This topic is locked
Hi ! Need Help ASAP !
My AV (Avira) services won't run, so i uninstall it for now, here's the log text :
==========FRST.txt==========
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-06-2015 01
Ran by ACER (administrator) on ACER-PC on 30-06-2015 11:47:48
Running from C:\Users\ACER\Desktop
Loaded Profiles: ACER (Available Profiles: ACER)
Platform: Microsoft Windows 7 Ultimate (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(INNORIX) C:\Windows\System32\innosvcd.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Users\ACER\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
() D:\Garena Plus\ggdllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
() C:\Windows\PLFSetI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee\18.0\acdIDInTouch2.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
() C:\Program Files\ACD Systems\ACDSee\18.0\ACDSeeCommander18.exe
(Skillbrains) C:\Users\ACER\AppData\Local\Skillbrains\lightshot\4.4.2.10\Lightshot.exe
() D:\Garena Plus\GarenaMessenger.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\ACER\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1094736 2009-11-01] (Dritek System Inc.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2013-09-28] ()
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [ACSW18EN] => C:\Program Files\ACD Systems\ACDSee\18.0\acdIDInTouch2.exe [1470224 2014-09-17] (ACD Systems)
HKLM\...\Policies\Explorer\Run: [99016089] => C:\ProgramData\msrkbj.exe [94437376 2009-07-14] ()
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3392920 2011-07-07] (Tonec Inc.)
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Run: [LightShot] => C:\Users\ACER\AppData\Local\Skillbrains\lightshot\LightShot.exe [226592 2013-09-27] ()
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Run: [ACDSeeCommander18] => C:\Program Files\ACD Systems\ACDSee\18.0\ACDSeeCommander18.exe [1964552 2014-09-20] ()
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Run: [Dropbox Update] => C:\Users\ACER\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Run: [GarenaPlus] => D:\Garena Plus\GarenaMessenger.exe [9981888 2015-06-17] ()
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: F - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {1a77d288-df2d-11e4-a9b4-00262d81a167} - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {3b62066b-29da-11e3-8a8f-00262d81a167} - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {3b6206cf-29da-11e3-8a8f-00262d81a167} - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {3b85ec8e-cdd8-11e4-909d-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {3b85ec9f-cdd8-11e4-909d-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {3b85ecaa-cdd8-11e4-909d-00262d81a167} - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {450ea1ec-4204-11e3-8b14-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {450ea1fb-4204-11e3-8b14-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {450ea21d-4204-11e3-8b14-00262d81a167} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {69078a61-e61c-11e4-8010-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {69078a65-e61c-11e4-8010-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {69078a79-e61c-11e4-8010-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {912977b9-452f-11e3-a794-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
Startup: C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2013-10-01]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2011-05-30] (Tonec Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-137345057-628329502-1556354402-1000] => http=127.0.0.1:8888
HKU\S-1-5-21-137345057-628329502-1556354402-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://plasa.msn.com...opt=0&ocid=iehp
SearchScopes: HKLM -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2011-07-06] (Internet Download Manager, Tonec Inc.)
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-04-09] (IObit)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-09] (Oracle Corporation)
BHO: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-10-17] (IObit)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-09] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-137345057-628329502-1556354402-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: 127.0.0.1 acdid.acdsystems.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{26FB0689-60CF-4DA7-876D-AFC842AC7DB6}: [DhcpNameServer] 50.23.239.24 208.67.222.222
Tcpip\..\Interfaces\{437DB111-52F1-4DD9-97BD-3AD33B92EC69}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9F551EE0-19FF-4EAB-A839-F04500679B43}: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\zbmnob2u.default
FF Homepage: https://www.google.co.id/
FF NetworkProxy: "backup.ftp", "66.35.68.146"
FF NetworkProxy: "backup.ftp_port", 3127
FF NetworkProxy: "backup.socks", "66.35.68.146"
FF NetworkProxy: "backup.socks_port", 3127
FF NetworkProxy: "backup.ssl", "66.35.68.146"
FF NetworkProxy: "backup.ssl_port", 3127
FF NetworkProxy: "ftp", "118.233.139.108"
FF NetworkProxy: "ftp_port", 8088
FF NetworkProxy: "gopher", "118.233.139.108"
FF NetworkProxy: "gopher_port", 8088
FF NetworkProxy: "http", "118.233.139.108"
FF NetworkProxy: "http_port", 8088
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "118.233.139.108"
FF NetworkProxy: "socks_port", 8088
FF NetworkProxy: "ssl", "118.233.139.108"
FF NetworkProxy: "ssl_port", 8088
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-24] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-25] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin: @innorix.com/innogmp -> C:\Program Files\INNORIX\npinnogmp.dll [2013-04-04] (INNORIX)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-09] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @t.garena.com/garenatalk -> D:\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2015-05-27] ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-137345057-628329502-1556354402-1000: @innorix.com/innogmp -> C:\Program Files\INNORIX\npinnogmp.dll [2013-04-04] (INNORIX)
FF Plugin HKU\S-1-5-21-137345057-628329502-1556354402-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ACER\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-22] (Unity Technologies ApS)
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\zbmnob2u.default\Extensions\[email protected] [2015-04-09]
FF Extension: iMacros for Firefox - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\zbmnob2u.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-05-29]
FF Extension: Best Proxy Switcher - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\zbmnob2u.default\Extensions\[email protected] [2014-09-13]
FF Extension: ZenMate Security, Privacy & Unblock VPN - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\zbmnob2u.default\Extensions\[email protected] [2014-12-26]
FF HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\ACER\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\ACER\AppData\Roaming\IDM\idmmzcc5 [2012-12-08]
FF HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\ACER\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR Profile: C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (MEGA) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2015-03-14]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-12-29]
CHR Extension: (Authy) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2014-12-13]
CHR Extension: (Hola Better Internet) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-09-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-01]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Innosvcd; C:\Windows\system32\innosvcd.exe [193144 2013-04-04] (INNORIX)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S3 npggsvc; C:\Windows\system32\GameMon.des [3431664 2014-08-18] (INCA Internet Co., Ltd.)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-08] () [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 VSSS; C:\Users\ACER\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [101905984 2015-06-23] (Microsoft Corporation) [File not signed] <==== ATTENTION
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S2 AntiVirService; "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" [X]
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [X]
S2 Mobizen plugin; D:\Program Files\RSUPPORT\MobizenService\MobizenService.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 busenum; C:\Windows\System32\DRIVERS\SteelBus.sys [124928 2014-10-08] (SteelSeries Corporation) [File not signed]
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-14] (VIA Technologies, Inc. )
S3 KProcessHacker2; C:\Program Files\kprocesshacker.sys [0 2015-06-29] () <==== ATTENTION (zero byte File/Folder)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [23552 2014-04-25] (The OpenVPN Project)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [16472 2011-09-02] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [11104 2011-09-02] ()
S3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham.sys [35456 2014-10-08] (SteelSeries Corporation) [File not signed]
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2014-03-12] (The OpenVPN Project)
S3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2014-12-15] (TeamViewer GmbH)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S3 XDva405; \??\C:\Windows\system32\XDva405.sys [X]
S3 XDva409; \??\C:\Windows\system32\XDva409.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
S3 xspirit; \??\C:\Windows\xspirit.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-30 11:47 - 2015-06-30 11:49 - 00020188 _____ C:\Users\ACER\Desktop\FRST.txt
2015-06-30 11:47 - 2015-06-30 11:47 - 00000000 ____D C:\FRST
2015-06-30 11:46 - 2015-06-30 11:46 - 01636352 _____ (Farbar) C:\Users\ACER\Desktop\FRST.exe
2015-06-30 04:40 - 2015-06-30 04:40 - 00000698 _____ C:\Users\Public\Desktop\PointBlank Garena.lnk
2015-06-30 00:02 - 2015-06-30 04:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
2015-06-30 00:02 - 2015-06-30 00:02 - 00000580 _____ C:\Users\Public\Desktop\Garena+.lnk
2015-06-29 23:33 - 2015-06-29 23:46 - 76436560 _____ C:\Users\ACER\Desktop\Garena+_Install_id.exe
2015-06-29 19:07 - 2015-06-29 19:08 - 00000000 _____ C:\Program Files\kprocesshacker.sys
2015-06-29 19:07 - 2015-06-29 19:07 - 01169408 _____ (wj32) C:\Program Files\209IRPYO.exe
2015-06-29 19:07 - 2015-06-29 19:07 - 01169408 _____ (wj32) C:\Program Files\0Y7GPNWM.exe
2015-06-29 13:05 - 2015-06-29 23:34 - 00000000 ____D C:\Users\ACER\Desktop\PSD FILE
2015-06-28 15:45 - 2015-06-28 15:45 - 00000000 ___HD C:\Users\ACER\Desktop\[Originals]
2015-06-28 15:30 - 2015-06-28 15:30 - 01169408 _____ (wj32) C:\Program Files\X64DMVTU.exe
2015-06-28 15:30 - 2015-06-28 15:30 - 01169408 _____ (wj32) C:\Program Files\W5ENLU37.exe
2015-06-28 15:30 - 2015-06-28 15:30 - 01169408 _____ (wj32) C:\Program Files\NW5ECLUY.exe
2015-06-28 15:15 - 2015-06-28 15:15 - 01169408 _____ (wj32) C:\Program Files\Y7GPNW59.exe
2015-06-27 12:52 - 2015-06-27 12:52 - 01169408 _____ (wj32) C:\Program Files\IR097GPT.exe
2015-06-26 21:50 - 2015-06-26 21:50 - 01169408 _____ (wj32) C:\Program Files\KZ8HFOX1.exe
2015-06-26 21:50 - 2015-06-26 21:50 - 01169408 _____ (wj32) C:\Program Files\9IR0Y7X1.exe
2015-06-26 21:50 - 2015-06-26 21:50 - 01169408 _____ (wj32) C:\Program Files\4DMVT2BF.exe
2015-06-26 21:49 - 2015-06-26 21:49 - 01169408 _____ (wj32) C:\Program Files\LUS1A8HA.exe
2015-06-26 21:48 - 2015-06-26 21:48 - 01169408 _____ (wj32) C:\Program Files\CLU31AJN.exe
2015-06-25 04:31 - 2015-06-25 04:31 - 00000000 ____D C:\Users\ACER\Documents\BlackSquad
2015-06-23 19:14 - 2015-06-23 22:03 - 806237289 _____ C:\Users\ACER\Desktop\Samsung_Galaxy_Tab_2_7.0_3G_WiFi_GT-P3100_Stock_ROM_P3100XXCME2_XSE_Indonesia_4.1.2_Jelly_Bean_MrCrab.Net.zip
2015-06-23 18:31 - 2015-06-23 18:31 - 00000000 ____D C:\Users\ACER\Desktop\Odin_v3.07
2015-06-23 18:30 - 2015-06-23 18:31 - 00464968 _____ C:\Users\ACER\Desktop\Odin_v3.07.zip
2015-06-23 14:47 - 2015-06-23 14:47 - 01169408 _____ (wj32) C:\Program Files\TMF81U71.exe
2015-06-23 14:46 - 2015-06-23 14:46 - 01169408 _____ (wj32) C:\Program Files\VWX9ABCJ.exe
2015-06-22 11:10 - 2015-06-22 11:10 - 00146456 _____ C:\Windows\Minidump\062215-24070-01.dmp
2015-06-22 05:31 - 2015-06-30 00:06 - 00000000 ____D C:\Users\ACER\Desktop\psx
2015-06-22 05:21 - 2015-06-22 05:21 - 00000000 ____D C:\Users\ACER\AppData\Roaming\fltk.org
2015-06-22 05:18 - 2015-06-22 05:20 - 07918643 _____ C:\Users\ACER\Desktop\Epsxe1.90(bios and plugin include).rar
2015-06-21 23:17 - 2015-06-21 23:17 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2015-06-21 23:17 - 2015-06-21 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals
2015-06-21 23:17 - 2015-06-21 23:17 - 00000000 ____D C:\Program Files\DiskInternals
2015-06-21 23:04 - 1970-01-01 06:59 - 331767326 ____N C:\Users\ACER\Desktop\silent_hill_.zip
2015-06-20 16:55 - 2015-06-20 16:55 - 00000935 _____ C:\Users\Public\Desktop\WinRAR.lnk
2015-06-20 16:28 - 2015-06-20 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-06-20 16:28 - 2015-06-20 16:28 - 00000000 ____D C:\Program Files\7-Zip
2015-06-19 23:40 - 2015-06-19 23:40 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-19 23:39 - 2015-06-30 11:44 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-137345057-628329502-1556354402-1000UA.job
2015-06-19 23:39 - 2015-06-29 23:44 - 00000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-137345057-628329502-1556354402-1000Core.job
2015-06-19 23:39 - 2015-06-19 23:39 - 00000000 ____D C:\Users\ACER\AppData\Local\Dropbox
2015-06-19 23:39 - 2015-06-19 23:39 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-05 20:33 - 2015-06-07 22:53 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-02 09:37 - 2015-06-02 09:37 - 00002074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-30 11:42 - 2014-05-30 18:28 - 00000000 ___RD C:\Users\ACER\Dropbox
2015-06-30 11:41 - 2014-05-30 18:15 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Dropbox
2015-06-30 11:38 - 2009-07-14 09:37 - 00000000 ____D C:\Windows\tracing
2015-06-30 11:34 - 2014-05-06 15:40 - 00000000 ____D C:\Users\ACER\AppData\Roaming\GarenaPlus
2015-06-30 11:34 - 2014-05-06 14:19 - 00000000 ____D C:\ProgramData\GarenaMessenger
2015-06-30 11:33 - 2012-12-08 23:36 - 01198132 _____ C:\Windows\WindowsUpdate.log
2015-06-30 11:29 - 2014-03-09 17:22 - 00104760 _____ C:\Windows\setupact.log
2015-06-30 11:29 - 2014-01-01 20:54 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-30 11:29 - 2013-10-31 15:51 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-06-30 11:29 - 2013-09-28 22:30 - 00135712 _____ C:\Users\ACER\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-30 11:29 - 2009-07-14 11:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-30 11:29 - 2009-07-14 11:33 - 03887664 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-30 11:28 - 2014-05-21 16:34 - 00385166 _____ C:\Windows\PFRO.log
2015-06-30 11:18 - 2015-01-04 15:10 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-30 10:56 - 2014-01-01 20:54 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-30 10:52 - 2012-12-08 09:24 - 00000000 ____D C:\Users\ACER\AppData\Roaming\DMCache
2015-06-30 10:24 - 2013-10-01 17:22 - 00000000 ____D C:\ProgramData\Avira
2015-06-30 10:24 - 2013-10-01 17:22 - 00000000 ____D C:\Program Files\Avira
2015-06-30 10:15 - 2013-10-01 18:27 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-30 10:12 - 2015-03-06 13:10 - 00000000 ____D C:\Users\ACER\AppData\Roaming\SteelSeries
2015-06-30 10:12 - 2015-03-06 13:10 - 00000000 ____D C:\Users\ACER\AppData\Local\SteelSeries_ApS
2015-06-30 10:12 - 2015-03-06 13:09 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2015-06-30 10:12 - 2015-03-06 13:09 - 00000000 ____D C:\ProgramData\SteelSeries
2015-06-30 10:12 - 2015-03-06 13:08 - 00000000 ____D C:\Program Files\SteelSeries
2015-06-30 10:10 - 2013-10-31 15:44 - 00000000 ____D C:\ProgramData\DatacardService
2015-06-26 22:38 - 2012-12-08 09:08 - 00000000 ____D C:\Program Files\Internet Download Manager
2015-06-26 21:51 - 2014-05-19 16:50 - 00000000 ____D C:\ProgramData\ProductData
2015-06-25 04:31 - 2013-10-01 21:14 - 00000000 ____D C:\Windows\system32\directx
2015-06-25 04:20 - 2014-02-09 11:25 - 00000000 ____D C:\Users\ACER\Downloads\Compressed
2015-06-24 18:21 - 2013-10-26 15:10 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-24 18:21 - 2012-12-08 09:07 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-24 00:14 - 2009-07-14 11:34 - 00013632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-24 00:14 - 2009-07-14 11:34 - 00013632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-23 15:02 - 2014-01-01 21:01 - 00002079 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-22 15:02 - 2012-12-08 08:59 - 00783728 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-22 11:10 - 2014-01-06 02:31 - 00000000 ____D C:\Windows\Minidump
2015-06-21 16:54 - 2012-12-08 09:05 - 00000000 ____D C:\Program Files\WinRAR
2015-06-20 17:08 - 2015-04-15 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QEON Interactive
2015-06-20 16:55 - 2012-12-08 09:05 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-20 16:55 - 2012-12-08 09:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-16 00:02 - 2014-01-19 13:25 - 09364480 ___SH C:\Users\ACER\Documents\Thumbs.db
2015-06-09 10:59 - 2012-12-08 09:06 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-06-02 09:54 - 2014-01-01 20:54 - 00000000 ____D C:\Program Files\Google
==================== Files in the root of some directories =======
2015-06-29 19:07 - 2015-06-29 19:07 - 1169408 _____ (wj32) C:\Program Files\0Y7GPNWM.exe
2015-06-29 19:07 - 2015-06-29 19:07 - 1169408 _____ (wj32) C:\Program Files\209IRPYO.exe
2015-06-26 21:50 - 2015-06-26 21:50 - 1169408 _____ (wj32) C:\Program Files\4DMVT2BF.exe
2015-06-26 21:50 - 2015-06-26 21:50 - 1169408 _____ (wj32) C:\Program Files\9IR0Y7X1.exe
2015-06-26 21:48 - 2015-06-26 21:48 - 1169408 _____ (wj32) C:\Program Files\CLU31AJN.exe
2015-06-27 12:52 - 2015-06-27 12:52 - 1169408 _____ (wj32) C:\Program Files\IR097GPT.exe
2015-06-29 19:07 - 2015-06-29 19:08 - 0000000 _____ () C:\Program Files\kprocesshacker.sys
2015-06-26 21:50 - 2015-06-26 21:50 - 1169408 _____ (wj32) C:\Program Files\KZ8HFOX1.exe
2015-06-26 21:49 - 2015-06-26 21:49 - 1169408 _____ (wj32) C:\Program Files\LUS1A8HA.exe
2015-06-28 15:30 - 2015-06-28 15:30 - 1169408 _____ (wj32) C:\Program Files\NW5ECLUY.exe
2015-06-23 14:47 - 2015-06-23 14:47 - 1169408 _____ (wj32) C:\Program Files\TMF81U71.exe
2015-06-23 14:46 - 2015-06-23 14:46 - 1169408 _____ (wj32) C:\Program Files\VWX9ABCJ.exe
2015-06-28 15:30 - 2015-06-28 15:30 - 1169408 _____ (wj32) C:\Program Files\W5ENLU37.exe
2015-06-28 15:30 - 2015-06-28 15:30 - 1169408 _____ (wj32) C:\Program Files\X64DMVTU.exe
2015-06-28 15:15 - 2015-06-28 15:15 - 1169408 _____ (wj32) C:\Program Files\Y7GPNW59.exe
2015-03-06 14:00 - 2015-03-06 14:00 - 0000132 _____ () C:\Users\ACER\AppData\Roaming\Adobe BMP Format CS6 Prefs
2014-01-13 20:00 - 2015-03-21 11:56 - 0018432 _____ () C:\Users\ACER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-03 14:17 - 2014-01-03 14:18 - 1065984 _____ () C:\Users\ACER\AppData\Local\file__0.localstorage
2013-12-31 15:21 - 2013-12-31 15:21 - 0000003 _____ () C:\Users\ACER\AppData\Local\updater.log
2013-12-31 15:21 - 2013-12-31 15:21 - 0000439 _____ () C:\Users\ACER\AppData\Local\UserProducts.xml
2009-07-14 06:31 - 2009-07-14 08:14 - 94437376 ___SH () C:\ProgramData\msrkbj.exe
Files to move or delete:
====================
C:\ProgramData\msrkbj.exe
Some files in TEMP:
====================
C:\Users\ACER\AppData\Local\Temp\82b08d187185e515ee0c604d58974f4f.dll
C:\Users\ACER\AppData\Local\Temp\avgnt.exe
C:\Users\ACER\AppData\Local\Temp\AviraSetup1038202.exe
C:\Users\ACER\AppData\Local\Temp\AviraSetup1217416.exe
C:\Users\ACER\AppData\Local\Temp\c8eb790646128f34aa04a36111aca8cf.dll
C:\Users\ACER\AppData\Local\Temp\cdo1712827442.dll
C:\Users\ACER\AppData\Local\Temp\cdo199742513.dll
C:\Users\ACER\AppData\Local\Temp\cdo2646658657.dll
C:\Users\ACER\AppData\Local\Temp\cdo3397087437.dll
C:\Users\ACER\AppData\Local\Temp\cdo3442417807.dll
C:\Users\ACER\AppData\Local\Temp\cdo397786333.dll
C:\Users\ACER\AppData\Local\Temp\cdo4036022095.dll
C:\Users\ACER\AppData\Local\Temp\cihYClUrnxVroERadnRE.DLL
C:\Users\ACER\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\ACER\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5rmk_b.dll
C:\Users\ACER\AppData\Local\Temp\JExplorer32.2.7.1.dll
C:\Users\ACER\AppData\Local\Temp\JExplorer32.2.7.1.exe
C:\Users\ACER\AppData\Local\Temp\JExplorer64.2.7.1.dll
C:\Users\ACER\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\ACER\AppData\Local\Temp\lcHKlajrqLqBqGpWAVdW.DLL
C:\Users\ACER\AppData\Local\Temp\MSETUP4.EXE
C:\Users\ACER\AppData\Local\Temp\ochelper.exe
C:\Users\ACER\AppData\Local\Temp\ResetDevice.exe
C:\Users\ACER\AppData\Local\Temp\SRLDetectionLibrary8251649217104690228.dll
C:\Users\ACER\AppData\Local\Temp\SRLDetectionLibrary8908630880232439233.dll
C:\Users\ACER\AppData\Local\Temp\suYlugyAfLtOcWlzulvi.DLL
C:\Users\ACER\AppData\Local\Temp\Uninstall.exe
C:\Users\ACER\AppData\Local\Temp\x2blapi.dll
C:\Users\ACER\AppData\Local\Temp\xdelta3-3.0.8.x86-32.exe
C:\Users\ACER\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-23 01:24
==================== End of log ============================
--------------------Addition.txt----------------------------------
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-06-2015 01
Ran by ACER at 2015-06-30 11:49:47
Running from C:\Users\ACER\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
ACER (S-1-5-21-137345057-628329502-1556354402-1000 - Administrator - Enabled) => C:\Users\ACER
Administrator (S-1-5-21-137345057-628329502-1556354402-500 - Administrator - Disabled)
Guest (S-1-5-21-137345057-628329502-1556354402-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-137345057-628329502-1556354402-1010 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.05 beta (HKLM\...\7-Zip) (Version: - )
ACDSee 10 Photo Manager (HKLM\...\{F8B98EB6-FC06-45BF-87D4-9784E0408611}) (Version: 10.0.219 - ACD Systems International)
ACDSee 18 (HKLM\...\{6D0F6DF4-553E-43CD-AA95-69AB3644A8FF}) (Version: 18.0.0.225 - ACD Systems International Inc.)
Acer Crystal Eye webcam Ver:1.1.124.1120 (HKLM\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.124.1120 - Chicony Electronics Co.,Ltd.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.12.36 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader 8.1.2 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach)
ASUS Flash Tool (HKLM\...\ASUS Flash Tool) (Version: 1.0.0.7 - ASUS)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Ayat (HKLM\...\sa.edu.ksa.ayat) (Version: 1.3.1 - UNKNOWN)
Ayat (Version: 1.3.1 - UNKNOWN) Hidden
Bloody5 (HKLM\...\Bloody3) (Version: 15.03.0012 - Bloody)
BlueStacks Notification Center (HKLM\...\{B40D9A2E-C9CA-4402-A0B7-09E33C03B9C5}) (Version: 0.9.3.4070 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Boot Animation Factory (HKLM\...\{3EA00EEB-27DE-4507-AFF4-0C697A20C37B}) (Version: 1.4.1.0 - D01 MicroApps)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MP230 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP230_series) (Version: 1.00 - Canon Inc.)
Canon MP230 series On-screen Manual (HKLM\...\Canon MP230 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
Dropbox (HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
FileZilla Client 3.10.2 (HKLM\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse)
FL Studio 11 (HKLM\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM\...\FlowStone) (Version: - )
Garena - PointBlank ID (HKLM\...\PBID) (Version: - Garena Online Pte Ltd.)
Garena+ (HKLM\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
HexEdit (HKLM\...\{083EF76E-0760-4D7A-9508-0B88A3AF1889}) (Version: 4.0.0 - Expert Commercial Software Pty Ltd)
IL Download Manager (HKLM\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM\...\IL Shared Libraries) (Version: - Image-Line)
Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.1.5 - Intel)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 3.1.1.86 - Intel Corporation)
Internet Download Manager (HKLM\...\{9E60329C-A602-4C4C-9D47-C80D5807DAAD}) (Version: 6.7.1.1 - Tonec Inc.)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
IsoTools (HKLM\...\{E53520BA-ECDA-42A6-8971-E96CBDD8523D}) (Version: 1.34.34.0 - 3K3Y Team)
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
K-Lite Codec Pack 6.5.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 6.5.0 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
Launch Manager (HKLM\...\LManager) (Version: 3.0.04 - Acer Inc.)
lightshot-4.4.2.10 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 4.4.2.10 - Skillbrains)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.0 (HKLM\...\{DE59B901-18EA-4CB9-ADE4-291BF5C1E12E}_is1) (Version: - MiniTool Solution Ltd.)
MKVToolNix 7.3.0 (32bit) (HKLM\...\MKVToolNix) (Version: 7.3.0 - Moritz Bunkus)
ModooMarble (Remove only) (HKLM\...\{7B2562F1-02DC-415F-8960-446E64BE9BBE}_is1) (Version: 1.0 - PT.CJ Internet Indonesia)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Notepad++ (HKLM\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA PhysX (HKLM\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version: - )
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2414.0 - CyberLink Corporation)
Rainmeter (HKLM\...\Rainmeter) (Version: 3.2 beta r2318 - )
Real Poker (HKLM\...\RealPoker_is1) (Version: 1.0 - Media Contact LLC)
SketchUp 2015 (HKLM\...\{D0A0BE3D-8D66-4BE9-87C4-D30CA5AA93A3}) (Version: 15.3.330 - Trimble Navigation Limited)
SPSS Statistics 17.0 (HKLM\...\{46B65150-F8AA-42F2-94FB-2729A8AE5F7E}) (Version: 17.0.0 - SPSS Inc.)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM\...\{140216F8-F102-4454-9895-55AC15B1109A}) (Version: 6.1.1.0 - Husdawg, LLC)
Unity Web Player (HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Vegas Pro 11.0 (HKLM\...\{B5B98340-0296-11E2-8B8E-F04DA23A5C58}) (Version: 11.0.700 - Sony)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
Winamp (HKLM\...\Winamp) (Version: 5.5 - Nullsoft, Inc)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
YTD Video Downloader 4.8.9 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.9 - GreenTree Applications SRL) <==== ATTENTION
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\ACER\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\ACER\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\ACER\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\ACER\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\ACER\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\ACER\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\ACER\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\ACER\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll (Dropbox, Inc.)
==================== Restore Points =========================
07-06-2015 13:56:30 Scheduled Checkpoint
17-06-2015 23:32:04 Scheduled Checkpoint
25-06-2015 05:26:07 Scheduled Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 09:04 - 2015-02-23 18:19 - 00000856 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 acdid.acdsystems.com
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00A2B098-B8BC-455A-A47B-F33283DB1884} - System32\Tasks\{F04F1A09-8426-441D-9D4D-2D1C1DB66E01} => D:\Fear 2\FEAR2.exe
Task: {055EF623-2FD7-4FD4-86B1-F881A10915D7} - System32\Tasks\{5733727A-9887-42AE-9C83-81B943D28961} => D:\Fear 2\FEAR2.exe
Task: {0A379F3F-8A68-4F35-ACCB-BCDFE2711918} - System32\Tasks\Uninstaller_SkipUac_ACER => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {1562B2AB-8E80-40CA-BDFF-42642264BA6D} - System32\Tasks\{93192681-8DC3-4527-A385-672F97806AA0} => D:\game\PS3\PSN.PKG.Decryptor.&.Extractor.v1.74a-LMAN\PSNPKGDecryptor&Extractor.exe
Task: {168295A1-82BF-4D95-9342-4B0FB8173AD9} - System32\Tasks\{CE9ACC3B-9794-4B9D-978A-823E10A84A4A} => D:\Fear 2\FEAR2.exe
Task: {1779B923-E1DE-4BCB-8372-F97DBA1B3D7B} - System32\Tasks\{ABA375E3-D0B1-48BB-9F17-6C8BAF135BC6} => D:\Fear 2\FEAR2.exe
Task: {1B6DAB07-4974-45A4-981F-71EE8EBD9563} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-137345057-628329502-1556354402-1000UA => C:\Users\ACER\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {1CA3EED6-7C0E-493C-96DF-411983F0EF13} - System32\Tasks\Alarm => C:\Users\ACER\Documents\Alarm.mp3 [2015-02-24] ()
Task: {20312749-BBC5-4674-83D1-0E79A106C445} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {34568747-0008-44C1-B8BB-E4AE66833547} - System32\Tasks\{F8FF04D3-1BCB-44DF-8FDC-3020D73147E7} => D:\Fear 2\FEAR2.exe
Task: {45E33CAC-4CB4-457F-8773-F2BBE4FBC8D9} - System32\Tasks\{689EE1B2-718F-4A81-B379-CB564EC8C8A1} => pcalua.exe -a "D:\Left4Theft_V31\Left 4 Theft Setup V31.exe" -d D:\Left4Theft_V31
Task: {4AA573B1-6E49-4E40-96B4-CF1B06E0F4A6} - System32\Tasks\{D84334BA-80F6-44D1-B2B2-CDA37DADAE0B} => D:\Fear 2\FEAR2.exe
Task: {4BE9AA24-1591-480E-A708-EFE17D9BE609} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-01] (Google Inc.)
Task: {5105898C-CEA5-46CC-B8DA-1BDCB23943D1} - System32\Tasks\{E0AB7928-CEC2-48EA-A517-160A1AD45E33} => D:\Fear 2\FEAR2.exe
Task: {5C125294-7F7B-4EC2-A22B-C129C3837FCE} - System32\Tasks\{6D571D1E-CCB8-4E63-9FCC-168B47FBA2F5} => pcalua.exe -a "D:\Left4Theft_V31\Left4Theft_MP1\Left 4 Theft MP1.exe" -d D:\Left4Theft_V31\Left4Theft_MP1
Task: {5C2FE2B5-2482-4F32-94F6-7ED255D39E7D} - System32\Tasks\{BA271178-F14D-4235-9AD1-F399F619179B} => pcalua.exe -a "D:\Cross Fire Indonesia\Uninstal.exe" -d "D:\Cross Fire Indonesia"
Task: {6BBE2BD7-E61C-49F9-8CC3-97E8E30DB2F3} - System32\Tasks\update-S-1-5-21-137345057-628329502-1556354402-1000 => C:\Program Files\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: {6C989741-E665-4C23-8262-C7DCE6D96CC0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {6D886FB6-F91C-4A11-A2DE-F2039A7ED771} - System32\Tasks\{6B72AD08-C3C2-42AA-8B7D-B94C30B71A50} => D:\Fear 2\FEAR2.exe
Task: {89958C84-A438-47FA-8149-32B1CB4BE354} - System32\Tasks\TunnelBear => C:\Program Files\TunnelBear\TBear.Client.exe
Task: {9444026E-343A-4143-9C14-707A24F0D0A1} - System32\Tasks\gg_uac_daemon_ACER => D:\Garena Plus\ggdllhost.exe [2015-06-17] ()
Task: {9E4E07A8-90BB-422D-AF28-C634FF03F186} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: {A689DAC5-1D60-4D1C-A0F1-20AF30C6B5D7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {BC8A43D6-980B-4BE6-B125-764409E71474} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-01] (Google Inc.)
Task: {D8A0C37E-FC27-45FD-B478-56D574DCF286} - System32\Tasks\{26B36F2E-35B4-47A2-A8A3-457AAB8418BB} => pcalua.exe -a "D:\Left4Theft_V31\Left4Theft_MP2\Left 4 Theft MP2.exe" -d D:\Left4Theft_V31\Left4Theft_MP2
Task: {E49AF894-9C35-4D55-9748-27058EF3F953} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-137345057-628329502-1556354402-1000Core => C:\Users\ACER\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-137345057-628329502-1556354402-1000Core.job => C:\Users\ACER\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-137345057-628329502-1556354402-1000UA.job => C:\Users\ACER\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-137345057-628329502-1556354402-1000.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
==================== Loaded Modules (Whitelisted) ==============
2015-03-03 03:30 - 2015-03-03 03:30 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2007-05-11 00:50 - 2007-05-11 00:50 - 00017024 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\viewerps.dll
2014-05-12 16:49 - 2014-05-12 16:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2012-12-08 09:13 - 2005-08-08 12:54 - 00167936 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2015-06-17 21:19 - 2015-06-17 21:19 - 00056256 _____ () D:\Garena Plus\ggdllhost.exe
2015-06-17 21:20 - 2015-06-17 21:20 - 00865728 _____ () D:\Garena Plus\ggspawn.dll
2013-09-28 23:08 - 2013-09-28 23:07 - 00200704 _____ () C:\Windows\PLFSetI.exe
2014-09-20 02:51 - 2014-09-20 02:51 - 01964552 _____ () C:\Program Files\ACD Systems\ACDSee\18.0\ACDSeeCommander18.exe
2015-06-17 21:18 - 2015-06-17 21:18 - 09981888 _____ () D:\Garena Plus\GarenaMessenger.exe
2015-06-17 21:19 - 2015-06-17 21:19 - 00111552 _____ () D:\Garena Plus\CommonLib.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00040384 _____ () D:\Garena Plus\DibModule.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00034752 _____ () D:\Garena Plus\VersionModule.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00058304 _____ () D:\Garena Plus\FileLoader.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00094144 _____ () D:\Garena Plus\PluginKernel.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00494016 _____ () D:\Garena Plus\CxImage.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00032192 _____ () D:\Garena Plus\PluginModule.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00177600 _____ () D:\Garena Plus\lib\fs\YYFileSystem.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00380864 _____ () D:\Garena Plus\lib\Http.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00191424 _____ () D:\Garena Plus\lib\MP3Module.dll
2012-02-22 15:52 - 2012-02-22 15:52 - 00162304 _____ () D:\Garena Plus\lame_enc.DLL
2015-06-17 21:20 - 2015-06-17 21:20 - 00226752 _____ () D:\Garena Plus\lib\TaskManagerLib.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00113088 _____ () D:\Garena Plus\lib\UILayout.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00965056 _____ () D:\Garena Plus\lib\XLL.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00061888 _____ () D:\Garena Plus\lib\XmlUIModule.dll
2012-02-22 15:52 - 2012-02-22 15:52 - 00573100 _____ () D:\Garena Plus\sqlite3.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00231360 _____ () D:\Garena Plus\Plugins\StatsPlugin.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 01250752 _____ () D:\Garena Plus\Plugins\ggplugin.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00199616 _____ () D:\Garena Plus\ImageModule.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00162240 _____ () D:\Garena Plus\libmpg123.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 02948032 _____ () D:\Garena Plus\ggdownloader.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00072640 _____ () D:\Garena Plus\lib\delay_load\AudioMixerLib.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00023488 _____ () D:\Garena Plus\lib\delay_load\ClientTcp.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 01552320 _____ () D:\Garena Plus\lib\delay_load\FileSender.dll
2013-02-01 12:42 - 2013-02-01 12:42 - 00153088 _____ () D:\Garena Plus\libzmq.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00963008 _____ () D:\Garena Plus\lib\delay_load\GaFileTransfer.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00251840 _____ () D:\Garena Plus\lib\delay_load\MediaEngine.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00033216 _____ () D:\Garena Plus\ServerMemAlloc.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00523712 _____ () D:\Garena Plus\lib\delay_load\RSALib.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00075200 _____ () D:\Garena Plus\lib\delay_load\UdtLib.dll
2014-09-10 04:27 - 2014-09-10 04:27 - 00036024 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2014-09-10 04:27 - 2014-09-10 04:27 - 00608440 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-09-10 04:25 - 2014-09-10 04:25 - 00046080 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.dll
2015-04-09 14:30 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2015-04-09 14:30 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2015-04-09 14:30 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-06-23 15:02 - 2015-06-20 12:46 - 01281864 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-23 15:02 - 2015-06-20 12:46 - 00080712 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-06-23 15:02 - 2015-06-20 12:46 - 15003976 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll
2015-06-30 11:41 - 2015-06-30 11:41 - 00043008 _____ () c:\users\acer\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5rmk_b.dll
2015-03-05 04:45 - 2015-03-19 14:15 - 00750080 _____ () C:\Users\ACER\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-05 04:45 - 2015-03-19 14:15 - 00047616 _____ () C:\Users\ACER\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-05 04:45 - 2015-03-19 14:15 - 00865280 _____ () C:\Users\ACER\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-05 04:45 - 2015-03-19 14:15 - 00200704 _____ () C:\Users\ACER\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-05 04:45 - 2015-03-19 14:15 - 00010240 _____ () C:\Users\ACER\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-05 04:45 - 2015-03-19 14:15 - 00726016 _____ () C:\Users\ACER\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-05 04:45 - 2015-03-19 14:15 - 00010240 _____ () C:\Users\ACER\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\TEMP:BC359956
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-137345057-628329502-1556354402-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PrivateTunnel.lnk => C:\Windows\pss\PrivateTunnel.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: GarenaPlus => "C:\Program Files\Garena Plus\GarenaMessenger.exe" -autolaunch
MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
MSCONFIG\startupreg: MobileBroadband => C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: ShowBatteryBar => "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4AD307B1-61DE-4C53-9B49-72E07661AB08}] => (Allow) C:\Program Files\SPSSInc\Statistics17\statistics.exe
FirewallRules: [{AB5A4400-BF9C-4657-AD2A-0F13AA0BD805}] => (Allow) C:\Program Files\SPSSInc\Statistics17\SPSSWinWrapIDE.exe
FirewallRules: [{4C9ABF03-1A4D-404E-AAAE-1C6A3C6FCA7D}] => (Allow) C:\Program Files\SPSSInc\Statistics17\statistics.com
FirewallRules: [{4CE4D118-093F-49EA-B8EE-D9E1664DF7CB}] => (Allow) C:\Program Files\SPSSInc\Statistics17\statistics.exe
FirewallRules: [{2720B406-74D1-42AE-9365-9D4F487240B0}] => (Allow) C:\Program Files\SPSSInc\Statistics17\SPSSWinWrapIDE.exe
FirewallRules: [{16CBADA1-52B7-465A-8A16-5D69D3DE8C24}] => (Allow) C:\Program Files\SPSSInc\Statistics17\statistics.com
FirewallRules: [{234DBB76-E91E-4F81-B794-DB036489D7F9}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B555A46D-6BD3-4D7E-8888-43C5E22BC97E}] => (Allow) LPort=8370
FirewallRules: [{FF6B75ED-BE86-4300-885D-FE4518935F81}] => (Allow) LPort=8370
FirewallRules: [{1A9D9CBB-968E-4279-8B2D-A3BF8AF7D1A8}] => (Allow) LPort=6949
FirewallRules: [{6B86A66F-7EBA-4D50-9E35-1873019B74E6}] => (Allow) LPort=6949
FirewallRules: [{62207388-97ED-43C1-96B7-E287F4D6C1E7}] => (Allow) C:\Users\ACER\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5C20A8ED-8561-478B-9B89-8199E4ECF600}] => (Allow) C:\Users\ACER\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0FAB1AEA-D685-42D1-AB97-87AB0F977058}] => (Allow) C:\Windows\System32\innogmp.exe
FirewallRules: [{C2905966-CA9F-47D3-8395-8A5C809A1DC5}] => (Allow) C:\Windows\System32\innogmp.exe
FirewallRules: [{A0979A2F-9D60-4287-BE60-98DAE7A12D3F}] => (Allow) C:\Windows\System32\innosvcd.exe
FirewallRules: [{8C702C9A-CC86-43B5-B785-4C42BA749E59}] => (Allow) C:\Windows\System32\innosvcd.exe
FirewallRules: [TCP Query User{CCF86A0A-32FE-462B-9517-5B5566CCADD2}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{56D844D6-6660-414B-979E-6EAB8F8A22EA}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [{3E104455-1BD1-440E-B322-4A00420C9A41}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{87970848-2F13-49EE-8C27-E8E65BC5D07D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{968DF5E8-C033-4A4F-9C4A-D54FFFCD9F90}D:\game\download\win32\32\paycoin.exe] => (Allow) D:\game\download\win32\32\paycoin.exe
FirewallRules: [UDP Query User{612C984C-38C8-4CA7-BF42-812484A51CF3}D:\game\download\win32\32\paycoin.exe] => (Allow) D:\game\download\win32\32\paycoin.exe
FirewallRules: [TCP Query User{4CE70DF1-365C-424E-B3D7-C007F404A0DC}D:\program files\paycoin\paycoin.exe] => (Allow) D:\program files\paycoin\paycoin.exe
FirewallRules: [UDP Query User{2595C488-0D5B-4717-9A92-44EDA9643AB1}D:\program files\paycoin\paycoin.exe] => (Allow) D:\program files\paycoin\paycoin.exe
FirewallRules: [{D487BE74-3CF7-43B9-9876-BA706E3E3849}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{E08B1569-3265-4A41-A066-5E4B973818BA}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [TCP Query User{D72DD692-77AF-43CA-8B7C-72A78CD2BE52}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{9A8E43CA-F8E6-4826-9A3E-E507B5A97762}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [{CC91525F-6E1F-4979-A468-FB6F2DEF86AF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B274C377-D69A-4181-B919-B7A903E21788}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F70A66FC-9067-4FFD-8A47-FCF6EC9EDB90}C:\program files\nvidia corporation\grid workspace\grid workspace.exe] => (Allow) C:\program files\nvidia corporation\grid workspace\grid workspace.exe
FirewallRules: [UDP Query User{4646B18F-9F57-4FE4-AF3D-774C54B70F86}C:\program files\nvidia corporation\grid workspace\grid workspace.exe] => (Allow) C:\program files\nvidia corporation\grid workspace\grid workspace.exe
FirewallRules: [TCP Query User{DF9EA34B-044D-40B7-BD19-A4AA417B2D4F}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{652C831E-00F4-4B67-921B-3C3F2B72A122}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe
FirewallRules: [TCP Query User{59FD93F3-9389-44AA-9301-821C560AA094}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2E178709-0984-4F55-A44B-5E8B0417CD56}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{8E84E3CA-CEDA-4026-B0AF-F42545980E53}] => (Allow) D:\Program Files\QEON Play Launcher\QPlay.exe
FirewallRules: [{E5621807-E9A1-4F8F-9F90-874A679830E0}] => (Allow) D:\Program Files\QEON Play Launcher\QPlay.exe
FirewallRules: [{6BD0E145-C504-4747-B5CC-5D84080606C5}] => (Allow) D:\Program Files\QEON Play Launcher\QPlay.exe
FirewallRules: [{1206332F-1778-4D74-A5D5-CFA67D6111D2}] => (Allow) D:\Program Files\QEON Play Launcher\QPlay.exe
FirewallRules: [{FB4AD8B0-4B01-4681-B166-7FC5572F2C20}] => (Allow) C:\Program Files\ASUS\PC Link\pclinkservice.exe
FirewallRules: [{DE3F446A-13BE-481A-B9E8-233264DBBF6E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{0E00FA52-9594-4C15-8682-487CABF3AE89}] => (Allow) D:\Gemscool\blacksquad\binaries\win32\BlackSquadGame.exe
FirewallRules: [{E51188C4-4909-4C47-8E4D-9CA70DF789F9}] => (Allow) D:\Gemscool\blacksquad\binaries\win32\BlackSquadGame.exe
FirewallRules: [{80FF4E5A-BD3D-47A7-9A21-C32B3358FB35}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{DC833659-FA3A-4601-ACCD-8269CF55CEA4}] => (Allow) D:\pbidInstaller.exe
FirewallRules: [{3FAFB311-F009-4A42-9457-5DD28F4D0EFC}] => (Allow) D:\pbidInstaller.exe
FirewallRules: [{44C57E81-9310-4479-9445-39CADB7740B7}] => (Allow) D:\Program Files\GarenaPBID\gamedata\Apps\PBID\PointBlank.exe
FirewallRules: [{568066A1-371B-4821-A07B-31C57A7E4A5F}] => (Allow) D:\Program Files\GarenaPBID\gamedata\Apps\PBID\PointBlank.exe
FirewallRules: [{C06F5B60-8D48-43C9-8A48-DA615F387FF8}] => (Allow) D:\Garena Plus\ggdllhost.exe
==================== Faulty Device Manager Devices =============
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (06/30/2015 11:29:19 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
Error: (06/30/2015 10:24:33 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
Error: (06/29/2015 07:06:22 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
Error: (06/29/2015 01:14:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15787
Error: (06/29/2015 01:14:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15787
Error: (06/29/2015 01:14:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/28/2015 03:29:45 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
Error: (06/28/2015 03:17:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7600.16450, time stamp: 0x4aeba271
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x6d0
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Error: (06/28/2015 03:15:09 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
Error: (06/27/2015 00:52:03 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
System errors:
=============
Error: (06/30/2015 11:29:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Mobizen plugin service failed to start due to the following error:
%%2
Error: (06/30/2015 11:29:20 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Avira Web Protection service depends on the Avira Real-Time Protection service which failed to start because of the following error:
%%2
Error: (06/30/2015 11:29:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avira Real-Time Protection service failed to start due to the following error:
%%2
Error: (06/30/2015 11:29:00 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:28:04 AM on 6/30/2015 was unexpected.
Error: (06/30/2015 11:22:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Innosvcd service terminated unexpectedly. It has done this 1 time(s).
Error: (06/30/2015 11:22:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Cyberlink RichVideo Service(CRVS) service terminated unexpectedly. It has done this 1 time(s).
Error: (06/30/2015 11:14:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (06/30/2015 10:53:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TeamViewer 10 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.
Error: (06/30/2015 10:52:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
Error: (06/30/2015 10:52:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TeamViewer 10 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.
Microsoft Office:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-12-22 20:03:05.486
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-12-22 19:58:20.196
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-12-22 19:52:59.133
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-12-22 19:34:39.209
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-12-22 19:03:30.790
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Pentium® Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 85%
Total physical RAM: 1976.93 MB
Available physical RAM: 290.58 MB
Total Pagefile: 7708.75 MB
Available Pagefile: 5482.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1885.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:50.78 GB) (Free:2.81 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:247.3 GB) (Free:96.96 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: F6C7F6C7)
Partition 1: (Active) - (Size=50.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.3 GB) - (Type=OF Extended)
==================== End of log ============================
Thank you so much !
Edited by lonelygrimm, 29 June 2015 - 11:08 PM.
Your logs are clean and you're good to go now!! 
Just run through the steps from the Cleanup of Tools to the Program Update Checker. That's it. Thanks. 
Sign In
Create Account
