Hi ! Need Help ASAP !
My AV (Avira) services won't run, so i uninstall it for now, here's the log text :
==========FRST.txt==========
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-06-2015 01
Ran by ACER (administrator) on ACER-PC on 30-06-2015 11:47:48
Running from C:\Users\ACER\Desktop
Loaded Profiles: ACER (Available Profiles: ACER)
Platform: Microsoft Windows 7 Ultimate (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(INNORIX) C:\Windows\System32\innosvcd.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Users\ACER\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
() D:\Garena Plus\ggdllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
() C:\Windows\PLFSetI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee\18.0\acdIDInTouch2.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
() C:\Program Files\ACD Systems\ACDSee\18.0\ACDSeeCommander18.exe
(Skillbrains) C:\Users\ACER\AppData\Local\Skillbrains\lightshot\4.4.2.10\Lightshot.exe
() D:\Garena Plus\GarenaMessenger.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\ACER\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1094736 2009-11-01] (Dritek System Inc.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2013-09-28] ()
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [ACSW18EN] => C:\Program Files\ACD Systems\ACDSee\18.0\acdIDInTouch2.exe [1470224 2014-09-17] (ACD Systems)
HKLM\...\Policies\Explorer\Run: [99016089] => C:\ProgramData\msrkbj.exe [94437376 2009-07-14] ()
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3392920 2011-07-07] (Tonec Inc.)
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Run: [LightShot] => C:\Users\ACER\AppData\Local\Skillbrains\lightshot\LightShot.exe [226592 2013-09-27] ()
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Run: [ACDSeeCommander18] => C:\Program Files\ACD Systems\ACDSee\18.0\ACDSeeCommander18.exe [1964552 2014-09-20] ()
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Run: [Dropbox Update] => C:\Users\ACER\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Run: [GarenaPlus] => D:\Garena Plus\GarenaMessenger.exe [9981888 2015-06-17] ()
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: F - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {1a77d288-df2d-11e4-a9b4-00262d81a167} - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {3b62066b-29da-11e3-8a8f-00262d81a167} - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {3b6206cf-29da-11e3-8a8f-00262d81a167} - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {3b85ec8e-cdd8-11e4-909d-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {3b85ec9f-cdd8-11e4-909d-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {3b85ecaa-cdd8-11e4-909d-00262d81a167} - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {450ea1ec-4204-11e3-8b14-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {450ea1fb-4204-11e3-8b14-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {450ea21d-4204-11e3-8b14-00262d81a167} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {69078a61-e61c-11e4-8010-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {69078a65-e61c-11e4-8010-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {69078a79-e61c-11e4-8010-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\MountPoints2: {912977b9-452f-11e3-a794-00262d81a167} - F:\AutoRun.exe
HKU\S-1-5-21-137345057-628329502-1556354402-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
Startup: C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2013-10-01]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2011-05-30] (Tonec Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-137345057-628329502-1556354402-1000] => http=127.0.0.1:8888
SearchScopes: HKLM -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2011-07-06] (Internet Download Manager, Tonec Inc.)
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-04-09] (IObit)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-09] (Oracle Corporation)
BHO: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-10-17] (IObit)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-09] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-137345057-628329502-1556354402-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: 127.0.0.1 acdid.acdsystems.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{26FB0689-60CF-4DA7-876D-AFC842AC7DB6}: [DhcpNameServer] 50.23.239.24 208.67.222.222
Tcpip\..\Interfaces\{437DB111-52F1-4DD9-97BD-3AD33B92EC69}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9F551EE0-19FF-4EAB-A839-F04500679B43}: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\zbmnob2u.default
FF NetworkProxy: "backup.ftp", "66.35.68.146"
FF NetworkProxy: "backup.ftp_port", 3127
FF NetworkProxy: "backup.socks", "66.35.68.146"
FF NetworkProxy: "backup.socks_port", 3127
FF NetworkProxy: "backup.ssl", "66.35.68.146"
FF NetworkProxy: "backup.ssl_port", 3127
FF NetworkProxy: "ftp", "118.233.139.108"
FF NetworkProxy: "ftp_port", 8088
FF NetworkProxy: "gopher", "118.233.139.108"
FF NetworkProxy: "gopher_port", 8088
FF NetworkProxy: "http", "118.233.139.108"
FF NetworkProxy: "http_port", 8088
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "118.233.139.108"
FF NetworkProxy: "socks_port", 8088
FF NetworkProxy: "ssl", "118.233.139.108"
FF NetworkProxy: "ssl_port", 8088
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-24] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-25] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin: @innorix.com/innogmp -> C:\Program Files\INNORIX\npinnogmp.dll [2013-04-04] (INNORIX)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-09] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @t.garena.com/garenatalk -> D:\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2015-05-27] ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-137345057-628329502-1556354402-1000: @innorix.com/innogmp -> C:\Program Files\INNORIX\npinnogmp.dll [2013-04-04] (INNORIX)
FF Plugin HKU\S-1-5-21-137345057-628329502-1556354402-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ACER\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-22] (Unity Technologies ApS)
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\zbmnob2u.default\Extensions\
[email protected] [2015-04-09]
FF Extension: iMacros for Firefox - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\zbmnob2u.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-05-29]
FF Extension: Best Proxy Switcher - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\zbmnob2u.default\Extensions\
[email protected] [2014-09-13]
FF Extension: ZenMate Security, Privacy & Unblock VPN - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\zbmnob2u.default\Extensions\
[email protected] [2014-12-26]
FF HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Firefox\Extensions: [
[email protected]] - C:\Users\ACER\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\ACER\AppData\Roaming\IDM\idmmzcc5 [2012-12-08]
FF HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\SeaMonkey\Extensions: [
[email protected]] - C:\Users\ACER\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR Profile: C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (MEGA) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2015-03-14]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-12-29]
CHR Extension: (Authy) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2014-12-13]
CHR Extension: (Hola Better Internet) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-09-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-01]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Innosvcd; C:\Windows\system32\innosvcd.exe [193144 2013-04-04] (INNORIX)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S3 npggsvc; C:\Windows\system32\GameMon.des [3431664 2014-08-18] (INCA Internet Co., Ltd.)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-08] () [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 VSSS; C:\Users\ACER\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [101905984 2015-06-23] (Microsoft Corporation) [File not signed] <==== ATTENTION
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S2 AntiVirService; "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" [X]
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [X]
S2 Mobizen plugin; D:\Program Files\RSUPPORT\MobizenService\MobizenService.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 busenum; C:\Windows\System32\DRIVERS\SteelBus.sys [124928 2014-10-08] (SteelSeries Corporation) [File not signed]
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-14] (VIA Technologies, Inc. )
S3 KProcessHacker2; C:\Program Files\kprocesshacker.sys [0 2015-06-29] () <==== ATTENTION (zero byte File/Folder)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [23552 2014-04-25] (The OpenVPN Project)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [16472 2011-09-02] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [11104 2011-09-02] ()
S3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham.sys [35456 2014-10-08] (SteelSeries Corporation) [File not signed]
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2014-03-12] (The OpenVPN Project)
S3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2014-12-15] (TeamViewer GmbH)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S3 XDva405; \??\C:\Windows\system32\XDva405.sys [X]
S3 XDva409; \??\C:\Windows\system32\XDva409.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
S3 xspirit; \??\C:\Windows\xspirit.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-30 11:47 - 2015-06-30 11:49 - 00020188 _____ C:\Users\ACER\Desktop\FRST.txt
2015-06-30 11:47 - 2015-06-30 11:47 - 00000000 ____D C:\FRST
2015-06-30 11:46 - 2015-06-30 11:46 - 01636352 _____ (Farbar) C:\Users\ACER\Desktop\FRST.exe
2015-06-30 04:40 - 2015-06-30 04:40 - 00000698 _____ C:\Users\Public\Desktop\PointBlank Garena.lnk
2015-06-30 00:02 - 2015-06-30 04:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
2015-06-30 00:02 - 2015-06-30 00:02 - 00000580 _____ C:\Users\Public\Desktop\Garena+.lnk
2015-06-29 23:33 - 2015-06-29 23:46 - 76436560 _____ C:\Users\ACER\Desktop\Garena+_Install_id.exe
2015-06-29 19:07 - 2015-06-29 19:08 - 00000000 _____ C:\Program Files\kprocesshacker.sys
2015-06-29 19:07 - 2015-06-29 19:07 - 01169408 _____ (wj32) C:\Program Files\209IRPYO.exe
2015-06-29 19:07 - 2015-06-29 19:07 - 01169408 _____ (wj32) C:\Program Files\0Y7GPNWM.exe
2015-06-29 13:05 - 2015-06-29 23:34 - 00000000 ____D C:\Users\ACER\Desktop\PSD FILE
2015-06-28 15:45 - 2015-06-28 15:45 - 00000000 ___HD C:\Users\ACER\Desktop\[Originals]
2015-06-28 15:30 - 2015-06-28 15:30 - 01169408 _____ (wj32) C:\Program Files\X64DMVTU.exe
2015-06-28 15:30 - 2015-06-28 15:30 - 01169408 _____ (wj32) C:\Program Files\W5ENLU37.exe
2015-06-28 15:30 - 2015-06-28 15:30 - 01169408 _____ (wj32) C:\Program Files\NW5ECLUY.exe
2015-06-28 15:15 - 2015-06-28 15:15 - 01169408 _____ (wj32) C:\Program Files\Y7GPNW59.exe
2015-06-27 12:52 - 2015-06-27 12:52 - 01169408 _____ (wj32) C:\Program Files\IR097GPT.exe
2015-06-26 21:50 - 2015-06-26 21:50 - 01169408 _____ (wj32) C:\Program Files\KZ8HFOX1.exe
2015-06-26 21:50 - 2015-06-26 21:50 - 01169408 _____ (wj32) C:\Program Files\9IR0Y7X1.exe
2015-06-26 21:50 - 2015-06-26 21:50 - 01169408 _____ (wj32) C:\Program Files\4DMVT2BF.exe
2015-06-26 21:49 - 2015-06-26 21:49 - 01169408 _____ (wj32) C:\Program Files\LUS1A8HA.exe
2015-06-26 21:48 - 2015-06-26 21:48 - 01169408 _____ (wj32) C:\Program Files\CLU31AJN.exe
2015-06-25 04:31 - 2015-06-25 04:31 - 00000000 ____D C:\Users\ACER\Documents\BlackSquad
2015-06-23 19:14 - 2015-06-23 22:03 - 806237289 _____ C:\Users\ACER\Desktop\Samsung_Galaxy_Tab_2_7.0_3G_WiFi_GT-P3100_Stock_ROM_P3100XXCME2_XSE_Indonesia_4.1.2_Jelly_Bean_MrCrab.Net.zip
2015-06-23 18:31 - 2015-06-23 18:31 - 00000000 ____D C:\Users\ACER\Desktop\Odin_v3.07
2015-06-23 18:30 - 2015-06-23 18:31 - 00464968 _____ C:\Users\ACER\Desktop\Odin_v3.07.zip
2015-06-23 14:47 - 2015-06-23 14:47 - 01169408 _____ (wj32) C:\Program Files\TMF81U71.exe
2015-06-23 14:46 - 2015-06-23 14:46 - 01169408 _____ (wj32) C:\Program Files\VWX9ABCJ.exe
2015-06-22 11:10 - 2015-06-22 11:10 - 00146456 _____ C:\Windows\Minidump\062215-24070-01.dmp
2015-06-22 05:31 - 2015-06-30 00:06 - 00000000 ____D C:\Users\ACER\Desktop\psx
2015-06-22 05:21 - 2015-06-22 05:21 - 00000000 ____D C:\Users\ACER\AppData\Roaming\fltk.org
2015-06-22 05:18 - 2015-06-22 05:20 - 07918643 _____ C:\Users\ACER\Desktop\Epsxe1.90(bios and plugin include).rar
2015-06-21 23:17 - 2015-06-21 23:17 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2015-06-21 23:17 - 2015-06-21 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals
2015-06-21 23:17 - 2015-06-21 23:17 - 00000000 ____D C:\Program Files\DiskInternals
2015-06-21 23:04 - 1970-01-01 06:59 - 331767326 ____N C:\Users\ACER\Desktop\silent_hill_.zip
2015-06-20 16:55 - 2015-06-20 16:55 - 00000935 _____ C:\Users\Public\Desktop\WinRAR.lnk
2015-06-20 16:28 - 2015-06-20 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-06-20 16:28 - 2015-06-20 16:28 - 00000000 ____D C:\Program Files\7-Zip
2015-06-19 23:40 - 2015-06-19 23:40 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-19 23:39 - 2015-06-30 11:44 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-137345057-628329502-1556354402-1000UA.job
2015-06-19 23:39 - 2015-06-29 23:44 - 00000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-137345057-628329502-1556354402-1000Core.job
2015-06-19 23:39 - 2015-06-19 23:39 - 00000000 ____D C:\Users\ACER\AppData\Local\Dropbox
2015-06-19 23:39 - 2015-06-19 23:39 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-05 20:33 - 2015-06-07 22:53 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-02 09:37 - 2015-06-02 09:37 - 00002074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-30 11:42 - 2014-05-30 18:28 - 00000000 ___RD C:\Users\ACER\Dropbox
2015-06-30 11:41 - 2014-05-30 18:15 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Dropbox
2015-06-30 11:38 - 2009-07-14 09:37 - 00000000 ____D C:\Windows\tracing
2015-06-30 11:34 - 2014-05-06 15:40 - 00000000 ____D C:\Users\ACER\AppData\Roaming\GarenaPlus
2015-06-30 11:34 - 2014-05-06 14:19 - 00000000 ____D C:\ProgramData\GarenaMessenger
2015-06-30 11:33 - 2012-12-08 23:36 - 01198132 _____ C:\Windows\WindowsUpdate.log
2015-06-30 11:29 - 2014-03-09 17:22 - 00104760 _____ C:\Windows\setupact.log
2015-06-30 11:29 - 2014-01-01 20:54 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-30 11:29 - 2013-10-31 15:51 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-06-30 11:29 - 2013-09-28 22:30 - 00135712 _____ C:\Users\ACER\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-30 11:29 - 2009-07-14 11:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-30 11:29 - 2009-07-14 11:33 - 03887664 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-30 11:28 - 2014-05-21 16:34 - 00385166 _____ C:\Windows\PFRO.log
2015-06-30 11:18 - 2015-01-04 15:10 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-30 10:56 - 2014-01-01 20:54 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-30 10:52 - 2012-12-08 09:24 - 00000000 ____D C:\Users\ACER\AppData\Roaming\DMCache
2015-06-30 10:24 - 2013-10-01 17:22 - 00000000 ____D C:\ProgramData\Avira
2015-06-30 10:24 - 2013-10-01 17:22 - 00000000 ____D C:\Program Files\Avira
2015-06-30 10:15 - 2013-10-01 18:27 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-30 10:12 - 2015-03-06 13:10 - 00000000 ____D C:\Users\ACER\AppData\Roaming\SteelSeries
2015-06-30 10:12 - 2015-03-06 13:10 - 00000000 ____D C:\Users\ACER\AppData\Local\SteelSeries_ApS
2015-06-30 10:12 - 2015-03-06 13:09 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2015-06-30 10:12 - 2015-03-06 13:09 - 00000000 ____D C:\ProgramData\SteelSeries
2015-06-30 10:12 - 2015-03-06 13:08 - 00000000 ____D C:\Program Files\SteelSeries
2015-06-30 10:10 - 2013-10-31 15:44 - 00000000 ____D C:\ProgramData\DatacardService
2015-06-26 22:38 - 2012-12-08 09:08 - 00000000 ____D C:\Program Files\Internet Download Manager
2015-06-26 21:51 - 2014-05-19 16:50 - 00000000 ____D C:\ProgramData\ProductData
2015-06-25 04:31 - 2013-10-01 21:14 - 00000000 ____D C:\Windows\system32\directx
2015-06-25 04:20 - 2014-02-09 11:25 - 00000000 ____D C:\Users\ACER\Downloads\Compressed
2015-06-24 18:21 - 2013-10-26 15:10 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-24 18:21 - 2012-12-08 09:07 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-24 00:14 - 2009-07-14 11:34 - 00013632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-24 00:14 - 2009-07-14 11:34 - 00013632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-23 15:02 - 2014-01-01 21:01 - 00002079 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-22 15:02 - 2012-12-08 08:59 - 00783728 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-22 11:10 - 2014-01-06 02:31 - 00000000 ____D C:\Windows\Minidump
2015-06-21 16:54 - 2012-12-08 09:05 - 00000000 ____D C:\Program Files\WinRAR
2015-06-20 17:08 - 2015-04-15 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QEON Interactive
2015-06-20 16:55 - 2012-12-08 09:05 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-20 16:55 - 2012-12-08 09:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-16 00:02 - 2014-01-19 13:25 - 09364480 ___SH C:\Users\ACER\Documents\Thumbs.db
2015-06-09 10:59 - 2012-12-08 09:06 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-06-02 09:54 - 2014-01-01 20:54 - 00000000 ____D C:\Program Files\Google
==================== Files in the root of some directories =======
2015-06-29 19:07 - 2015-06-29 19:07 - 1169408 _____ (wj32) C:\Program Files\0Y7GPNWM.exe
2015-06-29 19:07 - 2015-06-29 19:07 - 1169408 _____ (wj32) C:\Program Files\209IRPYO.exe
2015-06-26 21:50 - 2015-06-26 21:50 - 1169408 _____ (wj32) C:\Program Files\4DMVT2BF.exe
2015-06-26 21:50 - 2015-06-26 21:50 - 1169408 _____ (wj32) C:\Program Files\9IR0Y7X1.exe
2015-06-26 21:48 - 2015-06-26 21:48 - 1169408 _____ (wj32) C:\Program Files\CLU31AJN.exe
2015-06-27 12:52 - 2015-06-27 12:52 - 1169408 _____ (wj32) C:\Program Files\IR097GPT.exe
2015-06-29 19:07 - 2015-06-29 19:08 - 0000000 _____ () C:\Program Files\kprocesshacker.sys
2015-06-26 21:50 - 2015-06-26 21:50 - 1169408 _____ (wj32) C:\Program Files\KZ8HFOX1.exe
2015-06-26 21:49 - 2015-06-26 21:49 - 1169408 _____ (wj32) C:\Program Files\LUS1A8HA.exe
2015-06-28 15:30 - 2015-06-28 15:30 - 1169408 _____ (wj32) C:\Program Files\NW5ECLUY.exe
2015-06-23 14:47 - 2015-06-23 14:47 - 1169408 _____ (wj32) C:\Program Files\TMF81U71.exe
2015-06-23 14:46 - 2015-06-23 14:46 - 1169408 _____ (wj32) C:\Program Files\VWX9ABCJ.exe
2015-06-28 15:30 - 2015-06-28 15:30 - 1169408 _____ (wj32) C:\Program Files\W5ENLU37.exe
2015-06-28 15:30 - 2015-06-28 15:30 - 1169408 _____ (wj32) C:\Program Files\X64DMVTU.exe
2015-06-28 15:15 - 2015-06-28 15:15 - 1169408 _____ (wj32) C:\Program Files\Y7GPNW59.exe
2015-03-06 14:00 - 2015-03-06 14:00 - 0000132 _____ () C:\Users\ACER\AppData\Roaming\Adobe BMP Format CS6 Prefs
2014-01-13 20:00 - 2015-03-21 11:56 - 0018432 _____ () C:\Users\ACER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-03 14:17 - 2014-01-03 14:18 - 1065984 _____ () C:\Users\ACER\AppData\Local\file__0.localstorage
2013-12-31 15:21 - 2013-12-31 15:21 - 0000003 _____ () C:\Users\ACER\AppData\Local\updater.log
2013-12-31 15:21 - 2013-12-31 15:21 - 0000439 _____ () C:\Users\ACER\AppData\Local\UserProducts.xml
2009-07-14 06:31 - 2009-07-14 08:14 - 94437376 ___SH () C:\ProgramData\msrkbj.exe
Files to move or delete:
====================
C:\ProgramData\msrkbj.exe
Some files in TEMP:
====================
C:\Users\ACER\AppData\Local\Temp\82b08d187185e515ee0c604d58974f4f.dll
C:\Users\ACER\AppData\Local\Temp\avgnt.exe
C:\Users\ACER\AppData\Local\Temp\AviraSetup1038202.exe
C:\Users\ACER\AppData\Local\Temp\AviraSetup1217416.exe
C:\Users\ACER\AppData\Local\Temp\c8eb790646128f34aa04a36111aca8cf.dll
C:\Users\ACER\AppData\Local\Temp\cdo1712827442.dll
C:\Users\ACER\AppData\Local\Temp\cdo199742513.dll
C:\Users\ACER\AppData\Local\Temp\cdo2646658657.dll
C:\Users\ACER\AppData\Local\Temp\cdo3397087437.dll
C:\Users\ACER\AppData\Local\Temp\cdo3442417807.dll
C:\Users\ACER\AppData\Local\Temp\cdo397786333.dll
C:\Users\ACER\AppData\Local\Temp\cdo4036022095.dll
C:\Users\ACER\AppData\Local\Temp\cihYClUrnxVroERadnRE.DLL
C:\Users\ACER\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\ACER\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5rmk_b.dll
C:\Users\ACER\AppData\Local\Temp\JExplorer32.2.7.1.dll
C:\Users\ACER\AppData\Local\Temp\JExplorer32.2.7.1.exe
C:\Users\ACER\AppData\Local\Temp\JExplorer64.2.7.1.dll
C:\Users\ACER\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\ACER\AppData\Local\Temp\lcHKlajrqLqBqGpWAVdW.DLL
C:\Users\ACER\AppData\Local\Temp\MSETUP4.EXE
C:\Users\ACER\AppData\Local\Temp\ochelper.exe
C:\Users\ACER\AppData\Local\Temp\ResetDevice.exe
C:\Users\ACER\AppData\Local\Temp\SRLDetectionLibrary8251649217104690228.dll
C:\Users\ACER\AppData\Local\Temp\SRLDetectionLibrary8908630880232439233.dll
C:\Users\ACER\AppData\Local\Temp\suYlugyAfLtOcWlzulvi.DLL
C:\Users\ACER\AppData\Local\Temp\Uninstall.exe
C:\Users\ACER\AppData\Local\Temp\x2blapi.dll
C:\Users\ACER\AppData\Local\Temp\xdelta3-3.0.8.x86-32.exe
C:\Users\ACER\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-23 01:24
==================== End of log ============================
--------------------Addition.txt----------------------------------
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-06-2015 01
Ran by ACER at 2015-06-30 11:49:47
Running from C:\Users\ACER\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
ACER (S-1-5-21-137345057-628329502-1556354402-1000 - Administrator - Enabled) => C:\Users\ACER
Administrator (S-1-5-21-137345057-628329502-1556354402-500 - Administrator - Disabled)
Guest (S-1-5-21-137345057-628329502-1556354402-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-137345057-628329502-1556354402-1010 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.05 beta (HKLM\...\7-Zip) (Version: - )
ACDSee 10 Photo Manager (HKLM\...\{F8B98EB6-FC06-45BF-87D4-9784E0408611}) (Version: 10.0.219 - ACD Systems International)
ACDSee 18 (HKLM\...\{6D0F6DF4-553E-43CD-AA95-69AB3644A8FF}) (Version: 18.0.0.225 - ACD Systems International Inc.)
Acer Crystal Eye webcam Ver:1.1.124.1120 (HKLM\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.124.1120 - Chicony Electronics Co.,Ltd.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.12.36 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader 8.1.2 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach)
ASUS Flash Tool (HKLM\...\ASUS Flash Tool) (Version: 1.0.0.7 - ASUS)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Ayat (HKLM\...\sa.edu.ksa.ayat) (Version: 1.3.1 - UNKNOWN)
Ayat (Version: 1.3.1 - UNKNOWN) Hidden
Bloody5 (HKLM\...\Bloody3) (Version: 15.03.0012 - Bloody)
BlueStacks Notification Center (HKLM\...\{B40D9A2E-C9CA-4402-A0B7-09E33C03B9C5}) (Version: 0.9.3.4070 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Boot Animation Factory (HKLM\...\{3EA00EEB-27DE-4507-AFF4-0C697A20C37B}) (Version: 1.4.1.0 - D01 MicroApps)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MP230 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP230_series) (Version: 1.00 - Canon Inc.)
Canon MP230 series On-screen Manual (HKLM\...\Canon MP230 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
Dropbox (HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
FileZilla Client 3.10.2 (HKLM\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse)
FL Studio 11 (HKLM\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM\...\FlowStone) (Version: - )
Garena - PointBlank ID (HKLM\...\PBID) (Version: - Garena Online Pte Ltd.)
Garena+ (HKLM\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
HexEdit (HKLM\...\{083EF76E-0760-4D7A-9508-0B88A3AF1889}) (Version: 4.0.0 - Expert Commercial Software Pty Ltd)
IL Download Manager (HKLM\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM\...\IL Shared Libraries) (Version: - Image-Line)
Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.1.5 - Intel)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 3.1.1.86 - Intel Corporation)
Internet Download Manager (HKLM\...\{9E60329C-A602-4C4C-9D47-C80D5807DAAD}) (Version: 6.7.1.1 - Tonec Inc.)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
IsoTools (HKLM\...\{E53520BA-ECDA-42A6-8971-E96CBDD8523D}) (Version: 1.34.34.0 - 3K3Y Team)
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
K-Lite Codec Pack 6.5.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 6.5.0 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
Launch Manager (HKLM\...\LManager) (Version: 3.0.04 - Acer Inc.)
lightshot-4.4.2.10 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 4.4.2.10 - Skillbrains)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.0 (HKLM\...\{DE59B901-18EA-4CB9-ADE4-291BF5C1E12E}_is1) (Version: - MiniTool Solution Ltd.)
MKVToolNix 7.3.0 (32bit) (HKLM\...\MKVToolNix) (Version: 7.3.0 - Moritz Bunkus)
ModooMarble (Remove only) (HKLM\...\{7B2562F1-02DC-415F-8960-446E64BE9BBE}_is1) (Version: 1.0 - PT.CJ Internet Indonesia)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Notepad++ (HKLM\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA PhysX (HKLM\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version: - )
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2414.0 - CyberLink Corporation)
Rainmeter (HKLM\...\Rainmeter) (Version: 3.2 beta r2318 - )
Real Poker (HKLM\...\RealPoker_is1) (Version: 1.0 - Media Contact LLC)
SketchUp 2015 (HKLM\...\{D0A0BE3D-8D66-4BE9-87C4-D30CA5AA93A3}) (Version: 15.3.330 - Trimble Navigation Limited)
SPSS Statistics 17.0 (HKLM\...\{46B65150-F8AA-42F2-94FB-2729A8AE5F7E}) (Version: 17.0.0 - SPSS Inc.)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM\...\{140216F8-F102-4454-9895-55AC15B1109A}) (Version: 6.1.1.0 - Husdawg, LLC)
Unity Web Player (HKU\S-1-5-21-137345057-628329502-1556354402-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Vegas Pro 11.0 (HKLM\...\{B5B98340-0296-11E2-8B8E-F04DA23A5C58}) (Version: 11.0.700 - Sony)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
Winamp (HKLM\...\Winamp) (Version: 5.5 - Nullsoft, Inc)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
YTD Video Downloader 4.8.9 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.9 - GreenTree Applications SRL) <==== ATTENTION
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\ACER\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\ACER\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\ACER\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\ACER\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\ACER\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\ACER\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\ACER\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ACER\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-137345057-628329502-1556354402-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\ACER\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll (Dropbox, Inc.)
==================== Restore Points =========================
07-06-2015 13:56:30 Scheduled Checkpoint
17-06-2015 23:32:04 Scheduled Checkpoint
25-06-2015 05:26:07 Scheduled Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 09:04 - 2015-02-23 18:19 - 00000856 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 acdid.acdsystems.com
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00A2B098-B8BC-455A-A47B-F33283DB1884} - System32\Tasks\{F04F1A09-8426-441D-9D4D-2D1C1DB66E01} => D:\Fear 2\FEAR2.exe
Task: {055EF623-2FD7-4FD4-86B1-F881A10915D7} - System32\Tasks\{5733727A-9887-42AE-9C83-81B943D28961} => D:\Fear 2\FEAR2.exe
Task: {0A379F3F-8A68-4F35-ACCB-BCDFE2711918} - System32\Tasks\Uninstaller_SkipUac_ACER => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {1562B2AB-8E80-40CA-BDFF-42642264BA6D} - System32\Tasks\{93192681-8DC3-4527-A385-672F97806AA0} => D:\game\PS3\PSN.PKG.Decryptor.&.Extractor.v1.74a-LMAN\PSNPKGDecryptor&Extractor.exe
Task: {168295A1-82BF-4D95-9342-4B0FB8173AD9} - System32\Tasks\{CE9ACC3B-9794-4B9D-978A-823E10A84A4A} => D:\Fear 2\FEAR2.exe
Task: {1779B923-E1DE-4BCB-8372-F97DBA1B3D7B} - System32\Tasks\{ABA375E3-D0B1-48BB-9F17-6C8BAF135BC6} => D:\Fear 2\FEAR2.exe
Task: {1B6DAB07-4974-45A4-981F-71EE8EBD9563} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-137345057-628329502-1556354402-1000UA => C:\Users\ACER\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {1CA3EED6-7C0E-493C-96DF-411983F0EF13} - System32\Tasks\Alarm => C:\Users\ACER\Documents\Alarm.mp3 [2015-02-24] ()
Task: {20312749-BBC5-4674-83D1-0E79A106C445} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {34568747-0008-44C1-B8BB-E4AE66833547} - System32\Tasks\{F8FF04D3-1BCB-44DF-8FDC-3020D73147E7} => D:\Fear 2\FEAR2.exe
Task: {45E33CAC-4CB4-457F-8773-F2BBE4FBC8D9} - System32\Tasks\{689EE1B2-718F-4A81-B379-CB564EC8C8A1} => pcalua.exe -a "D:\Left4Theft_V31\Left 4 Theft Setup V31.exe" -d D:\Left4Theft_V31
Task: {4AA573B1-6E49-4E40-96B4-CF1B06E0F4A6} - System32\Tasks\{D84334BA-80F6-44D1-B2B2-CDA37DADAE0B} => D:\Fear 2\FEAR2.exe
Task: {4BE9AA24-1591-480E-A708-EFE17D9BE609} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-01] (Google Inc.)
Task: {5105898C-CEA5-46CC-B8DA-1BDCB23943D1} - System32\Tasks\{E0AB7928-CEC2-48EA-A517-160A1AD45E33} => D:\Fear 2\FEAR2.exe
Task: {5C125294-7F7B-4EC2-A22B-C129C3837FCE} - System32\Tasks\{6D571D1E-CCB8-4E63-9FCC-168B47FBA2F5} => pcalua.exe -a "D:\Left4Theft_V31\Left4Theft_MP1\Left 4 Theft MP1.exe" -d D:\Left4Theft_V31\Left4Theft_MP1
Task: {5C2FE2B5-2482-4F32-94F6-7ED255D39E7D} - System32\Tasks\{BA271178-F14D-4235-9AD1-F399F619179B} => pcalua.exe -a "D:\Cross Fire Indonesia\Uninstal.exe" -d "D:\Cross Fire Indonesia"
Task: {6BBE2BD7-E61C-49F9-8CC3-97E8E30DB2F3} - System32\Tasks\update-S-1-5-21-137345057-628329502-1556354402-1000 => C:\Program Files\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: {6C989741-E665-4C23-8262-C7DCE6D96CC0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {6D886FB6-F91C-4A11-A2DE-F2039A7ED771} - System32\Tasks\{6B72AD08-C3C2-42AA-8B7D-B94C30B71A50} => D:\Fear 2\FEAR2.exe
Task: {89958C84-A438-47FA-8149-32B1CB4BE354} - System32\Tasks\TunnelBear => C:\Program Files\TunnelBear\TBear.Client.exe
Task: {9444026E-343A-4143-9C14-707A24F0D0A1} - System32\Tasks\gg_uac_daemon_ACER => D:\Garena Plus\ggdllhost.exe [2015-06-17] ()
Task: {9E4E07A8-90BB-422D-AF28-C634FF03F186} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: {A689DAC5-1D60-4D1C-A0F1-20AF30C6B5D7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {BC8A43D6-980B-4BE6-B125-764409E71474} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-01] (Google Inc.)
Task: {D8A0C37E-FC27-45FD-B478-56D574DCF286} - System32\Tasks\{26B36F2E-35B4-47A2-A8A3-457AAB8418BB} => pcalua.exe -a "D:\Left4Theft_V31\Left4Theft_MP2\Left 4 Theft MP2.exe" -d D:\Left4Theft_V31\Left4Theft_MP2
Task: {E49AF894-9C35-4D55-9748-27058EF3F953} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-137345057-628329502-1556354402-1000Core => C:\Users\ACER\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-137345057-628329502-1556354402-1000Core.job => C:\Users\ACER\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-137345057-628329502-1556354402-1000UA.job => C:\Users\ACER\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-137345057-628329502-1556354402-1000.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
==================== Loaded Modules (Whitelisted) ==============
2015-03-03 03:30 - 2015-03-03 03:30 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2007-05-11 00:50 - 2007-05-11 00:50 - 00017024 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\viewerps.dll
2014-05-12 16:49 - 2014-05-12 16:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2012-12-08 09:13 - 2005-08-08 12:54 - 00167936 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2015-06-17 21:19 - 2015-06-17 21:19 - 00056256 _____ () D:\Garena Plus\ggdllhost.exe
2015-06-17 21:20 - 2015-06-17 21:20 - 00865728 _____ () D:\Garena Plus\ggspawn.dll
2013-09-28 23:08 - 2013-09-28 23:07 - 00200704 _____ () C:\Windows\PLFSetI.exe
2014-09-20 02:51 - 2014-09-20 02:51 - 01964552 _____ () C:\Program Files\ACD Systems\ACDSee\18.0\ACDSeeCommander18.exe
2015-06-17 21:18 - 2015-06-17 21:18 - 09981888 _____ () D:\Garena Plus\GarenaMessenger.exe
2015-06-17 21:19 - 2015-06-17 21:19 - 00111552 _____ () D:\Garena Plus\CommonLib.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00040384 _____ () D:\Garena Plus\DibModule.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00034752 _____ () D:\Garena Plus\VersionModule.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00058304 _____ () D:\Garena Plus\FileLoader.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00094144 _____ () D:\Garena Plus\PluginKernel.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00494016 _____ () D:\Garena Plus\CxImage.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00032192 _____ () D:\Garena Plus\PluginModule.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00177600 _____ () D:\Garena Plus\lib\fs\YYFileSystem.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00380864 _____ () D:\Garena Plus\lib\Http.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00191424 _____ () D:\Garena Plus\lib\MP3Module.dll
2012-02-22 15:52 - 2012-02-22 15:52 - 00162304 _____ () D:\Garena Plus\lame_enc.DLL
2015-06-17 21:20 - 2015-06-17 21:20 - 00226752 _____ () D:\Garena Plus\lib\TaskManagerLib.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00113088 _____ () D:\Garena Plus\lib\UILayout.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00965056 _____ () D:\Garena Plus\lib\XLL.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00061888 _____ () D:\Garena Plus\lib\XmlUIModule.dll
2012-02-22 15:52 - 2012-02-22 15:52 - 00573100 _____ () D:\Garena Plus\sqlite3.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00231360 _____ () D:\Garena Plus\Plugins\StatsPlugin.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 01250752 _____ () D:\Garena Plus\Plugins\ggplugin.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00199616 _____ () D:\Garena Plus\ImageModule.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00162240 _____ () D:\Garena Plus\libmpg123.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 02948032 _____ () D:\Garena Plus\ggdownloader.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00072640 _____ () D:\Garena Plus\lib\delay_load\AudioMixerLib.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00023488 _____ () D:\Garena Plus\lib\delay_load\ClientTcp.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 01552320 _____ () D:\Garena Plus\lib\delay_load\FileSender.dll
2013-02-01 12:42 - 2013-02-01 12:42 - 00153088 _____ () D:\Garena Plus\libzmq.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00963008 _____ () D:\Garena Plus\lib\delay_load\GaFileTransfer.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00251840 _____ () D:\Garena Plus\lib\delay_load\MediaEngine.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00033216 _____ () D:\Garena Plus\ServerMemAlloc.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00523712 _____ () D:\Garena Plus\lib\delay_load\RSALib.dll
2015-06-17 21:20 - 2015-06-17 21:20 - 00075200 _____ () D:\Garena Plus\lib\delay_load\UdtLib.dll
2014-09-10 04:27 - 2014-09-10 04:27 - 00036024 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2014-09-10 04:27 - 2014-09-10 04:27 - 00608440 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-09-10 04:25 - 2014-09-10 04:25 - 00046080 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.dll
2015-04-09 14:30 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2015-04-09 14:30 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2015-04-09 14:30 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-06-23 15:02 - 2015-06-20 12:46 - 01281864 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-23 15:02 - 2015-06-20 12:46 - 00080712 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-06-23 15:02 - 2015-06-20 12:46 - 15003976 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll
2015-06-30 11:41 - 2015-06-30 11:41 - 00043008 _____ () c:\users\acer\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5rmk_b.dll
2015-03-05 04:45 - 2015-03-19 14:15 - 00750080 _____ () C:\Users\ACER\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-05 04:45 - 2015-03-19 14:15 - 00047616 _____ () C:\Users\ACER\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-05 04:45 - 2015-03-19 14:15 - 00865280 _____ () C:\Users\ACER\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-05 04:45 - 2015-03-19 14:15 - 00200704 _____ () C:\Users\ACER\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-05 04:45 - 2015-03-19 14:15 - 00010240 _____ () C:\Users\ACER\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-05 04:45 - 2015-03-19 14:15 - 00726016 _____ () C:\Users\ACER\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-05 04:45 - 2015-03-19 14:15 - 00010240 _____ () C:\Users\ACER\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\TEMP:BC359956
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-137345057-628329502-1556354402-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PrivateTunnel.lnk => C:\Windows\pss\PrivateTunnel.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: GarenaPlus => "C:\Program Files\Garena Plus\GarenaMessenger.exe" -autolaunch
MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
MSCONFIG\startupreg: MobileBroadband => C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: ShowBatteryBar => "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4AD307B1-61DE-4C53-9B49-72E07661AB08}] => (Allow) C:\Program Files\SPSSInc\Statistics17\statistics.exe
FirewallRules: [{AB5A4400-BF9C-4657-AD2A-0F13AA0BD805}] => (Allow) C:\Program Files\SPSSInc\Statistics17\SPSSWinWrapIDE.exe
FirewallRules: [{4C9ABF03-1A4D-404E-AAAE-1C6A3C6FCA7D}] => (Allow) C:\Program Files\SPSSInc\Statistics17\statistics.com
FirewallRules: [{4CE4D118-093F-49EA-B8EE-D9E1664DF7CB}] => (Allow) C:\Program Files\SPSSInc\Statistics17\statistics.exe
FirewallRules: [{2720B406-74D1-42AE-9365-9D4F487240B0}] => (Allow) C:\Program Files\SPSSInc\Statistics17\SPSSWinWrapIDE.exe
FirewallRules: [{16CBADA1-52B7-465A-8A16-5D69D3DE8C24}] => (Allow) C:\Program Files\SPSSInc\Statistics17\statistics.com
FirewallRules: [{234DBB76-E91E-4F81-B794-DB036489D7F9}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B555A46D-6BD3-4D7E-8888-43C5E22BC97E}] => (Allow) LPort=8370
FirewallRules: [{FF6B75ED-BE86-4300-885D-FE4518935F81}] => (Allow) LPort=8370
FirewallRules: [{1A9D9CBB-968E-4279-8B2D-A3BF8AF7D1A8}] => (Allow) LPort=6949
FirewallRules: [{6B86A66F-7EBA-4D50-9E35-1873019B74E6}] => (Allow) LPort=6949
FirewallRules: [{62207388-97ED-43C1-96B7-E287F4D6C1E7}] => (Allow) C:\Users\ACER\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5C20A8ED-8561-478B-9B89-8199E4ECF600}] => (Allow) C:\Users\ACER\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0FAB1AEA-D685-42D1-AB97-87AB0F977058}] => (Allow) C:\Windows\System32\innogmp.exe
FirewallRules: [{C2905966-CA9F-47D3-8395-8A5C809A1DC5}] => (Allow) C:\Windows\System32\innogmp.exe
FirewallRules: [{A0979A2F-9D60-4287-BE60-98DAE7A12D3F}] => (Allow) C:\Windows\System32\innosvcd.exe
FirewallRules: [{8C702C9A-CC86-43B5-B785-4C42BA749E59}] => (Allow) C:\Windows\System32\innosvcd.exe
FirewallRules: [TCP Query User{CCF86A0A-32FE-462B-9517-5B5566CCADD2}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{56D844D6-6660-414B-979E-6EAB8F8A22EA}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [{3E104455-1BD1-440E-B322-4A00420C9A41}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{87970848-2F13-49EE-8C27-E8E65BC5D07D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{968DF5E8-C033-4A4F-9C4A-D54FFFCD9F90}D:\game\download\win32\32\paycoin.exe] => (Allow) D:\game\download\win32\32\paycoin.exe
FirewallRules: [UDP Query User{612C984C-38C8-4CA7-BF42-812484A51CF3}D:\game\download\win32\32\paycoin.exe] => (Allow) D:\game\download\win32\32\paycoin.exe
FirewallRules: [TCP Query User{4CE70DF1-365C-424E-B3D7-C007F404A0DC}D:\program files\paycoin\paycoin.exe] => (Allow) D:\program files\paycoin\paycoin.exe
FirewallRules: [UDP Query User{2595C488-0D5B-4717-9A92-44EDA9643AB1}D:\program files\paycoin\paycoin.exe] => (Allow) D:\program files\paycoin\paycoin.exe
FirewallRules: [{D487BE74-3CF7-43B9-9876-BA706E3E3849}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{E08B1569-3265-4A41-A066-5E4B973818BA}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [TCP Query User{D72DD692-77AF-43CA-8B7C-72A78CD2BE52}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{9A8E43CA-F8E6-4826-9A3E-E507B5A97762}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [{CC91525F-6E1F-4979-A468-FB6F2DEF86AF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B274C377-D69A-4181-B919-B7A903E21788}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F70A66FC-9067-4FFD-8A47-FCF6EC9EDB90}C:\program files\nvidia corporation\grid workspace\grid workspace.exe] => (Allow) C:\program files\nvidia corporation\grid workspace\grid workspace.exe
FirewallRules: [UDP Query User{4646B18F-9F57-4FE4-AF3D-774C54B70F86}C:\program files\nvidia corporation\grid workspace\grid workspace.exe] => (Allow) C:\program files\nvidia corporation\grid workspace\grid workspace.exe
FirewallRules: [TCP Query User{DF9EA34B-044D-40B7-BD19-A4AA417B2D4F}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{652C831E-00F4-4B67-921B-3C3F2B72A122}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe
FirewallRules: [TCP Query User{59FD93F3-9389-44AA-9301-821C560AA094}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2E178709-0984-4F55-A44B-5E8B0417CD56}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{8E84E3CA-CEDA-4026-B0AF-F42545980E53}] => (Allow) D:\Program Files\QEON Play Launcher\QPlay.exe
FirewallRules: [{E5621807-E9A1-4F8F-9F90-874A679830E0}] => (Allow) D:\Program Files\QEON Play Launcher\QPlay.exe
FirewallRules: [{6BD0E145-C504-4747-B5CC-5D84080606C5}] => (Allow) D:\Program Files\QEON Play Launcher\QPlay.exe
FirewallRules: [{1206332F-1778-4D74-A5D5-CFA67D6111D2}] => (Allow) D:\Program Files\QEON Play Launcher\QPlay.exe
FirewallRules: [{FB4AD8B0-4B01-4681-B166-7FC5572F2C20}] => (Allow) C:\Program Files\ASUS\PC Link\pclinkservice.exe
FirewallRules: [{DE3F446A-13BE-481A-B9E8-233264DBBF6E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{0E00FA52-9594-4C15-8682-487CABF3AE89}] => (Allow) D:\Gemscool\blacksquad\binaries\win32\BlackSquadGame.exe
FirewallRules: [{E51188C4-4909-4C47-8E4D-9CA70DF789F9}] => (Allow) D:\Gemscool\blacksquad\binaries\win32\BlackSquadGame.exe
FirewallRules: [{80FF4E5A-BD3D-47A7-9A21-C32B3358FB35}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{DC833659-FA3A-4601-ACCD-8269CF55CEA4}] => (Allow) D:\pbidInstaller.exe
FirewallRules: [{3FAFB311-F009-4A42-9457-5DD28F4D0EFC}] => (Allow) D:\pbidInstaller.exe
FirewallRules: [{44C57E81-9310-4479-9445-39CADB7740B7}] => (Allow) D:\Program Files\GarenaPBID\gamedata\Apps\PBID\PointBlank.exe
FirewallRules: [{568066A1-371B-4821-A07B-31C57A7E4A5F}] => (Allow) D:\Program Files\GarenaPBID\gamedata\Apps\PBID\PointBlank.exe
FirewallRules: [{C06F5B60-8D48-43C9-8A48-DA615F387FF8}] => (Allow) D:\Garena Plus\ggdllhost.exe
==================== Faulty Device Manager Devices =============
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (06/30/2015 11:29:19 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
Error: (06/30/2015 10:24:33 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
Error: (06/29/2015 07:06:22 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
Error: (06/29/2015 01:14:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15787
Error: (06/29/2015 01:14:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15787
Error: (06/29/2015 01:14:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/28/2015 03:29:45 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
Error: (06/28/2015 03:17:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7600.16450, time stamp: 0x4aeba271
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x6d0
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Error: (06/28/2015 03:15:09 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
Error: (06/27/2015 00:52:03 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
System errors:
=============
Error: (06/30/2015 11:29:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Mobizen plugin service failed to start due to the following error:
%%2
Error: (06/30/2015 11:29:20 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Avira Web Protection service depends on the Avira Real-Time Protection service which failed to start because of the following error:
%%2
Error: (06/30/2015 11:29:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avira Real-Time Protection service failed to start due to the following error:
%%2
Error: (06/30/2015 11:29:00 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:28:04 AM on 6/30/2015 was unexpected.
Error: (06/30/2015 11:22:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Innosvcd service terminated unexpectedly. It has done this 1 time(s).
Error: (06/30/2015 11:22:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Cyberlink RichVideo Service(CRVS) service terminated unexpectedly. It has done this 1 time(s).
Error: (06/30/2015 11:14:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (06/30/2015 10:53:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TeamViewer 10 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.
Error: (06/30/2015 10:52:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
Error: (06/30/2015 10:52:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TeamViewer 10 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.
Microsoft Office:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-12-22 20:03:05.486
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-12-22 19:58:20.196
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-12-22 19:52:59.133
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-12-22 19:34:39.209
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-12-22 19:03:30.790
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Pentium® Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 85%
Total physical RAM: 1976.93 MB
Available physical RAM: 290.58 MB
Total Pagefile: 7708.75 MB
Available Pagefile: 5482.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1885.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:50.78 GB) (Free:2.81 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:247.3 GB) (Free:96.96 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: F6C7F6C7)
Partition 1: (Active) - (Size=50.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.3 GB) - (Type=OF Extended)
==================== End of log ============================
Thank you so much !
Edited by lonelygrimm, 29 June 2015 - 11:08 PM.