Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

anti virus and malwarebytes won't open [Closed]

Started by kinetz07 , Jun 27 2015 12:58 AM

  • This topic is locked This topic is locked

#1
kinetz07
Posted 27 June 2015 - 12:58 AM

kinetz07

    Member

  • Member
  • PipPip
  • 12 posts

Hello. I'm using Windows 8.1 on my laptop. My problem is i found out one day that i can't see my anti virus and malwarebytes on my system tray so i tried opening it but there was no response. I remembered inserting a flash drive that has a shortcut virus before this happened. I already tried to uninstall both programs then re install new anti virus but it still won't run.

I tried to run malwarebytes and my anti virus in safe mode. but as I scan my malwarebytes there are no threats found. in safe mode i can open my anti virus but as i click scan a pop up shows: "Unable to start scan. There are no more endpoints available fro the endpoint mapper"

Please help me what to do.


Edited by kinetz07, 27 June 2015 - 01:04 AM.

  • 0

Advertisements

#2
Essexboy
Posted 27 June 2015 - 05:00 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi I will need a look see at the system

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please post both logs generated.

  • 0

#3
kinetz07
Posted 27 June 2015 - 05:11 AM

kinetz07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

this is the FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015

Ran by kinetz07 (administrator) on KINETZ on 27-06-2015 19:05:53

Running from C:\Users\kinetz07\Downloads

Loaded Profiles: kinetz07 (Available Profiles: kinetz07)

Platform: Windows 8.1 Connected Single Language (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe

(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe

() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe

(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe

(Microsoft Corporation) C:\Users\kinetz07\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe

(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe

() C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe

() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe

(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe

(Spotify Ltd) C:\Users\kinetz07\AppData\Roaming\Spotify\SpotifyWebHelper.exe

(Spotify Ltd) C:\Users\kinetz07\AppData\Roaming\Spotify\Spotify.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe

() C:\Program Files (x86)\Garena Plus\ggdllhost.exe

(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\main.exe

(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe

(Spotify Ltd) C:\Users\kinetz07\AppData\Roaming\Spotify\Spotify.exe

(Spotify Ltd) C:\Users\kinetz07\AppData\Roaming\Spotify\Spotify.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)

HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-05-22] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)

HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [98256 2015-03-12] (Razer Inc.)

HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm®Atheros®)

HKLM\...\Policies\Explorer: [NoFolderOptions] 0

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1

HKLM\...\Policies\Explorer: [HideSCAHealth] 1

HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\Run: [GarenaPlus] => C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [9981888 2015-05-27] ()

HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3858000 2014-07-10] (Tonec Inc.)

HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)

HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)

HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\Run: [uTorrent] => "C:\ProgramData\McAfee\VUL\AppsDownloaderPath\utorrent__utorrent__3.4.3.40097_3.4.3.40298_en-ph"  /MINIMIZED

HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\Run: [Spotify Web Helper] => C:\Users\kinetz07\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2023480 2015-06-24] (Spotify Ltd)

HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\Run: [Spotify] => C:\Users\kinetz07\AppData\Roaming\Spotify\Spotify.exe [7415864 2015-06-24] (Spotify Ltd)

HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7799576 2015-05-16] (SUPERAntiSpyware)

HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\Policies\Explorer: []

HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)

ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

HKU\S-1-5-21-934835943-2712293172-1038266425-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://ph.yhs4.searc...p={searchTerms}

SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://ph.yhs4.searc...p={searchTerms}

SearchScopes: HKU\S-1-5-21-934835943-2712293172-1038266425-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...q={searchTerms}

SearchScopes: HKU\S-1-5-21-934835943-2712293172-1038266425-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...q={searchTerms}

SearchScopes: HKU\S-1-5-21-934835943-2712293172-1038266425-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://ph.yhs4.searc...p={searchTerms}

BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2014-07-10] (Internet Download Manager, Tonec Inc.)

BHO: uunisalleS -> {882c9713-bb16-4cf6-9171-93c7545aaeb3} -> C:\Program Files (x86)\uunisalleS\NaX1zSt2xp08JW.x64.dll No File

BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2014-07-10] (Internet Download Manager, Tonec Inc.)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)

BHO-x32: uunisalleS -> {882c9713-bb16-4cf6-9171-93c7545aaeb3} -> C:\Program Files (x86)\uunisalleS\NaX1zSt2xp08JW.dll No File

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.254.254

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:

========

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()

FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)

FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2015-01-16] ( Garena)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-27] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-27] (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

FF HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\kinetz07\AppData\Roaming\IDM\idmmzcc5

FF Extension: IDM CC - C:\Users\kinetz07\AppData\Roaming\IDM\idmmzcc5 [2015-01-14]

 

Chrome:

=======

CHR dev: Chrome dev build detected! <======= ATTENTION

CHR Profile: C:\Users\kinetz07\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\kinetz07\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-11]

CHR Extension: (IDM Integration Module) - C:\Users\kinetz07\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2015-01-14]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\kinetz07\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-27]

CHR Extension: (Google Wallet) - C:\Users\kinetz07\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-27]

CHR HKLM-x32\...\Chrome\Extension: [fgbcffenncokfocljomejddmgcpppjom] - https://clients2.goo...ice/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-07-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows ® Win 7 DDK provider) [File not signed]

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]

U2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-27] (Avast Software s.r.o.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)

R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)

S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-25] (WildTangent)

R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)

R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)

R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-03-11] ()

R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)

R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-03-12] (Razer Inc.)

R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51712 2014-04-17] (Advanced Micro Devices, Inc.)

R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)

R2 VSSS; C:\Users\kinetz07\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [101632704 2015-06-23] (Microsoft Corporation) [File not signed]

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)

S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [92360 2015-01-20] (Advanced Micro Devices, Inc. )

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)

R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [264392 2015-01-20] (Advanced Micro Devices, Inc. )

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-20] (Advanced Micro Devices)

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)

R3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Corporation)

S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)

S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)

R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)

S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)

R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)

R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [476888 2014-03-21] (Realsil Semiconductor Corporation)

R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-03-11] (Razer, Inc.)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 SDGame; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)

S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))

R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]

R4 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-06-27 19:05 - 2015-06-27 19:06 - 00018498 _____ C:\Users\kinetz07\Downloads\FRST.txt

2015-06-27 19:04 - 2015-06-27 19:05 - 00000000 ____D C:\FRST

2015-06-27 19:04 - 2015-06-27 19:04 - 02112512 _____ (Farbar) C:\Users\kinetz07\Downloads\FRST64.exe

2015-06-27 17:31 - 2015-06-27 13:44 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw7DC3.tmp

2015-06-27 17:31 - 2015-06-27 13:44 - 00272248 _____ C:\Windows\system32\Drivers\asw7DF3.tmp

2015-06-27 17:31 - 2015-06-27 13:44 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw7F2C.tmp

2015-06-27 17:31 - 2015-06-27 13:44 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw7B9C.tmp

2015-06-27 17:31 - 2015-06-27 13:44 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw7D54.tmp

2015-06-27 17:31 - 2015-06-27 13:44 - 00065736 _____ C:\Windows\system32\Drivers\asw7D83.tmp

2015-06-27 17:31 - 2015-06-27 13:44 - 00029168 _____ C:\Windows\system32\Drivers\asw7D04.tmp

2015-06-27 17:31 - 2015-06-27 13:43 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw7B0E.tmp

2015-06-27 17:09 - 2015-06-27 13:44 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw339.tmp

2015-06-27 17:09 - 2015-06-27 13:44 - 00272248 _____ C:\Windows\system32\Drivers\asw34A.tmp

2015-06-27 17:09 - 2015-06-27 13:44 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw34B.tmp

2015-06-27 17:09 - 2015-06-27 13:44 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw2F9.tmp

2015-06-27 17:09 - 2015-06-27 13:44 - 00065736 _____ C:\Windows\system32\Drivers\asw2FA.tmp

2015-06-27 17:09 - 2015-06-27 13:44 - 00029168 _____ C:\Windows\system32\Drivers\asw2E8.tmp

2015-06-27 17:08 - 2015-06-27 13:44 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswFAB9.tmp

2015-06-27 17:08 - 2015-06-27 13:43 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswFAA9.tmp

2015-06-27 16:24 - 2015-06-27 16:59 - 00000530 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d9c5f5e7-5748-4ab4-b0b7-c076810bde4f.job

2015-06-27 16:24 - 2015-06-27 16:59 - 00000530 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 16915d7c-42bf-4d4b-987e-8f54d058a8b7.job

2015-06-27 16:24 - 2015-06-27 16:24 - 00003586 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 16915d7c-42bf-4d4b-987e-8f54d058a8b7

2015-06-27 16:24 - 2015-06-27 16:24 - 00003504 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d9c5f5e7-5748-4ab4-b0b7-c076810bde4f

2015-06-27 16:24 - 2015-06-27 16:24 - 00000000 ____D C:\Users\kinetz07\AppData\Roaming\SUPERAntiSpyware.com

2015-06-27 16:23 - 2015-06-27 16:24 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

2015-06-27 16:23 - 2015-06-27 16:23 - 00001824 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

2015-06-27 16:23 - 2015-06-27 16:23 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com

2015-06-27 16:23 - 2015-06-27 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2015-06-27 15:54 - 2015-06-27 15:54 - 00000000 ____D C:\Program Files\McAfee

2015-06-27 15:37 - 2015-06-27 15:37 - 01415680 _____ (wj32) C:\Program Files\Y02102RA.exe

2015-06-27 15:35 - 2015-06-27 15:35 - 00280992 _____ C:\Windows\Minidump\062715-18796-01.dmp

2015-06-27 15:29 - 2015-06-27 15:29 - 01415680 _____ (wj32) C:\Program Files\YUTSURJH.exe

2015-06-27 15:29 - 2015-06-27 15:29 - 01415680 _____ (wj32) C:\Program Files\K4FT4FTT.exe

2015-06-27 15:27 - 2015-06-27 15:28 - 00280992 _____ C:\Windows\Minidump\062715-21609-01.dmp

2015-06-27 15:24 - 2015-06-27 15:24 - 03219872 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\kinetz07\Downloads\UsbFix_2015_7.966.exe

2015-06-27 14:07 - 2015-06-27 14:07 - 00000000 ____D C:\Users\kinetz07\AppData\Roaming\AVAST Software

2015-06-27 13:51 - 2015-06-27 13:51 - 01415680 _____ (wj32) C:\Program Files\GEEC93TO.exe

2015-06-27 13:51 - 2015-06-27 13:51 - 01415680 _____ (wj32) C:\Program Files\AADA30XW.exe

2015-06-27 13:44 - 2015-06-27 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software

2015-06-27 13:43 - 2015-06-27 13:43 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr

2015-06-27 13:30 - 2015-06-27 13:30 - 00000000 ____D C:\Program Files\AVAST Software

2015-06-27 13:28 - 2015-06-27 13:28 - 00000000 ____D C:\ProgramData\AVAST Software

2015-06-27 13:27 - 2015-06-27 15:10 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-06-27 13:27 - 2015-06-27 13:27 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-06-27 13:27 - 2015-06-27 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-06-27 13:27 - 2015-06-27 13:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-06-27 13:27 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-06-27 13:27 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-06-27 13:27 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2015-06-27 13:10 - 2015-06-27 13:11 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\kinetz07\Downloads\mbam-setup-2.1.6.1022 (1).exe

2015-06-27 13:08 - 2015-06-27 13:08 - 05481344 _____ (Avast Software s.r.o.) C:\Users\kinetz07\Downloads\avast_free_antivirus_setup_online_softonic.exe

2015-06-27 12:59 - 2015-06-27 12:59 - 00000290 _____ C:\Windows\wininit.ini

2015-06-27 12:45 - 2015-06-27 12:45 - 00000000 ____D C:\KVRT_Data

2015-06-27 12:27 - 2015-06-27 12:27 - 01415680 _____ (wj32) C:\Program Files\9545475U.exe

2015-06-27 12:19 - 2015-06-27 12:19 - 01415680 _____ (wj32) C:\Program Files\EEBEHH9N.exe

2015-06-27 12:18 - 2015-06-27 12:18 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\kinetz07\Downloads\rkill.com

2015-06-27 12:18 - 2015-06-27 12:18 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\kinetz07\Downloads\rkill64.com

2015-06-27 12:18 - 2015-06-27 12:18 - 00000950 _____ C:\Users\kinetz07\Desktop\Rkill.txt

2015-06-27 11:28 - 2015-06-27 11:28 - 01415680 _____ (wj32) C:\Program Files\HHCB84YE.exe

2015-06-27 11:28 - 2015-06-27 11:28 - 01415680 _____ (wj32) C:\Program Files\B850WKKE.exe

2015-06-27 10:41 - 2015-06-27 10:41 - 01415680 _____ (wj32) C:\Program Files\A633369F.exe

2015-06-27 10:39 - 2015-06-27 10:39 - 01415680 _____ (wj32) C:\Program Files\MLKJFCBA.exe

2015-06-27 10:05 - 2015-06-27 10:05 - 01415680 _____ (wj32) C:\Program Files\IHDC8OKH.exe

2015-06-27 00:22 - 2015-06-27 00:22 - 01415680 _____ (wj32) C:\Program Files\9LYDMTVC.exe

2015-06-27 00:20 - 2015-06-27 00:20 - 01415680 _____ (wj32) C:\Program Files\KJIHGCBD.exe

2015-06-27 00:20 - 2015-06-27 00:20 - 01415680 _____ (wj32) C:\Program Files\JCEEB9B5.exe

2015-06-27 00:20 - 2015-06-27 00:20 - 01415680 _____ (wj32) C:\Program Files\8376A7BZ.exe

2015-06-27 00:20 - 2015-06-27 00:20 - 01415680 _____ (wj32) C:\Program Files\6246899Y.exe

2015-06-26 16:45 - 2015-06-26 16:45 - 01415680 _____ (wj32) C:\Program Files\TWKJMMKU.exe

2015-06-26 16:45 - 2015-06-26 16:45 - 01415680 _____ (wj32) C:\Program Files\SUWVWY0S.exe

2015-06-26 13:57 - 2012-02-10 20:09 - 02704896 _____ C:\Users\kinetz07\Desktop\TWO-STOREY.xls

2015-06-26 13:20 - 2015-06-26 13:20 - 01415680 _____ (wj32) C:\Program Files\VUUWWXZH.exe

2015-06-26 11:31 - 2015-06-27 00:10 - 00000000 ____D C:\VIPRERESCUE

2015-06-26 11:31 - 2013-09-04 14:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys

2015-06-26 11:31 - 2013-05-23 08:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys

2015-06-26 11:12 - 2015-06-26 11:16 - 04755113 _____ C:\Users\kinetz07\Downloads\AlangAlang (1).xlsm

2015-06-26 11:09 - 2015-06-26 16:43 - 04764947 _____ C:\Users\kinetz07\Downloads\AlangAlang.xlsm

2015-06-26 11:08 - 2015-06-26 11:12 - 06240460 _____ C:\Users\kinetz07\Downloads\2-Storey-Elementary-School.xlsm

2015-06-26 11:07 - 2015-06-26 11:15 - 03504792 _____ C:\Users\kinetz07\Downloads\1-Story-Warehouse.xlsm

2015-06-26 10:39 - 2015-06-26 10:39 - 01415680 _____ (wj32) C:\Program Files\PRMFHCEB.exe

2015-06-26 10:24 - 2015-06-26 10:24 - 01415680 _____ (wj32) C:\Program Files\WYUWSUSO.exe

2015-06-26 10:23 - 2015-06-26 10:23 - 01415680 _____ (wj32) C:\Program Files\SLIF6FNI.exe

2015-06-26 10:23 - 2015-06-26 10:23 - 01415680 _____ (wj32) C:\Program Files\475430XJ.exe

2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\WFY9R8K0.exe

2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\LORSVTKV.exe

2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\8A7979IF.exe

2015-06-25 16:19 - 2015-06-25 16:19 - 01415680 _____ (wj32) C:\Program Files\PRLNIKID.exe

2015-06-25 16:19 - 2015-06-25 16:19 - 01415680 _____ (wj32) C:\Program Files\N2KZHYH0.exe

2015-06-25 11:48 - 2015-06-25 11:52 - 00000000 ____D C:\Users\kinetz07\Desktop\USAID

2015-06-25 11:09 - 2014-10-17 11:53 - 00000000 ____D C:\Users\kinetz07\Desktop\RETROFIT DESIGN REPORT

2015-06-25 10:08 - 2015-06-25 10:08 - 01415680 _____ (wj32) C:\Program Files\YVRUUROJ.exe

2015-06-25 10:08 - 2015-06-25 10:08 - 01415680 _____ (wj32) C:\Program Files\HKNKNKS3.exe

2015-06-25 10:08 - 2015-06-25 10:08 - 01415680 _____ (wj32) C:\Program Files\7995022V.exe

2015-06-25 10:08 - 2015-06-25 10:08 - 01415680 _____ (wj32) C:\Program Files\25889AC8.exe

2015-06-24 18:11 - 2015-06-24 18:11 - 01415680 _____ (wj32) C:\Program Files\VUWVXFUR.exe

2015-06-24 18:10 - 2015-06-24 18:10 - 01415680 _____ (wj32) C:\Program Files\I1K1CVDA.exe

2015-06-24 18:10 - 2015-06-24 18:10 - 01415680 _____ (wj32) C:\Program Files\35XRKA09.exe

2015-06-24 17:07 - 2015-06-24 16:57 - 19846640 _____ C:\Users\kinetz07\Desktop\Sagkahan Elementary School.zip

2015-06-24 14:30 - 2015-06-27 19:03 - 00000000 ____D C:\Users\kinetz07\AppData\Local\Spotify

2015-06-24 14:30 - 2015-06-24 14:30 - 00001868 _____ C:\Users\kinetz07\Desktop\Spotify.lnk

2015-06-24 14:30 - 2015-06-24 14:30 - 00001854 _____ C:\Users\kinetz07\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

2015-06-24 14:26 - 2015-06-27 19:03 - 00000000 ____D C:\Users\kinetz07\AppData\Roaming\Spotify

2015-06-24 14:25 - 2015-06-24 14:25 - 00155296 _____ (Spotify Ltd) C:\Users\kinetz07\Downloads\SpotifySetup.exe

2015-06-24 13:56 - 2015-06-24 13:56 - 01415680 _____ (wj32) C:\Program Files\TMIET5FC.exe

2015-06-24 13:56 - 2015-06-24 13:56 - 01415680 _____ (wj32) C:\Program Files\51YS6IUH.exe

2015-06-24 13:29 - 2015-06-24 13:29 - 01415680 _____ (wj32) C:\Program Files\5213212B.exe

2015-06-24 13:26 - 2015-06-24 13:26 - 01415680 _____ (wj32) C:\Program Files\A8CA53YY.exe

2015-06-24 10:03 - 2015-06-24 10:03 - 01415680 _____ (wj32) C:\Program Files\UXX0Z24X.exe

2015-06-24 10:03 - 2015-06-24 10:03 - 01415680 _____ (wj32) C:\Program Files\EHEFIIH8.exe

2015-06-23 21:21 - 2015-06-23 21:21 - 01415680 _____ (wj32) C:\Program Files\VXTVTVTM.exe

2015-06-23 21:21 - 2015-06-23 21:21 - 01415680 _____ (wj32) C:\Program Files\VWXVWRL5.exe

2015-06-23 16:00 - 2015-06-23 16:00 - 01415680 _____ (wj32) C:\Program Files\LNMONMIA.exe

2015-06-23 16:00 - 2015-06-23 16:00 - 01415680 _____ (wj32) C:\Program Files\GIKMFHIX.exe

2015-06-23 15:59 - 2015-06-23 15:59 - 01415680 _____ (wj32) C:\Program Files\8T2N2N7G.exe

2015-06-23 14:16 - 2014-04-09 02:00 - 01531822 _____ C:\Users\kinetz07\Desktop\2.0 Coping Design.xlsx

2015-06-18 13:36 - 2015-06-18 13:36 - 01381357 _____ C:\Users\kinetz07\Downloads\FRP-Beam-Retrofit-Bm-486.xlsx

2015-06-18 13:33 - 2015-06-18 13:34 - 05874851 _____ C:\Users\kinetz07\Downloads\2-Storey-Elementary-School-Autosaved.xlsm

2015-06-16 22:19 - 2015-06-27 19:02 - 00003496 _____ C:\Windows\System32\Tasks\gg_uac_daemon_kinetz07

2015-06-16 10:20 - 2015-06-26 13:57 - 00002274 _____ C:\Users\kinetz07\Documents\ipmsg.log

2015-06-16 10:19 - 2015-06-16 10:19 - 00000000 ____D C:\Program Files\IPMsg

2015-06-16 10:18 - 2015-06-16 10:18 - 00514177 _____ C:\Users\kinetz07\Downloads\ipmsg350_installer64.zip

2015-06-12 22:57 - 2015-05-27 22:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-06-12 22:57 - 2015-05-27 22:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-06-12 22:57 - 2015-05-23 11:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-06-12 22:57 - 2015-05-23 11:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-06-12 22:57 - 2015-05-23 11:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-06-12 22:57 - 2015-05-23 11:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-06-12 22:57 - 2015-05-23 11:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-06-12 22:57 - 2015-05-23 10:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-06-12 22:57 - 2015-05-23 10:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-06-12 22:57 - 2015-05-23 10:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-06-12 22:57 - 2015-05-23 10:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2015-06-12 22:57 - 2015-05-23 10:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll

2015-06-12 22:57 - 2015-05-23 10:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-06-12 22:57 - 2015-05-23 10:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-06-12 22:57 - 2015-05-23 10:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-06-12 22:57 - 2015-05-23 10:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-06-12 22:57 - 2015-05-23 10:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll

2015-06-12 22:57 - 2015-05-23 10:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-06-12 22:57 - 2015-05-23 10:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-06-12 22:57 - 2015-05-23 10:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-06-12 22:57 - 2015-05-23 03:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-06-12 22:57 - 2015-05-23 03:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-06-12 22:57 - 2015-05-23 03:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-06-12 22:57 - 2015-05-23 02:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-06-12 22:57 - 2015-05-23 02:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-06-12 22:57 - 2015-05-23 02:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-06-12 22:57 - 2015-05-23 02:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-06-12 22:57 - 2015-05-23 02:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-06-12 22:57 - 2015-05-23 02:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2015-06-12 22:57 - 2015-05-23 02:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-06-12 22:57 - 2015-05-23 02:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll

2015-06-12 22:57 - 2015-05-23 02:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2015-06-12 22:57 - 2015-05-23 02:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-06-12 22:57 - 2015-05-23 02:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-06-12 22:57 - 2015-05-23 02:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-06-12 22:57 - 2015-05-23 01:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-06-12 22:57 - 2015-05-23 01:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-06-12 22:57 - 2015-05-23 01:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll

2015-06-12 22:57 - 2015-05-23 01:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-06-12 22:57 - 2015-05-23 01:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-06-12 22:53 - 2015-05-22 00:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-06-12 22:53 - 2015-04-25 10:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2015-06-12 22:53 - 2015-04-25 10:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2015-06-12 16:36 - 2015-06-12 16:36 - 00014821 _____ C:\Users\kinetz07\Desktop\DTR MAY 25, - JUNE 11, 2015.xlsx

2015-06-11 11:24 - 2015-06-11 11:24 - 00087181 _____ C:\Users\kinetz07\Downloads\equake.xlsx

2015-06-08 12:17 - 2015-06-08 12:17 - 00000512 _____ C:\Users\kinetz07\Downloads\SAGKAHAN.slg

2015-06-08 12:17 - 2015-06-08 12:17 - 00000004 _____ C:\Users\kinetz07\Downloads\SAGKAHAN.cut

2015-06-08 11:58 - 2015-06-08 12:17 - 00043974 _____ C:\Users\kinetz07\Downloads\SAGKAHAN.UID

2015-06-08 11:58 - 2015-06-08 11:58 - 00004909 _____ C:\Users\kinetz07\Downloads\SAGKAHAN.dbi

2015-06-08 11:58 - 2015-06-08 11:58 - 00000083 _____ C:\Users\kinetz07\Downloads\SAGKAHAN.cod

2015-06-08 11:55 - 2015-06-08 11:55 - 00013900 _____ C:\Users\kinetz07\Downloads\SAGKAHAN.std

2015-06-08 00:14 - 2015-06-08 00:14 - 04047480 _____ C:\Users\kinetz07\Downloads\11188324_1656553871242227_4288093763310382384_n.psd

2015-06-05 13:40 - 2015-06-05 13:40 - 00578688 _____ C:\Users\kinetz07\Downloads\truss.dwg

2015-06-05 13:15 - 2015-06-05 13:15 - 01926316 _____ C:\Users\kinetz07\Downloads\TRUSS.rar

2015-06-04 11:38 - 2015-06-04 11:38 - 00737753 _____ C:\Users\kinetz07\Downloads\PASAC-CULCUL-2-edited (1).dwg

2015-06-04 10:12 - 2015-06-04 10:13 - 01136448 _____ C:\Users\kinetz07\Downloads\PASAC-CULCUL-2-edited.dwg

2015-06-01 16:09 - 2015-06-01 16:09 - 00000000 ____D C:\Users\kinetz07\AppData\Local\GWX

2015-06-01 11:48 - 2015-06-01 11:48 - 00030936 _____ C:\Users\kinetz07\Downloads\sadas.xlsx

2015-05-30 08:46 - 2015-05-30 08:46 - 00000000 ____D C:\Users\kinetz07\AppData\Roaming\ATI

2015-05-30 08:46 - 2015-05-30 08:46 - 00000000 ____D C:\Users\kinetz07\AppData\Local\ATI

2015-05-30 08:46 - 2015-05-30 08:46 - 00000000 ____D C:\ProgramData\ATI

2015-05-28 20:21 - 2015-05-28 20:21 - 00041472 _____ C:\Users\kinetz07\Downloads\Rampage 2015 Online Ticket Order Form.xls

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-06-27 19:06 - 2015-01-14 17:53 - 00000000 ____D C:\Users\kinetz07\AppData\Roaming\GarenaPlus

2015-06-27 19:06 - 2015-01-14 17:52 - 00000000 ____D C:\ProgramData\GarenaMessenger

2015-06-27 19:02 - 2015-01-11 21:12 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-06-27 19:01 - 2015-02-07 08:29 - 00001362 _____ C:\Windows\Tasks\NONUI.job

2015-06-27 19:01 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\system32\sru

2015-06-27 18:23 - 2015-01-11 21:12 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-06-27 17:15 - 2015-01-11 21:00 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-934835943-2712293172-1038266425-1001

2015-06-27 17:00 - 2014-09-03 05:04 - 02224878 _____ C:\Windows\SysWOW64\rootpa.e2e

2015-06-27 16:59 - 2014-07-26 14:09 - 00000000 ____D C:\ProgramData\McAfee

2015-06-27 16:59 - 2013-08-22 22:46 - 00056398 _____ C:\Windows\setupact.log

2015-06-27 16:59 - 2013-08-22 22:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-06-27 16:58 - 2015-01-12 13:58 - 00000000 ____D C:\Users\kinetz07\AppData\Roaming\DMCache

2015-06-27 16:58 - 2015-01-11 20:53 - 00000000 ____D C:\Users\kinetz07

2015-06-27 16:58 - 2014-09-03 05:48 - 01854675 _____ C:\Windows\WindowsUpdate.log

2015-06-27 16:19 - 2015-05-04 09:10 - 00000000 ____D C:\Users\kinetz07\Desktop\Misc

2015-06-27 16:13 - 2015-01-11 21:06 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0D196690-4AE7-4B0F-B2C9-9517BE789CD6}

2015-06-27 15:56 - 2013-08-22 23:36 - 00000000 __RHD C:\Users\Public\Libraries

2015-06-27 15:35 - 2015-05-12 16:41 - 511887582 _____ C:\Windows\MEMORY.DMP

2015-06-27 15:35 - 2015-05-12 16:41 - 00000000 ____D C:\Windows\Minidump

2015-06-27 15:21 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\AppReadiness

2015-06-27 15:06 - 2014-03-18 17:44 - 00158226 _____ C:\Windows\PFRO.log

2015-06-27 13:02 - 2015-03-13 18:19 - 00000000 ____D C:\Program Files\Common Files\McAfee

2015-06-27 12:59 - 2013-08-22 23:36 - 00000000 ___HD C:\Windows\ELAMBKUP

2015-06-27 12:59 - 2013-08-22 21:25 - 00262144 ___SH C:\Windows\system32\config\ELAM

2015-06-27 11:32 - 2014-03-18 17:53 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI

2015-06-27 02:44 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\rescache

2015-06-27 02:18 - 2015-01-11 21:12 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-06-27 02:18 - 2015-01-11 21:12 - 00003656 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-06-27 00:21 - 2013-08-22 21:25 - 00262144 ___SH C:\Windows\system32\config\BBI

2015-06-26 13:35 - 2015-04-10 17:02 - 00000219 _____ C:\Windows\SysWOW64\lsprst7.tgz

2015-06-26 13:35 - 2015-04-10 17:02 - 00000205 _____ C:\Windows\SysWOW64\lsprst7.dll

2015-06-26 13:35 - 2015-04-10 17:02 - 00000087 _____ C:\Windows\SysWOW64\ssprs.tgz

2015-06-26 13:35 - 2014-07-26 13:46 - 00000073 _____ C:\Windows\SysWOW64\ssprs.dll

2015-06-26 10:36 - 2013-08-22 22:44 - 00567144 _____ C:\Windows\system32\FNTCACHE.DAT

2015-06-26 10:28 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\PolicyDefinitions

2015-06-22 12:55 - 2015-05-02 18:45 - 00000000 ____D C:\Users\kinetz07\Desktop\Work

2015-06-20 12:15 - 2015-01-14 17:52 - 00000000 ____D C:\Program Files (x86)\Garena Plus

2015-06-19 14:45 - 2015-04-02 21:14 - 00000000 ____D C:\Users\kinetz07\AppData\Roaming\uTorrent

2015-06-19 14:42 - 2015-01-11 21:52 - 00000000 ____D C:\Users\kinetz07\AppData\Local\CrashDumps

2015-06-18 16:29 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\system32\NDF

2015-06-16 10:52 - 2015-05-12 16:38 - 00000514 _____ C:\Windows\system32\Drivers\etc\hosts.ics

2015-06-14 16:18 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\LiveKernelReports

2015-06-12 23:10 - 2015-01-15 00:13 - 00000000 ____D C:\Windows\system32\MRT

2015-06-12 23:00 - 2015-01-15 00:13 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-06-12 23:00 - 2013-08-22 23:20 - 00000000 ____D C:\Windows\CbsTemp

2015-06-12 16:41 - 2015-01-14 18:58 - 00000000 ____D C:\Users\kinetz07\Documents\Bluetooth Folder

2015-06-08 11:19 - 2015-01-27 19:57 - 00765440 ___SH C:\Users\kinetz07\Desktop\Thumbs.db

2015-06-08 00:11 - 2015-01-12 21:30 - 01276416 ___SH C:\Users\kinetz07\Downloads\Thumbs.db

2015-06-08 00:09 - 2015-01-11 20:54 - 00000000 ____D C:\Users\kinetz07\AppData\Roaming\Adobe

2015-06-04 00:18 - 2015-05-13 17:42 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-06-04 00:18 - 2015-05-13 17:42 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-06-03 12:02 - 2015-01-12 13:58 - 00000000 ____D C:\Users\kinetz07\Downloads\Compressed

2015-05-28 21:56 - 2015-04-06 12:05 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2015-05-28 21:56 - 2015-04-06 12:05 - 00000000 ___SD C:\Windows\system32\GWX

==================== Files in the root of some directories =======

2015-06-25 10:08 - 2015-06-25 10:08 - 1415680 _____ (wj32) C:\Program Files\25889AC8.exe

2015-06-24 18:10 - 2015-06-24 18:10 - 1415680 _____ (wj32) C:\Program Files\35XRKA09.exe

2015-06-26 10:23 - 2015-06-26 10:23 - 1415680 _____ (wj32) C:\Program Files\475430XJ.exe

2015-06-24 13:56 - 2015-06-24 13:56 - 1415680 _____ (wj32) C:\Program Files\51YS6IUH.exe

2015-06-24 13:29 - 2015-06-24 13:29 - 1415680 _____ (wj32) C:\Program Files\5213212B.exe

2015-06-27 00:20 - 2015-06-27 00:20 - 1415680 _____ (wj32) C:\Program Files\6246899Y.exe

2015-06-25 10:08 - 2015-06-25 10:08 - 1415680 _____ (wj32) C:\Program Files\7995022V.exe

2015-06-27 00:20 - 2015-06-27 00:20 - 1415680 _____ (wj32) C:\Program Files\8376A7BZ.exe

2015-06-26 10:20 - 2015-06-26 10:20 - 1415680 _____ (wj32) C:\Program Files\8A7979IF.exe

2015-06-23 15:59 - 2015-06-23 15:59 - 1415680 _____ (wj32) C:\Program Files\8T2N2N7G.exe

2015-06-27 12:27 - 2015-06-27 12:27 - 1415680 _____ (wj32) C:\Program Files\9545475U.exe

2015-06-27 00:22 - 2015-06-27 00:22 - 1415680 _____ (wj32) C:\Program Files\9LYDMTVC.exe

2015-06-27 10:41 - 2015-06-27 10:41 - 1415680 _____ (wj32) C:\Program Files\A633369F.exe

2015-06-24 13:26 - 2015-06-24 13:26 - 1415680 _____ (wj32) C:\Program Files\A8CA53YY.exe

2015-06-27 13:51 - 2015-06-27 13:51 - 1415680 _____ (wj32) C:\Program Files\AADA30XW.exe

2015-06-27 11:28 - 2015-06-27 11:28 - 1415680 _____ (wj32) C:\Program Files\B850WKKE.exe

2015-06-27 12:19 - 2015-06-27 12:19 - 1415680 _____ (wj32) C:\Program Files\EEBEHH9N.exe

2015-06-24 10:03 - 2015-06-24 10:03 - 1415680 _____ (wj32) C:\Program Files\EHEFIIH8.exe

2015-06-27 13:51 - 2015-06-27 13:51 - 1415680 _____ (wj32) C:\Program Files\GEEC93TO.exe

2015-06-23 16:00 - 2015-06-23 16:00 - 1415680 _____ (wj32) C:\Program Files\GIKMFHIX.exe

2015-06-27 11:28 - 2015-06-27 11:28 - 1415680 _____ (wj32) C:\Program Files\HHCB84YE.exe

2015-06-25 10:08 - 2015-06-25 10:08 - 1415680 _____ (wj32) C:\Program Files\HKNKNKS3.exe

2015-06-24 18:10 - 2015-06-24 18:10 - 1415680 _____ (wj32) C:\Program Files\I1K1CVDA.exe

2015-06-27 10:05 - 2015-06-27 10:05 - 1415680 _____ (wj32) C:\Program Files\IHDC8OKH.exe

2015-06-27 00:20 - 2015-06-27 00:20 - 1415680 _____ (wj32) C:\Program Files\JCEEB9B5.exe

2015-06-27 15:29 - 2015-06-27 15:29 - 1415680 _____ (wj32) C:\Program Files\K4FT4FTT.exe

2015-06-27 00:20 - 2015-06-27 00:20 - 1415680 _____ (wj32) C:\Program Files\KJIHGCBD.exe

2015-06-23 16:00 - 2015-06-23 16:00 - 1415680 _____ (wj32) C:\Program Files\LNMONMIA.exe

2015-06-26 10:20 - 2015-06-26 10:20 - 1415680 _____ (wj32) C:\Program Files\LORSVTKV.exe

2015-06-27 10:39 - 2015-06-27 10:39 - 1415680 _____ (wj32) C:\Program Files\MLKJFCBA.exe

2015-06-25 16:19 - 2015-06-25 16:19 - 1415680 _____ (wj32) C:\Program Files\N2KZHYH0.exe

2015-06-25 16:19 - 2015-06-25 16:19 - 1415680 _____ (wj32) C:\Program Files\PRLNIKID.exe

2015-06-26 10:39 - 2015-06-26 10:39 - 1415680 _____ (wj32) C:\Program Files\PRMFHCEB.exe

2015-06-26 10:23 - 2015-06-26 10:23 - 1415680 _____ (wj32) C:\Program Files\SLIF6FNI.exe

2015-06-26 16:45 - 2015-06-26 16:45 - 1415680 _____ (wj32) C:\Program Files\SUWVWY0S.exe

2015-06-24 13:56 - 2015-06-24 13:56 - 1415680 _____ (wj32) C:\Program Files\TMIET5FC.exe

2015-06-26 16:45 - 2015-06-26 16:45 - 1415680 _____ (wj32) C:\Program Files\TWKJMMKU.exe

2015-06-24 10:03 - 2015-06-24 10:03 - 1415680 _____ (wj32) C:\Program Files\UXX0Z24X.exe

2015-06-26 13:20 - 2015-06-26 13:20 - 1415680 _____ (wj32) C:\Program Files\VUUWWXZH.exe

2015-06-24 18:11 - 2015-06-24 18:11 - 1415680 _____ (wj32) C:\Program Files\VUWVXFUR.exe

2015-06-23 21:21 - 2015-06-23 21:21 - 1415680 _____ (wj32) C:\Program Files\VWXVWRL5.exe

2015-06-23 21:21 - 2015-06-23 21:21 - 1415680 _____ (wj32) C:\Program Files\VXTVTVTM.exe

2015-06-26 10:20 - 2015-06-26 10:20 - 1415680 _____ (wj32) C:\Program Files\WFY9R8K0.exe

2015-06-26 10:24 - 2015-06-26 10:24 - 1415680 _____ (wj32) C:\Program Files\WYUWSUSO.exe

2015-06-27 15:37 - 2015-06-27 15:37 - 1415680 _____ (wj32) C:\Program Files\Y02102RA.exe

2015-06-27 15:29 - 2015-06-27 15:29 - 1415680 _____ (wj32) C:\Program Files\YUTSURJH.exe

2015-06-25 10:08 - 2015-06-25 10:08 - 1415680 _____ (wj32) C:\Program Files\YVRUUROJ.exe

2015-01-26 00:12 - 2015-02-08 12:08 - 0000365 _____ () C:\Users\kinetz07\AppData\Roaming\NONUI

2015-02-07 08:29 - 2015-02-07 08:29 - 1829848 _____ () C:\Users\kinetz07\AppData\Roaming\NONUI.exe

2014-09-03 05:01 - 2014-09-03 05:01 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2015-01-24 13:31 - 2015-01-24 13:31 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

2015-03-20 21:10 - 2014-10-29 09:52 - 75362304 ___SH () C:\ProgramData\msvez.exe

 

Files to move or delete:

====================

C:\ProgramData\msvez.exe

 

Some files in TEMP:

====================

C:\Users\kinetz07\AppData\Local\Temp\0212751435391706mcinst.exe

C:\Users\kinetz07\AppData\Local\Temp\cdo11314704.dll

C:\Users\kinetz07\AppData\Local\Temp\cdo2235670817.dll

C:\Users\kinetz07\AppData\Local\Temp\cdo2965539735.dll

C:\Users\kinetz07\AppData\Local\Temp\cdo3392616369.dll

C:\Users\kinetz07\AppData\Local\Temp\cdo4054691146.dll

C:\Users\kinetz07\AppData\Local\Temp\cdo482320495.dll

C:\Users\kinetz07\AppData\Local\Temp\cdo563211069.dll

C:\Users\kinetz07\AppData\Local\Temp\cdo725037336.dll

C:\Users\kinetz07\AppData\Local\Temp\cdo728608456.dll

C:\Users\kinetz07\AppData\Local\Temp\cdo89642314.dll

C:\Users\kinetz07\AppData\Local\Temp\Foxit PhantomPDF Updater.exe

C:\Users\kinetz07\AppData\Local\Temp\McCSPInstall.dll

C:\Users\kinetz07\AppData\Local\Temp\mccspuninstall.exe

C:\Users\kinetz07\AppData\Local\Temp\msvcp120.dll

C:\Users\kinetz07\AppData\Local\Temp\msvcr120.dll

C:\Users\kinetz07\AppData\Local\Temp\PH_150505to150519.exe

C:\Users\kinetz07\AppData\Local\Temp\PH_150519to150521.exe

C:\Users\kinetz07\AppData\Local\Temp\PH_150521to150602.exe

C:\Users\kinetz07\AppData\Local\Temp\PH_150602to150616.exe

C:\Users\kinetz07\AppData\Local\Temp\SRLDetectionLibrary1527105708258274435.dll

C:\Users\kinetz07\AppData\Local\Temp\SRLDetectionLibrary6136515311748987566.dll

C:\Users\kinetz07\AppData\Local\Temp\Uninstall.exe

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

LastRegBack: 2015-06-27 02:27

==================== End of log ============================


  • 0

#4
kinetz07
Posted 27 June 2015 - 05:12 AM

kinetz07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
this is the addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by kinetz07 at 2015-06-27 19:07:55
Running from C:\Users\kinetz07\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-934835943-2712293172-1038266425-500 - Administrator - Disabled)
Guest (S-1-5-21-934835943-2712293172-1038266425-501 - Limited - Disabled)
kinetz07 (S-1-5-21-934835943-2712293172-1038266425-1001 - Administrator - Enabled) => C:\Users\kinetz07
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3012 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon 1Button App (HKLM-x32\...\{FF0A904E-8827-4F6E-9A59-900D4C997AD1}) (Version: 1.0.8 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{E043161E-A691-B3C2-E60C-2FBBD8CFF720}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
Assassin's Creed ® III (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.00 - Ubisoft)
AutoCAD 2014 - English (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Bentley IEG License Service (HKLM-x32\...\{B1687FC2-7412-4B52-83AC-E5475022B506}) (Version: 2.0.20.1 - Bentley Systems, Inc.)
Bentley OpenSTAADOEM (HKLM-x32\...\{703B113F-F445-4875-A244-EE60F8254C10}) (Version: 08.02.09.16 - Bentley Systems, Inc.)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Free Video to Samsung Phones Converter version 5.0.57.301 (HKLM-x32\...\Free Video to Samsung Phones Converter_is1) (Version: 5.0.57.301 - DVDVideoSoft Ltd.)
FreeStyle2: Street Basketball (HKLM-x32\...\Steam App 339610) (Version:  - Joycity)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Garena - Heroes of Newerth (HKLM-x32\...\HoN) (Version:  - Garena Online Pte Ltd.)
Garena+ (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Inspector Magnusson - Murder on the Titanic (x32 Version: 2.2.0.110 - WildTangent) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IP Messenger for Win (HKLM\...\IPMSG for Win32) (Version:  - )
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
Lost in Night (x32 Version: 3.0.2.38 - WildTangent) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Morris (Nine Men's Morris game) (HKLM-x32\...\Morris) (Version:  - )
OEM Application Profile (HKLM-x32\...\{C01EB132-6707-740E-6ED9-EAC3943918DB}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
pcaColumn v3.63 (HKLM-x32\...\pcaColumn v3.63) (Version: pcaColumn v3.63 - Portland Cement Association)
PipeLink for STAAD.Pro V8i (Build 20.13.2.27) (HKLM-x32\...\{88A34C6C-D222-4FC2-9B1B-D7EC8B520E65}) (Version: 20.13.2.27 - Bentley Systems, Inc.)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
PSP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.4.15.0 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21250 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Spotify (HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\Spotify) (Version: 1.0.7.157.g2a6526f9 - Spotify AB)
STAAD.foundation V8i (SELECTseries 4) Release 5.3 (HKLM-x32\...\{C3010B65-2BF1-4028-B1D0-0B3D513664AD}) (Version: 05.03.00.32 - Bentley Systems Inc.)
STAAD.Pro V8i SELECTseries 4 (HKLM-x32\...\{9260B6A1-12FE-4912-A7C5-6AF7EB1FBA58}) (Version: 20.07.09.31 - Bentley Systems, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StrucLink for STAAD.Pro V8i (Build 20.13.3.14) (HKLM-x32\...\{74DB7277-BA51-450A-AB13-FC3EEFC688CE}) (Version: 20.13.3.14 - Bentley Systems, Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1194 - SUPERAntiSpyware.com)
System Requirements Lab (HKLM-x32\...\{A92D0DBB-834A-4CAD-A434-F2232C692516}) (Version: 6.1.4.0 - Husdawg, LLC)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-934835943-2712293172-1038266425-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-934835943-2712293172-1038266425-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-934835943-2712293172-1038266425-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-934835943-2712293172-1038266425-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-934835943-2712293172-1038266425-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\kinetz07\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0BF658CE-6BA5-4B71-BE21-FE817BBB59C4} - System32\Tasks\Opera scheduled Autoupdate 1421041356 => C:\Program Files (x86)\Opera\launcher.exe
Task: {1C41AE75-E918-45D3-B0D8-CD833966FC2B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-11] (Google Inc.)
Task: {1E26A388-0F50-4811-9216-3AE6D3D9E8CD} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {2319DF14-D7A5-4CBC-A23A-A73174829F17} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-934835943-2712293172-1038266425-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {24612EB8-283C-40D0-808D-5FB43C00FCE4} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-09] (Acer Incorporated)
Task: {2F0A8A5F-CFF1-4E81-897E-22F09AFA6915} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {366CF8B1-501E-488D-B776-F4D9B0069CC7} - System32\Tasks\SUPERAntiSpyware Scheduled Task 16915d7c-42bf-4d4b-987e-8f54d058a8b7 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {3812FCD0-4F04-4A73-BC7A-E9255ACF635A} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {490BFA1F-ECDD-42AE-88D6-B85F2C796A1D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {7CD8D205-CB41-4EA0-AE20-73BDBD56233C} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {7D921043-7FF2-4426-844E-5E50FF1653E5} - System32\Tasks\gg_uac_daemon_kinetz07 => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2015-01-20] ()
Task: {95B23AE0-5662-48D6-A751-47380E80D5CB} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {997F4881-CF17-4D63-A000-BEC549B48E37} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {B45C0A91-E5CE-4D9E-96E5-79F367B1D1A0} - System32\Tasks\SUPERAntiSpyware Scheduled Task d9c5f5e7-5748-4ab4-b0b7-c076810bde4f => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {B5B64EFC-B973-4803-87EA-8698A8A928E2} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-18] (Acer Incorporated)
Task: {BA77B559-BA59-45AC-B0B0-3F14BA92302A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-11] (Google Inc.)
Task: {E542BDC2-5AB2-4617-AA4E-6DCB4F9A98EF} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {E6275D41-6EE8-4796-9139-F94ED2AF0C04} - System32\Tasks\{00A45EFA-80B9-4620-89C8-D4B74EF30C01} => pcalua.exe -a "C:\Program Files (x86)\PCA\pcaColumn\pcacol.exe" -d "C:\Program Files (x86)\PCA\pcaColumn"
Task: {E83ACF20-55EB-4B46-86D6-804F439FC41C} - System32\Tasks\NONUI => C:\Users\kinetz07\AppData\Roaming\NONUI.exe [2015-02-07] () <==== ATTENTION
Task: {F3F0DDCD-B586-4B32-87AC-859A4ECF79E5} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\NONUI.job => C:\Users\kinetz07\AppData\Roaming\NONUI.exe <==== ATTENTION
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 16915d7c-42bf-4d4b-987e-8f54d058a8b7.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d9c5f5e7-5748-4ab4-b0b7-c076810bde4f.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-03-11 02:20 - 2015-03-11 02:20 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-02-25 23:14 - 2014-02-25 23:14 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-25 23:11 - 2014-02-25 23:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2015-01-14 11:06 - 2015-05-27 12:46 - 09981888 _____ () C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
2014-02-25 23:17 - 2014-02-25 23:17 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2015-01-14 11:06 - 2015-01-20 20:20 - 00055896 _____ () C:\Program Files (x86)\Garena Plus\ggdllhost.exe
2015-05-20 14:55 - 2015-03-12 13:04 - 00264192 _____ () C:\Program Files (x86)\Razer\Razer Cortex\D3DX8Wrapper.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00111192 _____ () C:\Program Files (x86)\Garena Plus\CommonLib.dll
2015-01-14 11:06 - 2015-04-20 19:07 - 00865728 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00040024 _____ () C:\Program Files (x86)\Garena Plus\DibModule.dll
2015-01-14 11:06 - 2015-06-17 22:20 - 00034752 _____ () C:\Program Files (x86)\Garena Plus\VersionModule.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00057944 _____ () C:\Program Files (x86)\Garena Plus\FileLoader.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00093784 _____ () C:\Program Files (x86)\Garena Plus\PluginKernel.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00493656 _____ () C:\Program Files (x86)\Garena Plus\CxImage.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00031832 _____ () C:\Program Files (x86)\Garena Plus\PluginModule.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00177240 _____ () C:\Program Files (x86)\Garena Plus\lib\fs\YYFileSystem.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00380504 _____ () C:\Program Files (x86)\Garena Plus\lib\Http.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00191064 _____ () C:\Program Files (x86)\Garena Plus\lib\MP3Module.dll
2012-02-22 16:52 - 2012-02-22 16:52 - 00162304 _____ () C:\Program Files (x86)\Garena Plus\lame_enc.DLL
2015-01-14 11:06 - 2015-01-20 20:20 - 00226392 _____ () C:\Program Files (x86)\Garena Plus\lib\TaskManagerLib.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00112728 _____ () C:\Program Files (x86)\Garena Plus\lib\UILayout.dll
2015-01-14 11:06 - 2015-05-27 12:47 - 00965056 _____ () C:\Program Files (x86)\Garena Plus\lib\XLL.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00061528 _____ () C:\Program Files (x86)\Garena Plus\lib\XmlUIModule.dll
2012-02-22 16:52 - 2012-02-22 16:52 - 00573100 _____ () C:\Program Files (x86)\Garena Plus\sqlite3.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00231000 _____ () C:\Program Files (x86)\Garena Plus\Plugins\StatsPlugin.dll
2015-01-14 11:06 - 2015-06-05 16:42 - 01250752 _____ () C:\Program Files (x86)\Garena Plus\Plugins\ggplugin.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00199256 _____ () C:\Program Files (x86)\Garena Plus\ImageModule.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00161880 _____ () C:\Program Files (x86)\Garena Plus\libmpg123.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 02947672 _____ () C:\Program Files (x86)\Garena Plus\ggdownloader.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00072280 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\AudioMixerLib.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00023128 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\ClientTcp.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 01551960 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\FileSender.dll
2013-02-01 13:42 - 2013-02-01 13:42 - 00153088 _____ () C:\Program Files (x86)\Garena Plus\libzmq.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00962648 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\GaFileTransfer.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00251480 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\MediaEngine.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00032856 _____ () C:\Program Files (x86)\Garena Plus\ServerMemAlloc.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00523352 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\RSALib.dll
2015-01-14 11:06 - 2015-01-20 20:20 - 00074840 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\UdtLib.dll
2015-06-24 14:30 - 2015-06-24 18:09 - 41287224 _____ () C:\Users\kinetz07\AppData\Roaming\Spotify\libcef.dll
2015-06-27 02:37 - 2015-06-20 13:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-27 02:37 - 2015-06-20 13:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-06-24 14:30 - 2015-06-24 18:09 - 01488440 _____ () C:\Users\kinetz07\AppData\Roaming\Spotify\libglesv2.dll
2015-06-24 14:30 - 2015-06-24 18:09 - 00079928 _____ () C:\Users\kinetz07\AppData\Roaming\Spotify\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-934835943-2712293172-1038266425-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kinetz07\Documents\images pa\shokugeki-no-soma-_6739.jpg
DNS Servers: 192.168.254.254
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-934835943-2712293172-1038266425-1001\...\StartupApproved\Run: => "uTorrent"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9A2C3595-8E44-4783-8F96-E62392938E34}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{4CD1CB05-CE38-4DA9-BE0A-ADD95FDF66C3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{9764F76D-112C-4794-916B-FC418CEC1190}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{1773129E-305D-4401-B6B4-CCAFD6BFD277}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{41AB6C59-7B77-4B3F-91C9-D496CB25DCD5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{7249629D-1562-4923-B6E1-3C674F956323}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{B0052A1A-A397-4F67-B314-C733454A2731}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{F997A64C-EA17-4267-8DDF-77E9C42B3123}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{2CA202C9-1F9D-47E7-BDEE-40B04572892F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{419747E3-6992-4600-94A1-0390485D2A90}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{44E59FA8-949C-4587-8134-40FD30BC276D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{98A98D32-1775-40C1-B952-024AFCD47182}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{DCF77AF5-9760-4D31-A1F2-DE9BFDBB95D4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9C266023-66AB-4F93-86EB-36CE19AF5176}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{29AE849B-2032-4814-A466-EF38037B2C79}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B98AE59E-CF96-4AE6-A6BB-1E2BD40923A4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2C9FD1B4-8A35-479C-9CBD-BDDA9F6557D1}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{872C440F-0467-4103-83C9-7C3A5933C828}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{A9238FC4-F82E-4D1B-9ABB-8A28B7691D07}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{AE119836-868C-4E49-8DC1-A3208F2E776B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{11DD57DD-3086-4DD6-87F2-A3C41DFE5EC8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{71FF0D2A-96C3-4D04-BB31-5D79A6F0F58A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{A584F3C6-8AE1-43C3-9D0A-27F3C4FE9D90}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{4250EBD5-3007-481D-8625-8C1A1192958C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{9B0E3C66-8304-4731-9042-4F100486B38B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{616D110A-631F-4B10-9173-220FFAA8720D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C0EF95AA-2C92-46A9-BF01-ED84EF8C061C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{CCD1CA91-61FF-485E-AF88-07AD3C5A86F7}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{FAA52F8C-749A-4844-B3CA-61C7434570FC}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{58A45AD3-D523-4EE4-8C66-6778497BE27E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{3FDF27E2-AAB1-4ACF-8610-ED25B809A633}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F6BAD1AB-BDD4-4647-A51A-F0FF3DBE6DA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BE4369CC-F38F-4059-B269-FF474AD7C769}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{8D90BA9B-F815-4F3E-BB2B-FF316A8768B8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BD2B14C2-7A33-4B96-B27C-558BD4BB2DC1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3BB41CD0-C0CB-46FB-B4CF-1B343912DFE7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3616529D-0EE3-45F8-8ABD-C7C90289AB69}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{13D476DF-9A4D-4CCD-AD0B-943844E59F63}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{48E810F1-B446-456C-B592-C2B98B4E764F}] => (Allow) C:\Program Files (x86)\Garena Plus\ggdllhost.exe
FirewallRules: [{16856EC9-C1FB-4902-B31E-69B336EE0F64}] => (Allow) LPort=8370
FirewallRules: [{1E5E51E0-1922-472A-81F1-7AF8ED02D7EB}] => (Allow) LPort=8370
FirewallRules: [{FB8F6AB2-EDA5-48C8-9CDE-8ECB105FAE07}] => (Allow) C:\Program Files (x86)\LOL\GameData\Apps\LoLPH\Air\LolClient.exe
FirewallRules: [{729FBEA9-3C44-4F92-9776-FCE077A2223F}] => (Allow) C:\Program Files (x86)\LOL\GameData\Apps\LoLPH\Air\LolClient.exe
FirewallRules: [{74148C13-3C0E-41F4-9B3F-3868221DB679}] => (Allow) C:\Program Files (x86)\LOL\GameData\Apps\LoLPH\Game\League of Legends.exe
FirewallRules: [{DAEBF8A5-06C9-4EBF-A49A-1E30437909CA}] => (Allow) C:\Program Files (x86)\LOL\GameData\Apps\LoLPH\Game\League of Legends.exe
FirewallRules: [{FF09218E-4601-4157-B679-B5F5E23F362E}] => (Allow) C:\Program Files (x86)\Dragon Nest\DragonNest.exe
FirewallRules: [{C0A2DBC8-208C-442B-84E0-3F8E43ED3166}] => (Allow) C:\Program Files (x86)\Dragon Nest\DragonNest.exe
FirewallRules: [{6A5CDB98-28B9-4139-8103-4D5B3CFEBFCD}] => (Allow) C:\Users\kinetz07\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{F55DF48C-9994-479C-B192-E6EDA211BC11}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{F599F860-2A4E-42A7-B698-5591D97CD8DC}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{EFA9B1A9-D016-424D-ACBE-3D35123783FC}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{65CA60FD-CC21-4C4B-A24F-527562A7A439}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{B6236B2A-D1E0-48DA-AA3D-4B7C63DF6EEC}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{C6AF354C-40D9-4A89-96B4-AD57CA5D1347}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{533B660C-15C9-4CC3-A2DA-D9D27B0F0362}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{AE2ADB55-953E-4B7C-B9A8-741ACD35EDD7}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{F0D4C6DA-992D-40A6-9345-67319E7541A2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6071865C-6DE9-4120-9840-1EE236D3A314}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{FABD7481-9586-47F2-82E6-A92644DAAAEE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CD335402-89E6-4E1A-8C6C-D2D419FE7D5F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E49B38AD-2992-4D48-A411-4B2632D797F3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6F37D290-67FF-40F8-84C6-D799CCE18BD3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B392498A-7E36-4B29-9F2D-F709B06A03B8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{96AA6C4B-F906-4012-8EA5-A17572A1C619}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D6CF1FC6-9070-478B-B4C4-E17B025EA463}] => (Allow) LPort=50248
FirewallRules: [{BC208A0E-5CA3-42D0-8D67-4F1EE7983EB3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{93E821B2-CB62-4561-850A-787E274A599E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{512A3964-2335-4496-B4FF-FF0454FCC2D3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{49E54213-FEC1-4B2F-BC5A-B139D30D7329}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8FCF275F-DC59-4BFB-B196-61E226A7711B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{14CA272A-3477-48A8-8C8B-84A96AB52446}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{C28C8E18-BE33-490C-B799-2CCFC5945BAB}] => (Allow) C:\GarenaDownload\Games\hon\HoNInstaller.exe
FirewallRules: [{409ACCF0-9ABF-43E0-B549-2BCEBFD4658B}] => (Allow) C:\GarenaDownload\Games\hon\HoNInstaller.exe
FirewallRules: [{6875F7C4-A6DC-433A-80C2-B980D5AC6277}] => (Allow) LPort=6967
FirewallRules: [{B377065F-22D5-4761-84EF-B516B0149469}] => (Allow) LPort=6967
FirewallRules: [{86100450-576E-4096-866D-1E73BCC08563}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{210778A2-B872-4059-8BE7-06B27154D6C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{772DA6BA-328D-4FE2-9665-589EA07D3531}] => (Allow) LPort=6927
FirewallRules: [{8CB80ECC-15DE-4CBD-8676-A25F5F81622C}] => (Allow) LPort=6927
FirewallRules: [{6B087B20-AE15-441D-8B4F-511A52DC2E9B}] => (Allow) LPort=6929
FirewallRules: [{A8ED4BF0-19AC-4AC2-85C9-E1D27DA28DE2}] => (Allow) LPort=6929
FirewallRules: [{FED13A52-C436-466F-AC3C-0F64352EC8C5}] => (Allow) LPort=6950
FirewallRules: [{4B56442D-68EC-4E56-9DC8-57982AAF0423}] => (Allow) LPort=6950
FirewallRules: [{981BD914-6715-49E2-8948-05498528EC3B}] => (Allow) C:\ProgramData\McAfee\VUL\AppsDownloaderPath\utorrent__utorrent__3.4.3.40097_3.4.3.40298_en-ph
FirewallRules: [{345C5068-48E9-4557-9280-98D916C74B4C}] => (Allow) C:\ProgramData\McAfee\VUL\AppsDownloaderPath\utorrent__utorrent__3.4.3.40097_3.4.3.40298_en-ph
FirewallRules: [{E494DEB4-DB50-4D1A-9989-126D8F16C3B7}] => (Allow) LPort=6960
FirewallRules: [{89C74EEE-B268-4699-B56E-E0EF8D29EDF3}] => (Allow) LPort=6960
FirewallRules: [{2EFC6550-9A29-47CD-A77C-3B3B1E6340CB}] => (Allow) LPort=6884
FirewallRules: [{45C2A5FB-76F2-4DC7-A2DF-BDC3DE0A7158}] => (Allow) LPort=6884
FirewallRules: [{A689205C-183D-476B-8C28-AC4EF77F14DF}] => (Allow) LPort=6926
FirewallRules: [{4853626D-B30D-4011-AF99-8009E9C9B74B}] => (Allow) LPort=6926
FirewallRules: [{064C90F9-5441-40F3-AB7B-15D09A1C9260}] => (Allow) LPort=6902
FirewallRules: [{3E18CAB5-4E0D-44C3-8030-306C8673122C}] => (Allow) LPort=6902
FirewallRules: [{87DD381F-D867-41A5-BC46-B8F334CB8744}] => (Allow) LPort=6932
FirewallRules: [{56FE51E0-B065-4C76-9EDE-43AB6969A034}] => (Allow) LPort=6932
FirewallRules: [{761CABC1-8D05-4CA9-AF07-D29C48901E71}] => (Allow) LPort=6973
FirewallRules: [{EE21B38B-5EEC-4DE8-956F-29E5F181C836}] => (Allow) LPort=6973
FirewallRules: [TCP Query User{83E4C2AC-9BE1-4774-9CAD-015D70C4FA57}C:\program files\ipmsg\ipmsg.exe] => (Allow) C:\program files\ipmsg\ipmsg.exe
FirewallRules: [UDP Query User{706B6460-74A6-4C73-9C80-E60479419A2D}C:\program files\ipmsg\ipmsg.exe] => (Allow) C:\program files\ipmsg\ipmsg.exe
FirewallRules: [TCP Query User{3B8A02C3-E040-4AF9-9610-AB0485C2BECF}C:\users\kinetz07\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kinetz07\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1FB89AEA-750A-47F8-883C-2971964FC3AC}C:\users\kinetz07\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kinetz07\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{D5D55309-8B85-437D-A013-6D1092AF510D}C:\users\kinetz07\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kinetz07\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C6EF3673-FA96-4E69-8837-79F088B0E72A}C:\users\kinetz07\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kinetz07\appdata\roaming\spotify\spotify.exe
FirewallRules: [{CDE84FD0-0B06-4F03-A559-17EA10AC611E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FE97E29B-A4A6-4CED-B2A2-D39ADB7C7897}] => (Allow) C:\Program Files (x86)\LOL\GameData\Apps\LoLPH\lol.exe
FirewallRules: [{D842D89C-AD69-4EF8-82AF-5DC1B14E3E0C}] => (Allow) C:\Program Files (x86)\LOL\GameData\Apps\LoLPH\lol.exe
FirewallRules: [{8154D997-5ABA-4D6B-87EB-3C38912AAF1E}] => (Allow) LPort=8393
FirewallRules: [{ED3B4D3F-DF48-4CDB-8899-F20D1D4ED800}] => (Allow) LPort=8393
FirewallRules: [{DE746CA0-E323-4A4A-8C63-B2ED5FFB4D75}] => (Allow) LPort=8390
FirewallRules: [{5085E00D-7F6A-4056-81D2-770CD254FADC}] => (Allow) LPort=8390
FirewallRules: [{19A19FF8-0144-4F7C-A400-E650A4ACF9DD}] => (Allow) LPort=6888
FirewallRules: [{70F20FC1-FEEC-403E-89C5-CC33D94E3400}] => (Allow) LPort=6888
FirewallRules: [{0D146455-50F7-4477-AEFE-C79400381285}] => (Allow) LPort=6949
FirewallRules: [{C4D29CA7-AC47-4546-8ABD-1DCE87E16DB5}] => (Allow) LPort=6949
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/27/2015 03:37:25 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (06/27/2015 03:29:48 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (06/27/2015 03:08:32 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (06/27/2015 01:52:05 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (06/27/2015 01:03:32 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (06/27/2015 00:20:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.3.9600.17667, time stamp: 0x54c6f7c2
Faulting module name: QtSql_Ad_SyncNs_4.dll, version: 4.8.2.0, time stamp: 0x50d3fcd4
Exception code: 0xc0000005
Fault offset: 0x00000000000b65fe
Faulting process id: 0xab0
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5
 
Error: (06/27/2015 11:28:22 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (06/27/2015 11:26:46 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.
 
 
Details:
Could not query the status of the EventSystem service.
 
System Error:
A system shutdown is in progress.
.
 
Error: (06/27/2015 10:43:30 AM) (Source: AVLogEvent) (EventID: 5010) (User: NT AUTHORITY)
Description: a7f40905
 
Error: (06/27/2015 10:43:30 AM) (Source: AVLogEvent) (EventID: 5007) (User: NT AUTHORITY)
Description: a7f42003
 
 
System errors:
=============
Error: (06/27/2015 05:09:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Defender Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 100 milliseconds: Run the configured recovery program.
 
Error: (06/27/2015 05:09:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Defender Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
 
Error: (06/27/2015 05:09:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avast Antivirus service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (06/27/2015 05:09:28 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error: 
%%5
 
Error: (06/27/2015 05:00:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avast Antivirus service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (06/27/2015 05:00:40 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error: 
%%5
 
Error: (06/27/2015 03:42:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avast Antivirus service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (06/27/2015 03:37:25 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error: 
%%5
 
Error: (06/27/2015 03:37:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error: 
%%1064
 
Error: (06/27/2015 03:35:58 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000ef (0xffffe000c28378c0, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP062715-18796-01
 
 
Microsoft Office:
=========================
Error: (06/16/2015 11:58:03 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 7375 seconds with 3780 seconds of active time.  This session ended with a crash.
 
Error: (04/16/2015 10:34:01 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8365 seconds with 6540 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-03-13 18:31:06.417
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-01-13 21:59:25.196
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2015-01-13 21:59:24.805
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2015-01-13 21:28:06.210
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2015-01-13 21:28:05.913
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2015-01-13 21:16:27.604
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2015-01-13 21:16:26.597
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2015-01-13 16:53:24.488
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2015-01-13 16:53:24.191
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2015-01-13 16:02:47.638
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: AMD E2-6110 APU with AMD Radeon R2 Graphics 
Percentage of memory in use: 53%
Total physical RAM: 3288.23 MB
Available physical RAM: 1515.5 MB
Total Pagefile: 6616.23 MB
Available Pagefile: 4552.98 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:450.29 GB) (Free:347.71 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5036F539)
 
Partition: GPT Partition Type.
 
==================== End of log ============================

  • 0

#5
Essexboy
Posted 27 June 2015 - 05:27 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Let me know if your Antivirus starts after the reboot

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: uunisalleS -> {882c9713-bb16-4cf6-9171-93c7545aaeb3} -> C:\Program Files (x86)\uunisalleS\NaX1zSt2xp08JW.x64.dll No File
BHO-x32: uunisalleS -> {882c9713-bb16-4cf6-9171-93c7545aaeb3} -> C:\Program Files (x86)\uunisalleS\NaX1zSt2xp08JW.dll No File
R2 VSSS; C:\Users\kinetz07\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [101632704 2015-06-23] (Microsoft Corporation) [File not signed]
R4 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X]
2015-06-27 15:37 - 2015-06-27 15:37 - 01415680 _____ (wj32) C:\Program Files\Y02102RA.exe
2015-06-27 15:29 - 2015-06-27 15:29 - 01415680 _____ (wj32) C:\Program Files\YUTSURJH.exe
2015-06-27 15:29 - 2015-06-27 15:29 - 01415680 _____ (wj32) C:\Program Files\K4FT4FTT.exe
2015-06-27 13:51 - 2015-06-27 13:51 - 01415680 _____ (wj32) C:\Program Files\GEEC93TO.exe
2015-06-27 13:51 - 2015-06-27 13:51 - 01415680 _____ (wj32) C:\Program Files\AADA30XW.exe
2015-06-27 12:27 - 2015-06-27 12:27 - 01415680 _____ (wj32) C:\Program Files\9545475U.exe
2015-06-27 12:19 - 2015-06-27 12:19 - 01415680 _____ (wj32) C:\Program Files\EEBEHH9N.exe
2015-06-27 11:28 - 2015-06-27 11:28 - 01415680 _____ (wj32) C:\Program Files\HHCB84YE.exe
2015-06-27 11:28 - 2015-06-27 11:28 - 01415680 _____ (wj32) C:\Program Files\B850WKKE.exe
2015-06-27 10:41 - 2015-06-27 10:41 - 01415680 _____ (wj32) C:\Program Files\A633369F.exe
2015-06-27 10:39 - 2015-06-27 10:39 - 01415680 _____ (wj32) C:\Program Files\MLKJFCBA.exe
2015-06-27 10:05 - 2015-06-27 10:05 - 01415680 _____ (wj32) C:\Program Files\IHDC8OKH.exe
2015-06-27 00:22 - 2015-06-27 00:22 - 01415680 _____ (wj32) C:\Program Files\9LYDMTVC.exe
2015-06-27 00:20 - 2015-06-27 00:20 - 01415680 _____ (wj32) C:\Program Files\KJIHGCBD.exe
2015-06-27 00:20 - 2015-06-27 00:20 - 01415680 _____ (wj32) C:\Program Files\JCEEB9B5.exe
2015-06-27 00:20 - 2015-06-27 00:20 - 01415680 _____ (wj32) C:\Program Files\8376A7BZ.exe
2015-06-27 00:20 - 2015-06-27 00:20 - 01415680 _____ (wj32) C:\Program Files\6246899Y.exe
2015-06-26 16:45 - 2015-06-26 16:45 - 01415680 _____ (wj32) C:\Program Files\TWKJMMKU.exe
2015-06-26 16:45 - 2015-06-26 16:45 - 01415680 _____ (wj32) C:\Program Files\SUWVWY0S.exe
2015-06-26 13:57 - 2012-02-10 20:09 - 02704896 _____ C:\Users\kinetz07\Desktop\TWO-STOREY.xls
2015-06-26 13:20 - 2015-06-26 13:20 - 01415680 _____ (wj32) C:\Program Files\VUUWWXZH.exe
2015-06-26 10:39 - 2015-06-26 10:39 - 01415680 _____ (wj32) C:\Program Files\PRMFHCEB.exe
2015-06-26 10:24 - 2015-06-26 10:24 - 01415680 _____ (wj32) C:\Program Files\WYUWSUSO.exe
2015-06-26 10:23 - 2015-06-26 10:23 - 01415680 _____ (wj32) C:\Program Files\SLIF6FNI.exe
2015-06-26 10:23 - 2015-06-26 10:23 - 01415680 _____ (wj32) C:\Program Files\475430XJ.exe
2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\WFY9R8K0.exe
2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\LORSVTKV.exe
2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\8A7979IF.exe
2015-06-25 16:19 - 2015-06-25 16:19 - 01415680 _____ (wj32) C:\Program Files\PRLNIKID.exe
2015-06-25 16:19 - 2015-06-25 16:19 - 01415680 _____ (wj32) C:\Program Files\N2KZHYH0.exe
2015-06-25 10:08 - 2015-06-25 10:08 - 01415680 _____ (wj32) C:\Program Files\YVRUUROJ.exe
2015-06-25 10:08 - 2015-06-25 10:08 - 01415680 _____ (wj32) C:\Program Files\HKNKNKS3.exe
2015-06-25 10:08 - 2015-06-25 10:08 - 01415680 _____ (wj32) C:\Program Files\7995022V.exe
2015-06-25 10:08 - 2015-06-25 10:08 - 01415680 _____ (wj32) C:\Program Files\25889AC8.exe
2015-06-24 18:11 - 2015-06-24 18:11 - 01415680 _____ (wj32) C:\Program Files\VUWVXFUR.exe
2015-06-24 18:10 - 2015-06-24 18:10 - 01415680 _____ (wj32) C:\Program Files\I1K1CVDA.exe
2015-06-24 18:10 - 2015-06-24 18:10 - 01415680 _____ (wj32) C:\Program Files\35XRKA09.exe
2015-06-24 13:56 - 2015-06-24 13:56 - 01415680 _____ (wj32) C:\Program Files\TMIET5FC.exe
2015-06-24 13:56 - 2015-06-24 13:56 - 01415680 _____ (wj32) C:\Program Files\51YS6IUH.exe
2015-06-24 13:29 - 2015-06-24 13:29 - 01415680 _____ (wj32) C:\Program Files\5213212B.exe
2015-06-24 13:26 - 2015-06-24 13:26 - 01415680 _____ (wj32) C:\Program Files\A8CA53YY.exe
2015-06-24 10:03 - 2015-06-24 10:03 - 01415680 _____ (wj32) C:\Program Files\UXX0Z24X.exe
2015-06-24 10:03 - 2015-06-24 10:03 - 01415680 _____ (wj32) C:\Program Files\EHEFIIH8.exe
2015-06-23 21:21 - 2015-06-23 21:21 - 01415680 _____ (wj32) C:\Program Files\VXTVTVTM.exe
2015-06-23 21:21 - 2015-06-23 21:21 - 01415680 _____ (wj32) C:\Program Files\VWXVWRL5.exe
2015-06-23 16:00 - 2015-06-23 16:00 - 01415680 _____ (wj32) C:\Program Files\LNMONMIA.exe
2015-06-23 16:00 - 2015-06-23 16:00 - 01415680 _____ (wj32) C:\Program Files\GIKMFHIX.exe
2015-06-23 15:59 - 2015-06-23 15:59 - 01415680 _____ (wj32) C:\Program Files\8T2N2N7G.exe
2015-03-20 21:10 - 2014-10-29 09:52 - 75362304 ___SH () C:\ProgramData\msvez.exe
Task: {E83ACF20-55EB-4B46-86D6-804F439FC41C} - System32\Tasks\NONUI => C:\Users\kinetz07\AppData\Roaming\NONUI.exe [2015-02-07] () <==== ATTENTION
Task: C:\Windows\Tasks\NONUI.job => C:\Users\kinetz07\AppData\Roaming\NONUI.exe <==== ATTENTION
C:\Program Files (x86)\uunisalleS
C:\Users\kinetz07\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
C:\Program Files\kprocesshacker.sys
C:\Users\kinetz07\AppData\Roaming\NONUI.exe
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#6
kinetz07
Posted 27 June 2015 - 05:51 AM

kinetz07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

this is for the fix log
 

Fix result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by kinetz07 at 2015-06-27 19:34:02 Run:1
Running from C:\Users\kinetz07\Downloads
Loaded Profiles: kinetz07 (Available Profiles: kinetz07)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: uunisalleS -> {882c9713-bb16-4cf6-9171-93c7545aaeb3} -> C:\Program Files (x86)\uunisalleS\NaX1zSt2xp08JW.x64.dll No 
 
File
BHO-x32: uunisalleS -> {882c9713-bb16-4cf6-9171-93c7545aaeb3} -> C:\Program Files (x86)\uunisalleS\NaX1zSt2xp08JW.dll No 
 
File
R2 VSSS; C:\Users\kinetz07\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [101632704 2015-06-23] (Microsoft 
 
Corporation) [File not signed]
R4 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X]
2015-06-27 15:37 - 2015-06-27 15:37 - 01415680 _____ (wj32) C:\Program Files\Y02102RA.exe
2015-06-27 15:29 - 2015-06-27 15:29 - 01415680 _____ (wj32) C:\Program Files\YUTSURJH.exe
2015-06-27 15:29 - 2015-06-27 15:29 - 01415680 _____ (wj32) C:\Program Files\K4FT4FTT.exe
2015-06-27 13:51 - 2015-06-27 13:51 - 01415680 _____ (wj32) C:\Program Files\GEEC93TO.exe
2015-06-27 13:51 - 2015-06-27 13:51 - 01415680 _____ (wj32) C:\Program Files\AADA30XW.exe
2015-06-27 12:27 - 2015-06-27 12:27 - 01415680 _____ (wj32) C:\Program Files\9545475U.exe
2015-06-27 12:19 - 2015-06-27 12:19 - 01415680 _____ (wj32) C:\Program Files\EEBEHH9N.exe
2015-06-27 11:28 - 2015-06-27 11:28 - 01415680 _____ (wj32) C:\Program Files\HHCB84YE.exe
2015-06-27 11:28 - 2015-06-27 11:28 - 01415680 _____ (wj32) C:\Program Files\B850WKKE.exe
2015-06-27 10:41 - 2015-06-27 10:41 - 01415680 _____ (wj32) C:\Program Files\A633369F.exe
2015-06-27 10:39 - 2015-06-27 10:39 - 01415680 _____ (wj32) C:\Program Files\MLKJFCBA.exe
2015-06-27 10:05 - 2015-06-27 10:05 - 01415680 _____ (wj32) C:\Program Files\IHDC8OKH.exe
2015-06-27 00:22 - 2015-06-27 00:22 - 01415680 _____ (wj32) C:\Program Files\9LYDMTVC.exe
2015-06-27 00:20 - 2015-06-27 00:20 - 01415680 _____ (wj32) C:\Program Files\KJIHGCBD.exe
2015-06-27 00:20 - 2015-06-27 00:20 - 01415680 _____ (wj32) C:\Program Files\JCEEB9B5.exe
2015-06-27 00:20 - 2015-06-27 00:20 - 01415680 _____ (wj32) C:\Program Files\8376A7BZ.exe
2015-06-27 00:20 - 2015-06-27 00:20 - 01415680 _____ (wj32) C:\Program Files\6246899Y.exe
2015-06-26 16:45 - 2015-06-26 16:45 - 01415680 _____ (wj32) C:\Program Files\TWKJMMKU.exe
2015-06-26 16:45 - 2015-06-26 16:45 - 01415680 _____ (wj32) C:\Program Files\SUWVWY0S.exe
2015-06-26 13:57 - 2012-02-10 20:09 - 02704896 _____ C:\Users\kinetz07\Desktop\TWO-STOREY.xls
2015-06-26 13:20 - 2015-06-26 13:20 - 01415680 _____ (wj32) C:\Program Files\VUUWWXZH.exe
2015-06-26 10:39 - 2015-06-26 10:39 - 01415680 _____ (wj32) C:\Program Files\PRMFHCEB.exe
2015-06-26 10:24 - 2015-06-26 10:24 - 01415680 _____ (wj32) C:\Program Files\WYUWSUSO.exe
2015-06-26 10:23 - 2015-06-26 10:23 - 01415680 _____ (wj32) C:\Program Files\SLIF6FNI.exe
2015-06-26 10:23 - 2015-06-26 10:23 - 01415680 _____ (wj32) C:\Program Files\475430XJ.exe
2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\WFY9R8K0.exe
2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\LORSVTKV.exe
2015-06-26 10:20 - 2015-06-26 10:20 - 01415680 _____ (wj32) C:\Program Files\8A7979IF.exe
2015-06-25 16:19 - 2015-06-25 16:19 - 01415680 _____ (wj32) C:\Program Files\PRLNIKID.exe
2015-06-25 16:19 - 2015-06-25 16:19 - 01415680 _____ (wj32) C:\Program Files\N2KZHYH0.exe
2015-06-25 10:08 - 2015-06-25 10:08 - 01415680 _____ (wj32) C:\Program Files\YVRUUROJ.exe
2015-06-25 10:08 - 2015-06-25 10:08 - 01415680 _____ (wj32) C:\Program Files\HKNKNKS3.exe
2015-06-25 10:08 - 2015-06-25 10:08 - 01415680 _____ (wj32) C:\Program Files\7995022V.exe
2015-06-25 10:08 - 2015-06-25 10:08 - 01415680 _____ (wj32) C:\Program Files\25889AC8.exe
2015-06-24 18:11 - 2015-06-24 18:11 - 01415680 _____ (wj32) C:\Program Files\VUWVXFUR.exe
2015-06-24 18:10 - 2015-06-24 18:10 - 01415680 _____ (wj32) C:\Program Files\I1K1CVDA.exe
2015-06-24 18:10 - 2015-06-24 18:10 - 01415680 _____ (wj32) C:\Program Files\35XRKA09.exe
2015-06-24 13:56 - 2015-06-24 13:56 - 01415680 _____ (wj32) C:\Program Files\TMIET5FC.exe
2015-06-24 13:56 - 2015-06-24 13:56 - 01415680 _____ (wj32) C:\Program Files\51YS6IUH.exe
2015-06-24 13:29 - 2015-06-24 13:29 - 01415680 _____ (wj32) C:\Program Files\5213212B.exe
2015-06-24 13:26 - 2015-06-24 13:26 - 01415680 _____ (wj32) C:\Program Files\A8CA53YY.exe
2015-06-24 10:03 - 2015-06-24 10:03 - 01415680 _____ (wj32) C:\Program Files\UXX0Z24X.exe
2015-06-24 10:03 - 2015-06-24 10:03 - 01415680 _____ (wj32) C:\Program Files\EHEFIIH8.exe
2015-06-23 21:21 - 2015-06-23 21:21 - 01415680 _____ (wj32) C:\Program Files\VXTVTVTM.exe
2015-06-23 21:21 - 2015-06-23 21:21 - 01415680 _____ (wj32) C:\Program Files\VWXVWRL5.exe
2015-06-23 16:00 - 2015-06-23 16:00 - 01415680 _____ (wj32) C:\Program Files\LNMONMIA.exe
2015-06-23 16:00 - 2015-06-23 16:00 - 01415680 _____ (wj32) C:\Program Files\GIKMFHIX.exe
2015-06-23 15:59 - 2015-06-23 15:59 - 01415680 _____ (wj32) C:\Program Files\8T2N2N7G.exe
2015-03-20 21:10 - 2014-10-29 09:52 - 75362304 ___SH () C:\ProgramData\msvez.exe
Task: {E83ACF20-55EB-4B46-86D6-804F439FC41C} - System32\Tasks\NONUI => C:\Users\kinetz07\AppData\Roaming\NONUI.exe [2015-
 
02-07] () <==== ATTENTION
Task: C:\Windows\Tasks\NONUI.job => C:\Users\kinetz07\AppData\Roaming\NONUI.exe <==== ATTENTION
C:\Program Files (x86)\uunisalleS
C:\Users\kinetz07\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
C:\Program Files\kprocesshacker.sys
C:\Users\kinetz07\AppData\Roaming\NONUI.exe
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Error: (0) Failed to create a restore point.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{882c9713-bb16-4cf6-9171-93c7545aaeb3}" => 
 
key removed successfully
"HKCR\CLSID\{882c9713-bb16-4cf6-9171-93c7545aaeb3}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{882c9713-bb16-4cf6-9171-
 
93c7545aaeb3}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{882c9713-bb16-4cf6-9171-93c7545aaeb3}" => key removed successfully
VSSS => Unable to stop service.
VSSS => Service removed successfully
KProcessHacker2 => Unable to stop service.
KProcessHacker2 => Service removed successfully
C:\Program Files\Y02102RA.exe => moved successfully.
C:\Program Files\YUTSURJH.exe => moved successfully.
C:\Program Files\K4FT4FTT.exe => moved successfully.
C:\Program Files\GEEC93TO.exe => moved successfully.
C:\Program Files\AADA30XW.exe => moved successfully.
C:\Program Files\9545475U.exe => moved successfully.
C:\Program Files\EEBEHH9N.exe => moved successfully.
C:\Program Files\HHCB84YE.exe => moved successfully.
C:\Program Files\B850WKKE.exe => moved successfully.
C:\Program Files\A633369F.exe => moved successfully.
C:\Program Files\MLKJFCBA.exe => moved successfully.
C:\Program Files\IHDC8OKH.exe => moved successfully.
C:\Program Files\9LYDMTVC.exe => moved successfully.
C:\Program Files\KJIHGCBD.exe => moved successfully.
C:\Program Files\JCEEB9B5.exe => moved successfully.
C:\Program Files\8376A7BZ.exe => moved successfully.
C:\Program Files\6246899Y.exe => moved successfully.
C:\Program Files\TWKJMMKU.exe => moved successfully.
C:\Program Files\SUWVWY0S.exe => moved successfully.
C:\Users\kinetz07\Desktop\TWO-STOREY.xls => moved successfully.
C:\Program Files\VUUWWXZH.exe => moved successfully.
C:\Program Files\PRMFHCEB.exe => moved successfully.
C:\Program Files\WYUWSUSO.exe => moved successfully.
C:\Program Files\SLIF6FNI.exe => moved successfully.
C:\Program Files\475430XJ.exe => moved successfully.
C:\Program Files\WFY9R8K0.exe => moved successfully.
C:\Program Files\LORSVTKV.exe => moved successfully.
C:\Program Files\8A7979IF.exe => moved successfully.
C:\Program Files\PRLNIKID.exe => moved successfully.
C:\Program Files\N2KZHYH0.exe => moved successfully.
C:\Program Files\YVRUUROJ.exe => moved successfully.
C:\Program Files\HKNKNKS3.exe => moved successfully.
C:\Program Files\7995022V.exe => moved successfully.
C:\Program Files\25889AC8.exe => moved successfully.
C:\Program Files\VUWVXFUR.exe => moved successfully.
C:\Program Files\I1K1CVDA.exe => moved successfully.
C:\Program Files\35XRKA09.exe => moved successfully.
C:\Program Files\TMIET5FC.exe => moved successfully.
C:\Program Files\51YS6IUH.exe => moved successfully.
C:\Program Files\5213212B.exe => moved successfully.
C:\Program Files\A8CA53YY.exe => moved successfully.
C:\Program Files\UXX0Z24X.exe => moved successfully.
C:\Program Files\EHEFIIH8.exe => moved successfully.
C:\Program Files\VXTVTVTM.exe => moved successfully.
C:\Program Files\VWXVWRL5.exe => moved successfully.
C:\Program Files\LNMONMIA.exe => moved successfully.
C:\Program Files\GIKMFHIX.exe => moved successfully.
C:\Program Files\8T2N2N7G.exe => moved successfully.
C:\ProgramData\msvez.exe => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E83ACF20-55EB-4B46-86D6-804F439FC41C}" => key 
 
removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E83ACF20-55EB-4B46-86D6-804F439FC41C}" => key 
 
removed successfully
C:\Windows\System32\Tasks\NONUI => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NONUI" => key removed successfully
C:\Windows\Tasks\NONUI.job => moved successfully.
"C:\Program Files (x86)\uunisalleS" => File/Folder not found.
C:\Users\kinetz07\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe => moved successfully.
"C:\Program Files\kprocesshacker.sys" => File/Folder not found.
C:\Users\kinetz07\AppData\Roaming\NONUI.exe => moved successfully.
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value 
 
removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed 
 
successfully
HKU\S-1-5-21-934835943-2712293172-1038266425-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
 
\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-934835943-2712293172-1038266425-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
 
\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 2 GB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 19:35:14 ====

  • 0

#7
kinetz07
Posted 27 June 2015 - 05:53 AM

kinetz07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

and this is for the adw cleaner
 

# AdwCleaner v4.207 - Logfile created 27/06/2015 at 19:46:18
# Updated 21/06/2015 by Xplode
# Database : 2015-06-23.1 [Server]
# Operating system : Windows 8.1 Connected Single Language  (x64)
# Username : kinetz07 - KINETZ
# Running from : C:\Users\kinetz07\Downloads\adwcleaner_4.207.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\MailUpdate
Folder Deleted : C:\ProgramData\9309352693970926565
Folder Deleted : C:\ProgramData\{8f28bcc9-636d-d2db-8f28-8bcc9636f325}
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\Settings Manager
Folder Deleted : C:\Program Files (x86)\UniDealsi
Folder Deleted : C:\Users\kinetz07\AppData\Local\globalUpdate
Folder Deleted : C:\Users\kinetz07\AppData\Local\pokki
Folder Deleted : C:\Users\kinetz07\AppData\Roaming\RHEng
Folder Deleted : C:\Users\kinetz07\AppData\Roaming\MailUpdate
File Deleted : C:\Users\kinetz07\AppData\Roaming\NONUI
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fgbcffenncokfocljomejddmgcpppjom
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SpeedBit
Key Deleted : HKLM\SOFTWARE\AIM Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0409-0000-0000000FF1CE}
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\linkeyproject.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.linkeyproject.com
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Google Chrome v43.0.2357.130
 
[C:\Users\kinetz07\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://ph.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
 
-\\ Opera v0.0.0.0
 
 
*************************
 
AdwCleaner[R0].txt - [6027 bytes] - [27/06/2015 19:41:37]
AdwCleaner[S0].txt - [5536 bytes] - [27/06/2015 19:46:18]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5595  bytes] ##########

  • 0

#8
Essexboy
Posted 27 June 2015 - 05:55 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is the computer now ? What problems remain
  • 0

#9
kinetz07
Posted 27 June 2015 - 06:26 AM

kinetz07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Thank you so much! the anti virus is working now!


  • 0

#10
Essexboy
Posted 27 June 2015 - 06:31 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Any further problems before I tidy up ?
  • 0

Advertisements

#11
kinetz07
Posted 27 June 2015 - 06:35 AM

kinetz07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

There's no more problem regarding the anti virus its completely running. Thank you. I have another problem but i think it does not involve malwares.


  • 0

#12
Essexboy
Posted 27 June 2015 - 06:37 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What is that ?
  • 0

#13
kinetz07
Posted 27 June 2015 - 06:37 AM

kinetz07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Oh i have another question. The white flag on the system tray. Its not appearing anymore.


  • 0

#14
kinetz07
Posted 27 June 2015 - 06:40 AM

kinetz07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

it's about explorer.exe it freezes sometimes and when that happens i need to run it manually. 


  • 0

#15
Essexboy
Posted 27 June 2015 - 06:40 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Is that now hidden ? Is there a small up arrow there, if so click that

Untitled.jpg
  • 0
Back to Can't Run Any Antivirus or Malware Removal Programs · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Can't Run Any Antivirus or Malware Removal Programs

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP