My pleasure :)

On first look through FRST I find nothing of substance to explain an out right crash. At least from a Malware perspective. That could change once we get our arms around a few other things, but for now consider the following.

Within your browser do a Search for this string (without the quotes, but use the equals sign and space, etc.) "= Faulty Device Manager Devices ="
What you should be able to locate is, a number of Device errors. If you scan farther, you will then see Event Log Errors and farther down System Errors. It goes on for a while.

What this tells me (in general) is that either your Operating System Installation (and/or drivers) has been effected and/or you are experiencing a Hardware Error (to include a failing Hard Disk). None of this is good news. Very Sorry.

However, there is a possibility that some of this can be "healed" so to speak. Caveat being, if it's the hard drive, the fix for that is a new hard drive. Anyway, let's take it one step at a time and see where this goes.

Let's have a look at the Hard Drive first and see if we can either rule it in or out as being good or bad.

 

Check Hard Disk For Errors:

Download the attached hddcheck.bat below and save to your desktop:-

 hddcheck.bat   95bytes   6 downloads

Now right-click on hddcheck.bat and select Run as Administrator to run the batch file. A blank command window will open on your desktop, then close in a few minutes. This is normal and the batch file itself will self-delete when completed.

A file icon named checkhd.txt should appear on your desktop. Please post the contents of this file in your next reply.


 


  • 0

#6
mpearsonmadrid

mpearsonmadrid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

The type of the file system is NTFS.
Volume label is WIN7.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
File verification completed.
535 large file records processed.
0 bad file records processed.
0 EA records processed.
44 reparse records processed.
CHKDSK is verifying indexes (stage 2 of 3)...
Index verification completed.
0 unindexed files scanned.
0 unindexed files recovered.
CHKDSK is verifying security descriptors (stage 3 of 3)...
Security descriptor verification completed.
32297 data files processed.
CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
Windows has checked the file system and found no problems.

83886079 KB total disk space.
68521360 KB in 143329 files.
143432 KB in 32298 indexes.
0 KB in bad sectors.
388779 KB in use by the system.
65536 KB occupied by the log file.
14832508 KB available on disk.

4096 bytes in each allocation unit.
20971519 total allocation units on disk.
3708127 allocation units available on disk.


  • 0

#7
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Nothing real obvious there.

 

Let's try one more tool if you don't mind.

 

Download then run Speccy (free) and post the resultant url for us, details here

 

This will provide us with information about your computer hardware + any software that you have installed that may explain the present issue/s. 


  • 0

#8
mpearsonmadrid

mpearsonmadrid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

Thank you, apologies for the delay: http://speccy.pirifo...pxesJN3emkEvwFO


  • 0

#9
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Ok, I think I see the problem with "slow running computer"

 

Kapersky, your Protection Software, is a very complex product offering quite a bit of functionality. In my opinion, perhaps too much effort for too little pay off?

 

If you look at the Speccy scan, (do a text search for "avp.exe" without the quotes) you can see Kapersky launching quite a few processes, etc.

 

I not saying that it is doing the wrong thing or even a bad thing, just taking up quite a few computer cycles. In other words, lots of overhead.

 

The average home computer user, if practicing good computing (i.e. keep your computer patched, keep software up to date, don't open attachments from unknown sources, etc.) generally doesn't benefit from these additional layered products. Now, if you are doing some function that specifically plays into what Kapersky is protecting, then I suppose the over head makes sense. Absent that, I would advise removal of Kapersky and use either Defender (already a part of your Operating System, you just need to Enable it) or perhaps Avast. Both are free in cost, low in overhead and high in functionality.

 

Ok, now that we know were the speed, log errors, and BSOD's are coming from, let's clean this computer up :)

 

One more thing...if you are going to remove Kapersky, do so before you run the scans, and then enable Defender or add Avast after the scans. If you are going to keep Kapersky, just disable it for the duration of the scans. :thumbsup:

 

adwcleaner_new.png Scan with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your desktop.
 
  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • Upon completion, click Report. A log (AdwCleaner[R*].txt) will open.
 
Please include the contents of that file in your reply.
 
JRTbythisisu.png Fix with Junkware Removal Tool
 
Please download JRT by Thisisu and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
 
  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.
 
Please include the contents of that file in your reply.
 
Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.

 

 

51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.



  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;
    
    process;
    
    services-list;
    
    systemspecs;
    
    startupall;
    
    skipfix-iedefaults;
    
    firefoxlook;
    
    chromelook;
    
    filesrcm;
    
    installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

 

 


  • 0

#10
mpearsonmadrid

mpearsonmadrid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by michael on 27/02/2015 at 15:49:46,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_nvidia-bios-editor-nibitor_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_nvidia-bios-editor-nibitor_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_open-hardware-monitor_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_open-hardware-monitor_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_speedfan_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_speedfan_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_para_nvidia-bios-editor-nibitor_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_para_nvidia-bios-editor-nibitor_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_para_open-hardware-monitor_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_para_open-hardware-monitor_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_para_speedfan_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_para_speedfan_RASMANCS
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\michael\appdata\local\globalupdate"
Successfully deleted: [Folder] "C:\Program Files (x86)\globalupdate"
Successfully deleted: [Empty Folder] C:\Users\michael\appdata\local\{4243A5FB-D22F-47FD-BE23-944A44BB0F6D}
Successfully deleted: [Empty Folder] C:\Users\michael\appdata\local\{470B5754-5D16-4390-8914-43C8C27232EF}
Successfully deleted: [Empty Folder] C:\Users\michael\appdata\local\{911C44FC-1D2F-42E6-BA0D-1F48DCDACAAE}
Successfully deleted: [Empty Folder] C:\Users\michael\appdata\local\{9A17C683-AF02-42C3-B1D6-E04C2B9126F0}
Successfully deleted: [Empty Folder] C:\Users\michael\appdata\local\{9B988FA1-A02C-4AF9-A635-3BBCA7F2F924}
Successfully deleted: [Empty Folder] C:\Users\michael\appdata\local\{AF7B22CA-11AF-4916-A929-ACE4B39254C2}
Successfully deleted: [Empty Folder] C:\Users\michael\appdata\local\{E8E7DFB0-C48D-4ED7-B8B7-BD86E058276C}
Successfully deleted: [Empty Folder] C:\Users\michael\appdata\local\{FE924C78-456F-4E05-9EB0-AD32EB38CE4B}
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\it7rhiz6.default\user.js
Successfully deleted: [File] C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\it7rhiz6.default\invalidprefs.js
Emptied folder: C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\it7rhiz6.default\minidumps [93 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/02/2015 at 15:53:13,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

Advertisements


#11
mpearsonmadrid

mpearsonmadrid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

# AdwCleaner v4.111 - Logfile created 27/02/2015 at 15:43:38
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : michael - MICHAEL-PC
# Running from : C:\Users\michael\Desktop\AdwCleaner (3).exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\michael\AppData\Roaming\Mozilla\Firefox\Profiles\it7rhiz6.default\invalidprefs.js
File Found : C:\Users\michael\AppData\Roaming\Mozilla\Firefox\Profiles\it7rhiz6.default\user.js
File Found : C:\Windows\System32\roboot64.exe
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files\DriverAssist
Folder Found : C:\Users\michael\AppData\Local\globalUpdate

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Key Found : HKCU\Software\genesis
Key Found : HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\genesis
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\GlobalUpdate

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v36.0 (x86 es-ES)


-\\ Google Chrome v40.0.2214.115

*************************

AdwCleaner[R0].txt - [1433 bytes] - [27/02/2015 15:43:38]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1492 bytes] ##########


  • 0

#12
mpearsonmadrid

mpearsonmadrid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
 
Zoek.exe v5.0.0.0 Updated 26-February-2015
Tool run by michael on 27/02/2015 at 16:05:30,94.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\michael\Desktop\zoek.exe [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
27/02/2015 16:06:44 Zoek.exe System Restore Point Created Succesfully.
 
==== Installed Programs ======================
 
64 Bit HP CIO Components Installer  
Adobe AIR  
Adobe Flash Player 16 ActiveX  
Adobe Flash Player 16 NPAPI  
Adobe Reader X (10.1.13) MUI  
AI Suite II  
AnyDVD  
Apple Application Support (32 bits)  
Apple Application Support (64 bits)  
Apple Mobile Device Support  
Apple Software Update  
ASUS Cam  
ASUS Cinema  
ASUS Docking  
ASUS Easy Update  
ASUS Manager Suite  
ASUS Memo  
ASUS Paint  
ASUS Touch Tech  
ASUS WebStorage  
AsusVibe2.0  
BBC iPlayer Downloads  
Bonjour  
Canon Easy-WebPrint EX  
Canon MP Navigator EX 3.0  
Canon MP550 series MP Drivers  
CloneCD  
CloneDVD2  
Control ActiveX de Windows Live Mesh para conexiones remotas  
Contr“le ActiveX Windows Live Mesh pour connexions … distance  
Controlo ActiveX do Windows Live Mesh para Liga‡äes Remotas  
CyberLink PowerCinema Movie  
D3DX10  
EA Download Manager  
EA Download Manager UI  
Galeria de Fotografias do Windows Live  
Galer¡a fotogr fica de Windows Live  
Galerie de photos Windows Live  
GeForce Experience NvStream Client Components  
Google Chrome  
Google Earth  
Google Update Helper  
Intel® Control Center  
Intel® Management Engine Components  
Intel® Rapid Storage Technology  
iTunes  
Junk Mail filter update  
Kaspersky Internet Security  
Logitech Z-series Software 1.04  
Malwarebytes Anti-Malware version 2.0.4.1028  
Medal of Honor ™  
Mesh Runtime  
Microsoft .NET Framework 4.5.1  
Microsoft Application Error Reporting  
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)  
Microsoft Games for Windows - LIVE Redistributable  
Microsoft Mouse and Keyboard Center  
Microsoft Office 2010  
Microsoft Silverlight  
Microsoft SQL Server 2005 Compact Edition [ENU]  
Microsoft Touch Pack for Windows 7  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030  
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030  
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030  
Microsoft XNA Framework Redistributable 3.0  
Mozilla Firefox 36.0 (x86 es-ES)  
Mozilla Maintenance Service  
MSVCRT  
MSVCRT_amd64  
MSXML 4.0 SP2 (KB973688)  
MSXML 4.0 SP3 Parser (KB2758694)  
MSXML 4.0 SP3 Parser (KB973685)  
NVIDIA 3D Vision Controller Driver 335.21  
NVIDIA Control Panel 335.23  
NVIDIA GeForce Experience 1.8.2.1  
NVIDIA Graphics Driver 335.23  
NVIDIA HD Audio Driver 1.3.30.1  
NVIDIA Install Application  
NVIDIA LED Visualizer 1.0  
NVIDIA Network Service  
NVIDIA PhysX  
NVIDIA PhysX System Software 9.13.1220  
NVIDIA ShadowPlay 11.10.13  
NVIDIA Update 11.10.13  
NVIDIA Update Core  
NVIDIA Virtual Audio 1.2.20  
OOBERegBackup  
OpenAL  
OpenOffice 4.1.1  
Raccolta foto di Windows Live  
Realtek Ethernet Controller Driver  
Realtek High Definition Audio Driver  
S?????? f?t???af??? t?? Windows Live  
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)  
SHIELD Streaming  
Speccy  
SpeedFan (remove only)  
Spotify  
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?æa???sæ??e? s??d?se??  
Windows Driver Package - ASUS Tek. Corporation hidfilter HIDClass  (12/27/2011 1.0.0.31)  
Windows Live Communications Platform  
Windows Live Essentials  
Windows Live Family Safety  
Windows Live Fotogalerie  
Windows Live ID Sign-in Assistant  
Windows Live Installer  
Windows Live Language Selector  
Windows Live Mail  
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen  
Windows Live Mesh  
Windows Live Mesh ActiveX Control for Remote Connections  
Windows Live Mesh ActiveX control for remote connections  
Windows Live Messenger  
Windows Live MIME IFilter  
Windows Live Movie Maker  
Windows Live Photo Common  
Windows Live Photo Gallery  
Windows Live PIMT Platform  
Windows Live Remote Client  
Windows Live Remote Client Resources  
Windows Live Remote Service  
Windows Live Remote Service Resources  
Windows Live SOXE  
Windows Live SOXE Definitions  
Windows Live UX Platform  
Windows Live UX Platform Language Pack  
Windows Live Writer  
Windows Live Writer Resources  
WinRAR 5.10 (64-bit)  
 
==== Running Processes ======================
 
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\michael\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe
C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
C:\Program Files (x86)\ASUS\ASUS Cam\YCMMirage.exe
C:\Program Files (x86)\ASUS\ASUS Cam\YouCam.exe
C:\Program Files (x86)\ASUS\ASUS Manager Suite\AsShellApplication.exe
D:\CloneCD\CloneCDTray.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\Message Controller\AsMessageController.exe
C:\Program Files (x86)\ASUS\ASUS Touch Tech\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\ASUS Touch Tech\AsusMagnifier3D.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\ASUS Manager Suite\ASUSManager.exe
C:\Program Files (x86)\ASUS\ASUS Manager Suite\EMOSDControl\EMOSDControl.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
C:\Program Files (x86)\ASUS\ASUS Manager Suite\EMMessageParser.exe
C:\Program Files (x86)\ASUS\ASUS Manager Suite\AsEjectHelper.exe
C:\Users\michael\Desktop\unblock-us.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Users\michael\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
 
==== Services(whitelist) ======================
Powered by E Dev
 
R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [Apple Mobile Device Service] - Apple Mobile Device Service - c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe
R2 - [AsSysCtrlService] - ASUS System Control Service - c:\program files (x86)\asus\assysctrlservice\1.00.11\assysctrlservice.exe
R2 - [Bonjour Service] - Servicio Bonjour - c:\program files\bonjour\mdnsresponder.exe
R2 - [DTSAudioService] - DTSAudioService - c:\program files\realtek\audio\hda\dtsaudioservice64.exe
R2 - [IAStorDataMgrSvc] - Intel® Rapid Storage Technology - c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe
R2 - [LMS] - Intel® Management and Security Application Local Management Service - c:\program files (x86)\intel\intel® management engine components\lms\lms.exe
R2 - [NvStreamSvc] - NVIDIA Streamer Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe
R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
R2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
R2 - [UNS] - Intel® Management and Security Application User Notification Service - c:\program files (x86)\intel\intel® management engine components\uns\uns.exe
R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [iPod Service] - Servicio del iPod - c:\program files\ipod\bin\ipodservice.exe
R3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S2 - [AVP15.0.0] - Kaspersky Anti-Virus Service 15.0.0 - c:\program files (x86)\kaspersky lab\kaspersky internet security 15.0.0\avp.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
S2 - [gupdate] - Servicio de Google Update (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [MBAMScheduler] - MBAMScheduler - c:\program files (x86)\malwarebytes anti-malware\mbamscheduler.exe
S2 - [MBAMService] - MBAMService - c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe
S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [fsssvc] - Windows Live Family Safety Service - c:\program files (x86)\windows live\family safety\fsssvc.exe
S3 - [gupdatem] - Servicio de Google Update (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [WatAdminSvc] - Windows Activation Technologies Service - c:\windows\system32\wat\watadminsvc.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe
S4 - [wlcrasvc] - Windows Live Mesh remote connections service - c:\program files\windows live\mesh\wlcrasvc.exe
x2 - [NvNetworkService] - NVIDIA Network Service - c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe
 
==== System Specs ======================
 
Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 6126 MB
CPU Info: Intel® Core™ i5-2400S CPU @ 2.50GHz
CPU Speed: 2490,3 MHz
Sound Card: Speakers (3- Z-10 USB Speaker) | 
Display Adapters: NVIDIA GeForce 610M  | NVIDIA GeForce 610M  | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Atheros AR9285 Wireless Network Adapter | Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (E: | ) E: MATSHITADVD-RAM UJ8B0AW
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  80,0GB | D:  831,5GB
Hard Disks - Free: C:  19,3GB | D:  470,3GB
Manufacturer *: ASUSTeK Computer Inc.
BIOS Info: AT/AT COMPATIBLE | 02/07/12 | _ASUS_ - 1072009
Time Zone: W. Europe Standard Time
Motherboard *: ASUSTeK Computer Inc. ET2210
Country: Spain 
Language: ESP 
 
==== System Specs (Software) ======================
 
Anti-Virus: Kaspersky Internet Security On-access scanning disabled (Outdated)
Anti-Spyware: Kaspersky Internet Security disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: Kaspersky Internet Security disabled
Default Browser: Firefox 36.0
Internet Explorer Version: 11.0.9600.17633 
Mozilla Firefox version: 36.0 (x86 es-ES)
Google Chrome version: 40.0.2214.115
Adobe Reader version: 10.1.13.16
Flash Player version: 16.0.0.305
 
==== Files Recently Created / Modified ======================
 
====== C:\Windows ====
====== C:\Users\michael\AppData\Local\Temp ====
2015-02-27 14:49:05 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\libiconv2.dll
2015-02-27 14:49:05 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\libintl3.dll
2015-02-27 14:49:05 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\pcre3.dll
2015-02-27 14:49:05 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\regex2.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-02-25 09:00:58 3B9E2AB1F3ABC53D4A423E699EB625C8 419936 ----a-w- C:\Windows\SysWOW64\locale.nls
2015-02-17 16:40:48 DDE994E9159497D0D5AB2CDF66D1EAD6 76800 ----a-w- C:\Windows\SysWOW64\wdi.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-02-25 09:00:58 3B9E2AB1F3ABC53D4A423E699EB625C8 419936 ----a-w- C:\Windows\Sysnative\locale.nls
2015-02-17 16:40:49 D713D6446DDBB474D801F361B4B186EA 950272 ----a-w- C:\Windows\Sysnative\perftrack.dll
2015-02-17 16:40:49 AA7079AD52B8BFBAE94167D54C32F84F 29696 ----a-w- C:\Windows\Sysnative\powertracker.dll
2015-02-17 16:40:48 C6F7473B55510F0B93961DA03D8E3B38 91136 ----a-w- C:\Windows\Sysnative\wdi.dll
====== C:\Windows\Sysnative\drivers =====
2015-02-21 15:57:11 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\3A604F52.sys
2015-02-20 10:08:46 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\62AD7685.sys
2015-02-11 07:59:39 E45CDE1C8340DFEDF1D6724263F39E5B 458824 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
2015-02-11 07:59:39 C60C6B9A2E50B0404F6789C62B428C03 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2015-02-11 07:59:39 78D152A9FD5747FF6AA89C79F0346F62 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-02-05 07:08:45 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\00F658BF.sys
2015-02-01 18:06:36 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\004317B7.sys
2015-01-30 18:01:54 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\39E877DA.sys
====== C:\Windows\Tasks ======
2015-02-02 08:29:44 C2638397ACB0989395BE8D1E1045F2AD 3284 ----a-w- C:\Windows\Sysnative\Tasks\Unblock-us
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-02-27 10:28:36 -------- d-----w- C:\Program Files\Speccy
2015-02-22 12:22:54 -------- d-----w- C:\Program Files\iPod
2015-02-22 12:22:53 -------- d-----w- C:\Program Files\iTunes
======= C:\PROGRA~2 =====
2015-02-22 12:22:54 -------- d-----w- C:\PROGRA~2\iTunes
======= C: =====
====== C:\Users\michael\AppData\Roaming ======
2015-02-23 20:10:02 -------- d-----w- C:\Users\michael\AppData\Locallow\Google
2015-02-12 13:34:03 -------- d-----w- C:\Users\michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BBC iPlayer
2015-02-12 13:34:02 -------- d-----w- C:\Users\michael\AppData\Local\BBC
2015-01-31 20:31:55 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Apple Computer
====== C:\Users\michael ======
2015-02-27 14:48:28 AF6E966D1F38287EF4D33B246CCC3A33 1388274 ----a-w- C:\Users\michael\Desktop\JRT.exe
2015-02-27 14:42:57 4DB5909D450AE68CC11DC865B9B84F71 2126848 ----a-w- C:\Users\michael\Desktop\AdwCleaner (3).exe
2015-02-27 10:28:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2015-02-23 20:09:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-02-23 16:59:18 11A45158869647CC43F9B1287DB8E188 2087424 ----a-w- C:\Users\michael\Desktop\FRST64.exe
2015-02-22 12:23:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-22 12:22:53 -------- d-----w- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-21 12:53:20 36B7FB9AFBA9DBD70CC78BD38D60423E 11737488 ----a-w- C:\Users\michael\Downloads\SetupAnyDVD7580.exe
 
====== C: exe-files ==
2015-02-27 14:48:28 AF6E966D1F38287EF4D33B246CCC3A33 1388274 ----a-w- C:\Users\michael\Desktop\JRT.exe
2015-02-27 14:42:57 4DB5909D450AE68CC11DC865B9B84F71 2126848 ----a-w- C:\Users\michael\Desktop\AdwCleaner (3).exe
2015-02-27 11:10:30 5F5F08094EACFB403593052A53E2BE78 5025488 ----a-w- C:\Users\michael\AppData\Local\NVIDIA\NvBackend\Packages\000070a2\DAO.19353843.exe
2015-02-27 10:41:23 E7C2CD4B0AB84AEC920E850B0BBAA6F1 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1766344377-2534232920-1847158327-1001\$I9EBDWF.exe
2015-02-27 10:40:43 658B8623874DFFD9F1A7F9C8E3D66407 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1766344377-2534232920-1847158327-1001\$ITOWPIV.exe
2015-02-27 10:27:34 F5042B046AE92B0B0F978E65BC3CE62B 5135288 ----a-w- C:\$Recycle.Bin\S-1-5-21-1766344377-2534232920-1847158327-1001\$RTOWPIV.exe
2015-02-26 15:22:58 2DA3A018F4B903D8A044425F27EB6E77 675256 ----a-w- C:\Users\michael\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2015-02-26 15:22:56 82F43B9F99F91E1FC9E44A2A3E995693 172984 ----a-w- C:\Users\michael\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2015-02-23 20:09:35 21B21538E9AAC61AF12C0E2CE2F0AD7A 25469656 ----a-w- C:\Program Files (x86)\Google\Update\Install\{68D0645F-8FD0-45BE-A6F1-7A81DE73F34C}\GoogleEarth-Win-Bundle-7.1.2.2041.1.exe
2015-02-23 20:09:35 21B21538E9AAC61AF12C0E2CE2F0AD7A 25469656 ----a-w- C:\Program Files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\7.1.2.2041\GoogleEarth-Win-Bundle-7.1.2.2041.1.exe
2015-02-23 20:08:45 164B582EB75CD30D22D50F6BC2554007 880208 ----a-w- C:\$Recycle.Bin\S-1-5-21-1766344377-2534232920-1847158327-1001\$R9EBDWF.exe
2015-02-23 16:59:18 11A45158869647CC43F9B1287DB8E188 2087424 ----a-w- C:\Users\michael\Desktop\FRST64.exe
2015-02-22 12:19:10 BFB7D1BDE2715A66AFBCACAE467EB3F7 77104 ----a-w- C:\ProgramData\Apple Computer\Installer Cache\iTunes 12.1.1.4\SetupAdmin.exe
2015-02-21 12:53:20 36B7FB9AFBA9DBD70CC78BD38D60423E 11737488 ----a-w- C:\Users\michael\Downloads\SetupAnyDVD7580.exe
=== C: other files ==
2015-02-27 14:49:05 F56A319979F631C141F5FF02DF87FDB1 43563 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\prelim.bat
2015-02-27 14:49:05 E49F9C309DC32E854A081507B89EBE39 11201 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\runvalues.bat
2015-02-27 14:49:05 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\TDL4.bat
2015-02-27 14:49:05 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\medfos.bat
2015-02-27 14:49:05 AA0C656F898523BEDF2DA6923197BB80 1264 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\surfvox.bat
2015-02-27 14:49:05 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\searchlnk.bat
2015-02-27 14:49:05 8BA81DD47CF392BEBEE506E3789F9FBA 14924 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\get.bat
2015-02-27 14:49:05 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\firefox.bat
2015-02-27 14:49:05 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\ev_clear.bat
2015-02-27 14:49:05 56CE326F6AAE3CF1709D332C04E8F9F1 191237 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\misc.bat
2015-02-27 14:49:05 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\ask.bat
2015-02-27 14:49:05 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\iexplore.bat
2015-02-27 14:49:05 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\delfolders.bat
2015-02-27 14:49:05 080CFDE64F31E7B50EECF4552033E84D 9937 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\mws.bat
2015-02-27 14:49:05 048407135C9B1FB6A355E256BD96160D 14192 ----a-w- C:\Users\michael\AppData\Local\Temp\jrt\chrome.bat
2015-02-21 15:57:11 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\3A604F52.sys
 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
 
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
 
[HKEY_USERS\S-1-5-21-1766344377-2534232920-1847158327-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\michael\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"AnyDVD"="C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe"
"IRNeroReboot"="C:\Users\michael\Downloads\Nero_BurningROM2015_setup-16.3c_trial.exe /reboot=1"
 
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
 
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"
"ASUS Easy Update"="C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe"
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"YouCam Mirage"="C:\Program Files (x86)\ASUS\ASUS Cam\YCMMirage.exe"
"YouCam Tray"="C:\Program Files (x86)\ASUS\ASUS Cam\YouCam.exe /s"
"ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
"AsShellApplication"="C:\Program Files (x86)\ASUS\ASUS Manager Suite\AsShellApplication.exe"
"OOBESetup"="C:\Program Files (x86)\asus\OOBERegBackup\OOBERegBackup.exe /restore -C:\Program Files (x86)\asus\OOBERegBackup\OOBEReg.ini"
"ASUSWebStorage"="C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe /S"
"CloneCDTray"="D:\CloneCD\CloneCDTray.exe /s"
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\michael\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"AnyDVD"="C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe"
"IRNeroReboot"="C:\Users\michael\Downloads\Nero_BurningROM2015_setup-16.3c_trial.exe /reboot=1"
 
==== Startup Registry Enabled x64 ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_DTS"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSUPTBTWCT "
"ASUS Docking"="C:\Program Files\ASUS\ASUS Docking\ASUS Docking.exe autorun"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"Launch LCDMon"="C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
 
==== Startup Folders ======================
 
2012-02-06 23:15:03 2064 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
 
==== Task Scheduler Jobs ======================
 
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [04/02/2015 23:38]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]
 
==== Other Scheduled Tasks ======================
 
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\ASUS Magnifier" [C:\Program Files (x86)\ASUS\ASUS Touch Tech\AsusMagnifier3D.exe]
"C:\Windows\SysNative\tasks\ASUS Quick Gesture" [C:\Program Files (x86)\ASUS\ASUS Touch Tech\QuickGesture\x86\QuickGesture.exe]
"C:\Windows\SysNative\tasks\ASUS Quick Gesture (x64)" [C:\Program Files (x86)\ASUS\ASUS Touch Tech\QuickGesture\x64\QuickGesture64.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Unblock-us" ["C:\Users\michael\Desktop\unblock-us.exe"]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\ASUS\AsMessageController" [C:\Program Files (x86)\ASUS\Message Controller\AsMessageController.exe]
"C:\Windows\SysNative\tasks\ASUS\ASUS AI Suite II Execute" [C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe]
"C:\Windows\SysNative\tasks\ASUS\ASUSManagerSuiteHelper" [C:\Program Files (x86)\ASUS\ASUS Manager Suite\AsEMRunHelper.exe]
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected]" [08/10/2014 09:01]
 
==== Firefox Extensions ======================
 
ProfilePath: C:\Users\michael\AppData\Roaming\Mozilla\Firefox\Profiles\it7rhiz6.default
- Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected]
- Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected]
- Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected]
- Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected]
- Undetermined - [email protected]
- Undetermined - [email protected]
- Undetermined - [email protected]
- Undetermined - [email protected]
- Media Player for YouTube - %ProfilePath%\extensions\[email protected]
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
 
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
==== Firefox Plugins ======================
 
Profilepath: C:\Users\michael\AppData\Roaming\Mozilla\Firefox\Profiles\it7rhiz6.default
C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash
 
 
==== Chromium Look ======================
 
Google Chrome Version: 40.0.2214.115 (Up to date, latest Stable version: 40.0.2214.115)
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dbhjdbfgekjfcfkkfjjmlmojhbllhbho - https://chrome.googl...mlmojhbllhbho[]
 
Google Docs - michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Kaspersky Protection - michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho
jobehlihkogkaopjdeomandehpjiljjn - michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\jobehlihkogkaopjdeomandehpjiljjn
Google Wallet - michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
ScriptSafe - michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf
Gmail - michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
 
==== IE Start and Search Settings ======================
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...ox&FORM=IESR02"
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=0 folders=0 0 bytes)
 
==== EOF on 27/02/2015 at 16:10:07,51 ======================

  • 0

#13
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

That looks pretty good. Let's let it run for a day and let me know how it goes. :thumbsup:


  • 1

#14
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

How has the machine been running? Any issues or glitches?


  • 0

#15
mpearsonmadrid

mpearsonmadrid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

Everything seems to be running smoothly. Thank you very much for all your help, I really am very grateful  :D


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP