Thanks for the fast reply.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Sam (administrator) on SAM-HP on 08-07-2015 17:21:15
Running from C:\Users\Sam\Desktop
Loaded Profiles: Sam (Available Profiles: Sam)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-01-06] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Yahoo Messenger] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-04-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-02-16] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-08] (Avast Software s.r.o.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-875823854-1062623708-1804306717-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-875823854-1062623708-1804306717-1002\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-875823854-1062623708-1804306717-1002\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-875823854-1062623708-1804306717-1002\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-875823854-1062623708-1804306717-1002\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-875823854-1062623708-1804306717-1002\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-875823854-1062623708-1804306717-1002\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-875823854-1062623708-1804306717-1002\...\MountPoints2: {d47d6c32-ef7d-11e2-84c1-2c41385d6dad} - G:\LaunchU3.exe -a
HKU\S-1-5-18\...\Run: [Copy] => C:\Users\Sam\AppData\Roaming\Copy\CopyAgent.exe [15414816 2015-04-07] (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-08] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [1aCopyShExtError] -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => C:\Users\Sam\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-06-02] (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [2aCopyShExtSynced] -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => C:\Users\Sam\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-06-02] (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [3aCopyShExtSyncing] -> {F6378A7A-F753-449B-AE1B-997A96132E61} => C:\Users\Sam\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-06-02] (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [4aCopyShExtSyncingProg1] -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => C:\Users\Sam\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-06-02] (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [5aCopyShExtSyncingProg2] -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => C:\Users\Sam\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-06-02] (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [6aCopyShExtSyncingProg3] -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => C:\Users\Sam\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-06-02] (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [7aCopyShExtSyncingProg4] -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => C:\Users\Sam\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-06-02] (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [8aCopyShExtSyncingProg5] -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => C:\Users\Sam\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-06-02] (Barracuda Networks, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://securityrespo...r/fix_homepage/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://securityrespo...r/fix_homepage/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/
HKU\S-1-5-21-875823854-1062623708-1804306717-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/2
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=HPNTDF
SearchScopes: HKLM -> {7E2E1EC1-FB5C-45D9-A1FE-91E0FEA415F3} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yah...psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {7E2E1EC1-FB5C-45D9-A1FE-91E0FEA415F3} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yah...psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKU\S-1-5-21-875823854-1062623708-1804306717-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-875823854-1062623708-1804306717-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-875823854-1062623708-1804306717-1002 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL =
SearchScopes: HKU\S-1-5-21-875823854-1062623708-1804306717-1002 -> {7E2E1EC1-FB5C-45D9-A1FE-91E0FEA415F3} URL =
SearchScopes: HKU\S-1-5-21-875823854-1062623708-1804306717-1002 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL =
SearchScopes: HKU\S-1-5-21-875823854-1062623708-1804306717-1002 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-875823854-1062623708-1804306717-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Expat Shield Class -> {3706EE7C-3CAD-445D-8A43-03EBC3B75908} -> C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll No File
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-08] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: No Name -> {53707962-6F74-2D53-2644-206D7942484F} -> No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-15] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-08] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-15] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
DPF: HKLM-x32 {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} http://zone.msn.com/...on.cab64162.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-02] (EasyBits Software Corp.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{72C28FC5-FDC2-4659-8838-11C5C3784931}: [DhcpNameServer] 195.175.39.40 195.175.39.39
Tcpip\..\Interfaces\{A02B5C7F-027E-4BDA-9E5D-2F23502154FE}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{A98478EB-20F4-46C4-95DB-9C99B93760A9}: [NameServer] 195.46.39.39,195.46.39.40
Tcpip\..\Interfaces\{A98478EB-20F4-46C4-95DB-9C99B93760A9}: [DhcpNameServer] 192.168.43.1
FireFox:
========
FF ProfilePath: C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\9xg61g5e.default
FF SearchEngineOrder.1: Mixi.DJ Search
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-07-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-07-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-31] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll [2012-05-14] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-875823854-1062623708-1804306717-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF user.js: detected! => C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\9xg61g5e.default\user.js [2015-06-02]
FF SearchPlugin: C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\9xg61g5e.default\searchplugins\mixidj.xml [2013-09-02]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-05-31]
FF Extension: British English Dictionary - C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\9xg61g5e.default\Extensions\[email protected] [2012-01-31]
FF Extension: DivX Web Player - C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\9xg61g5e.default\Extensions\[email protected] [2012-06-29]
FF Extension: Adblock Plus - C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\9xg61g5e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-04]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-06-02]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-02]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-08]
Chrome:
=======
CHR Profile: C:\Users\Sam\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Google Docs) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-18]
CHR Extension: (Google Drive) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-18]
CHR Extension: (YouTube) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-18]
CHR Extension: (Adblock Plus) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-08]
CHR Extension: (Google Search) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-31]
CHR Extension: (Skype Click to Call) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-10]
CHR Extension: (Google Wallet) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-18]
CHR Extension: (Gmail) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-18]
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Sam\AppData\Local\Temp\ccex.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-04-02] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-08] (Avast Software s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2015-01-01] (Macrovision Europe Ltd.) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-12-25] (Realsil Microelectronics Inc.) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-08] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-08] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-08] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-08] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-08] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-08] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-24] (DT Soft Ltd)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [X]
U0 sr; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-08 17:21 - 2015-07-08 17:21 - 00025255 _____ C:\Users\Sam\Desktop\FRST.txt
2015-07-08 17:20 - 2015-07-08 17:21 - 00000000 ____D C:\FRST
2015-07-08 17:20 - 2015-07-08 17:20 - 02112512 _____ (Farbar) C:\Users\Sam\Desktop\FRST64.exe
2015-07-08 17:20 - 2015-07-08 17:20 - 01636352 _____ (Farbar) C:\Users\Sam\Desktop\FRST.exe
2015-07-08 16:23 - 2015-07-08 16:23 - 01415680 _____ (wj32) C:\Program Files\2SLE4X9E.exe
2015-07-08 16:01 - 2015-07-08 16:55 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-08 16:01 - 2015-07-08 16:01 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-08 16:00 - 2015-07-08 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-08 16:00 - 2015-07-08 16:00 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Sam\Desktop\mbam-setup-2.1.8.1057.exe
2015-07-08 16:00 - 2015-07-08 16:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-08 16:00 - 2015-07-08 16:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-08 16:00 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-08 16:00 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-08 16:00 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-08 15:58 - 2015-07-08 15:58 - 00000000 ____D C:\Users\Sam\AppData\Roaming\AVAST Software
2015-07-08 15:57 - 2015-07-08 15:57 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-08 15:57 - 2015-07-08 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-08 15:57 - 2015-07-08 15:51 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-07-08 15:51 - 2015-07-08 15:58 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-08 15:51 - 2015-07-08 15:57 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-07-08 15:51 - 2015-07-08 15:51 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-08 15:51 - 2015-07-08 15:51 - 00272248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-07-08 15:51 - 2015-07-08 15:51 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-07-08 15:51 - 2015-07-08 15:51 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-08 15:51 - 2015-07-08 15:51 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-08 15:51 - 2015-07-08 15:51 - 00065736 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-08 15:51 - 2015-07-08 15:51 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-07-08 15:51 - 2015-07-08 15:51 - 00029168 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-07-08 15:49 - 2015-07-08 15:49 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-08 15:48 - 2015-07-08 15:48 - 05481336 _____ (Avast Software s.r.o.) C:\Users\Sam\Desktop\avast_free_antivirus_setup_online_cnet.exe
2015-07-08 15:41 - 2015-07-08 15:41 - 00000000 ____D C:\Users\Sam\AppData\Local\Avg2015
2015-07-06 22:33 - 2015-07-07 21:38 - 00000324 _____ C:\Windows\Tasks\HPCeeScheduleForSam.job
2015-07-06 22:33 - 2015-07-06 22:33 - 00003174 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSam
2015-07-06 00:37 - 2015-07-06 00:42 - 176214804 _____ C:\Users\Sam\Downloads\www.tfpdl.com-PD201480p.mkv
2015-06-30 14:22 - 2015-06-30 14:22 - 00003156 _____ C:\Windows\System32\Tasks\{3C67F5A7-1B8F-4DAE-B528-18C73FC6A1FE}
2015-06-28 21:10 - 2015-05-30 22:34 - 04928968 _____ (AVG Technologies) C:\Users\Sam\Desktop\avg_free_stb_all_5961p1_177.exe
2015-06-22 19:36 - 2015-07-06 20:35 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2015-06-09 13:55 - 2015-06-09 13:55 - 00000000 ____D C:\Users\Sam\Downloads\Penny.Dreadful.S02E01.720p.HDTV.x264-IMMERSE [GloDLS]
2015-06-09 13:48 - 2015-06-09 13:48 - 00000000 ____D C:\Users\Sam\Downloads\Avengers Age of Ultron 2015 NEW SOURCE 720p HDTS XVID MP3 TiTAN
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-08 17:21 - 2009-07-14 08:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-08 17:19 - 2014-04-07 14:53 - 01320996 _____ C:\Windows\WindowsUpdate.log
2015-07-08 17:15 - 2014-10-10 19:59 - 00000000 ____D C:\Users\Sam\AppData\Roaming\Copy
2015-07-08 17:15 - 2014-08-07 21:37 - 00036786 _____ C:\Windows\setupact.log
2015-07-08 17:15 - 2014-04-08 22:07 - 01233640 _____ C:\Windows\PFRO.log
2015-07-08 17:15 - 2013-09-18 21:05 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-08 17:15 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-08 17:14 - 2011-12-15 00:28 - 00000000 ____D C:\Program Files (x86)\uTorrentBar
2015-07-08 16:47 - 2014-12-14 17:06 - 00000000 ____D C:\Users\Sam\Desktop\translate
2015-07-08 16:37 - 2013-09-18 21:05 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-08 16:31 - 2009-07-14 07:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-08 16:31 - 2009-07-14 07:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-08 16:24 - 2012-04-17 09:38 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-08 15:48 - 2015-02-14 23:20 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-08 15:43 - 2011-12-03 14:30 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C5157F46-5DE1-4421-9423-14CF1C7CA347}
2015-07-08 15:42 - 2015-05-30 22:34 - 00000000 ____D C:\ProgramData\MFAData
2015-07-08 15:40 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-08 13:57 - 2011-12-12 21:38 - 00000920 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-875823854-1062623708-1804306717-1002UA.job
2015-07-08 11:59 - 2013-12-30 14:17 - 00000000 ____D C:\Users\Sam\Documents\Calibre Library
2015-07-08 11:57 - 2014-06-16 11:25 - 00000000 ____D C:\Users\Sam\AppData\Local\Adobe
2015-07-06 22:33 - 2011-12-03 14:24 - 00000000 ____D C:\Users\Sam
2015-07-06 11:45 - 2015-01-22 20:55 - 00000000 ____D C:\Users\Sam\Desktop\Yagmur
2015-07-06 00:41 - 2011-12-15 00:27 - 00000000 ____D C:\Users\Sam\AppData\Roaming\uTorrent
2015-07-05 13:24 - 2012-04-17 09:38 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-05 13:24 - 2012-04-17 09:38 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-05 13:24 - 2011-12-03 14:49 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-03 17:12 - 2011-12-12 21:38 - 00000898 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-875823854-1062623708-1804306717-1002Core.job
2015-06-28 21:17 - 2012-01-08 12:38 - 00000000 ____D C:\Users\Sam\AppData\Local\CrashDumps
2015-06-28 17:11 - 2011-12-05 02:45 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-06-27 17:24 - 2015-06-02 10:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-06-26 20:41 - 2013-09-18 21:08 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-14 19:49 - 2012-11-20 15:07 - 00000000 ____D C:\Users\Sam\Documents\My Kindle Content
2015-06-09 12:29 - 2014-10-10 20:30 - 00000000 ___RD C:\Users\Sam\Copy
==================== Files in the root of some directories =======
2015-07-08 16:23 - 2015-07-08 16:23 - 1415680 _____ (wj32) C:\Program Files\2SLE4X9E.exe
2012-12-11 12:04 - 2015-05-24 14:18 - 0009216 _____ () C:\Users\Sam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-16 20:26 - 2013-08-16 20:26 - 0000011 _____ () C:\ProgramData\.tv7
Some files in TEMP:
====================
C:\Users\Sam\AppData\Local\Temp\cdo1794648652.dll
C:\Users\Sam\AppData\Local\Temp\cdo2869434488.dll
C:\Users\Sam\AppData\Local\Temp\cdo4226283158.dll
C:\Users\Sam\AppData\Local\Temp\cdo460177648.dll
C:\Users\Sam\AppData\Local\Temp\UNINSTALL.EXE
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-03 15:45
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Sam at 2015-07-08 17:22:19
Running from C:\Users\Sam\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-875823854-1062623708-1804306717-500 - Administrator - Disabled)
Guest (S-1-5-21-875823854-1062623708-1804306717-501 - Limited - Disabled)
Sam (S-1-5-21-875823854-1062623708-1804306717-1002 - Administrator - Enabled) => C:\Users\Sam
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-875823854-1062623708-1804306717-1002\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
Amazon Kindle (HKU\S-1-5-21-875823854-1062623708-1804306717-1002\...\Amazon Kindle) (Version: - Amazon)
AMD System Monitor (HKLM-x32\...\{C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}) (Version: 1.0.5 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{942836D4-5395-652B-F1E8-A7C5B039910C}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.140 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.68.1077 - AB Team, d.o.o.)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
calibre (HKLM-x32\...\{D0AA226A-712B-4119-9B28-ABEDD936720F}) (Version: 1.26.0 - Kovid Goyal)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Copy (HKLM\...\{580C53DC-DBA8-457B-8766-34C60F754BBD}) (Version: 3.2.1.481 - Barracuda Networks, Inc.)
CopyTrans Suite Remove Only (HKU\S-1-5-21-875823854-1062623708-1804306717-1002\...\CopyTrans Suite) (Version: 2.32 - WindSolutions)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3922 - CyberLink Corp.)
CYL Flyers (HKLM-x32\...\CYL Flyers 1.0) (Version: 1.0 - Oxford University Press)
CYL Movers (HKLM-x32\...\CYL Movers 1.0) (Version: 1.0 - Oxford University Press)
CYL Starters (HKLM-x32\...\CYL Starters 1.0) (Version: 1.0 - Oxford University Press)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{DFB497E0-CE3F-40FC-9596-FC7A48775DE4}) (Version: 4.1.16.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{795AADBF-58C2-42D0-B779-E730702A247E}) (Version: 4.0.45.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{C1C43BC8-2460-4E01-9628-332E04523BDC}) (Version: 1.2.0.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{1DFA0C99-6E2E-46F4-B242-51C7CF41DDE5}) (Version: 4.5.12.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
IBM SPSS Statistics 20 (HKLM-x32\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 - IDT)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 10.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version: - )
Mozilla Firefox 38.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-GB)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.6.8 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.6.8.7417 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-875823854-1062623708-1804306717-1002\...\MyFreeCodec) (Version: - )
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Primary i-Dictionary Classroom version (HKLM-x32\...\Primary i-Dictionary Classroom version_is1) (Version: - )
Product Library (HKLM\...\Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15045.4 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15045.4 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
Speakout Elementary ActiveTeach (HKLM-x32\...\9781408216477-SPKOUTEAT) (Version: - Pearson Education)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
uTorrentBar Toolbar (HKLM-x32\...\uTorrentBar Toolbar) (Version: 6.8.2.0 - uTorrentBar) <==== ATTENTION
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.10 beta 5 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.5 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 05:34 - 2012-11-20 13:00 - 00444833 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00E0516D-EB49-4B7E-9AC0-2259F2C58F44} - System32\Tasks\{73F516C3-D005-48C7-A48E-F6E04AC5A2D4} => C:\Program Files (x86)\Championship Manager 01-02\Editor\cm0102ed.exe
Task: {03E446DE-99AB-444F-8E9B-25249342F378} - System32\Tasks\DefaultReg => c:\Users\All Users\dtdata\R001.exe <==== ATTENTION
Task: {12BC7E6D-DCC6-4A58-BACF-2125BD5682DA} - System32\Tasks\{AC0C487A-CE76-4ADF-9FB9-8D785797FA43} => C:\Users\Sam\Desktop\CM\cm0102.exe
Task: {141B5A82-2AC5-480B-9E69-B622A358BC3C} - System32\Tasks\{FE3C5CBE-D85A-4A3F-BCA3-77B9AA865F81} => C:\Program Files (x86)\Football Manager 2013\fm.exe
Task: {14EC6C14-EE55-4B0E-B482-05EFD6047607} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard)
Task: {2818FBF3-190B-477D-91CE-36F692160154} - System32\Tasks\avastBCLRestartS-1-5-21-875823854-1062623708-1804306717-1002 => Firefox.exe
Task: {2C8DC1CA-1177-4DFE-B755-079D3D712B57} - System32\Tasks\{E1FDB907-F994-4A5B-96A8-175470A30902} => C:\Users\Sam\Desktop\CM\cm0102.exe
Task: {3A639165-EC8A-4384-AFDE-41C4AC166470} - System32\Tasks\{C3097AAC-D8C3-49A9-B821-5790BF260BEF} => C:\Program Files (x86)\Football Manager 2013\fm.exe
Task: {3E23848E-2221-4D1D-8236-62E8B4A17658} - System32\Tasks\{52C287F6-E843-4467-8B46-93612CBA6B09} => C:\Program Files (x86)\Championship Manager 01-02\cm0102.exe
Task: {4144E95B-A4BB-4BB9-830B-3CB5B0300D59} - System32\Tasks\{ED805481-089D-4ACF-8B7B-7F413168AA2E} => pcalua.exe -a F:\Installer.EXE -d F:\
Task: {49114096-7645-4483-AE02-86C49DD59ABD} - System32\Tasks\DefaultCheck => c:\Users\All Users\dtdata\R002.exe <==== ATTENTION
Task: {57365CD3-1E7A-4017-AFC4-4EE77884B9F9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-08] (Avast Software s.r.o.)
Task: {5C3627FB-5D70-4E2B-8EDB-0A1C22FB5810} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-875823854-1062623708-1804306717-1002UA => C:\Users\Sam\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {5DCF5ECC-1E85-4A9E-A5DD-B0F5239DDFAC} - System32\Tasks\{39DEE2C6-3958-4C66-9D53-898C6BC11D46} => Firefox.exe http://ui.skype.com/...?LastError=1603
Task: {5F32E2AE-6CCD-42F0-AF51-A4AD050212F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-18] (Google Inc.)
Task: {6C417A64-C2D9-40F6-9AB1-EDB42D38859F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-18] (Google Inc.)
Task: {6C5C265F-6F8F-4E88-A5D9-B67CE756B5A6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-875823854-1062623708-1804306717-1002Core => C:\Users\Sam\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {825E4A4C-2B6D-4A81-82AE-1E02CAD8BCA6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-05] (Adobe Systems Incorporated)
Task: {83935009-025E-4E27-BDF5-4BBC6EC67277} - System32\Tasks\{46E33CE3-E013-4F15-A140-D4B8EF4FB64C} => C:\Users\Sam\Desktop\Crack\cm0102.exe
Task: {8866DC9F-C0F5-4B96-8E1D-A2E359A60337} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2014-01-14] (Hewlett-Packard)
Task: {88AECCEE-03EF-40AE-88CC-A3A36820DA8B} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-22] (CyberLink)
Task: {8F579F83-B2A7-4280-8EB2-C0A4F73B1833} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2014-01-14] (Hewlett-Packard)
Task: {A9013897-C485-4A51-A895-5EAD8E55E6A1} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] ()
Task: {A9CB2BBA-7014-45B7-818C-D5FE88449B7F} - System32\Tasks\{20E1B135-D36E-4999-BC85-8DBA789FF5BC} => C:\Program Files (x86)\Football Manager 2013\fm.exe
Task: {AAC71206-B72C-4C0B-9106-5F7D5C97DD1F} - System32\Tasks\HPCeeScheduleForSam => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {BBDF443C-0876-4429-9C12-A52FD1868429} - System32\Tasks\{E47FE976-139E-41CD-92D6-8B4FC7F5ACC1} => Firefox.exe http://www.skype.com...LastError=12002
Task: {BC65B8DE-C098-4BEF-B6E1-DA04494AA757} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CC13A64C-CE73-49F3-891F-D2D0916D741C} - System32\Tasks\{24A75256-B39F-4258-93EC-20C1130BAFF4} => C:\Program Files (x86)\Championship Manager 01-02\Editor\cm0102ed.exe
Task: {D51BE219-3616-4B6E-98E2-5F203944F075} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard)
Task: {DA68A79E-793F-4651-9424-500958751E38} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-06-17] (Microsoft)
Task: {DDEC5542-1980-45E9-90FE-2AF0EA26A5F8} - System32\Tasks\{3C67F5A7-1B8F-4DAE-B528-18C73FC6A1FE} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe" -c /AppMode=SETUP /Uninstall /UDS=1
Task: {E4861DDC-EB9B-4A4E-8EA9-D54D18355F81} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert <==== ATTENTION
Task: {E5767786-E53C-486C-ADA1-45E00032FDBA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {EC15CA03-F31A-42BC-968C-AEAF76C9C454} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {ECA46AD7-CC80-4A4B-AB53-5C1EAAC439A3} - System32\Tasks\AdobeAAMUpdater-1.0-Sam-HP-Sam => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {F0810B1E-081E-45B3-8EE5-B52CD89EFDF7} - System32\Tasks\{AFF1D259-BF9C-4ACC-992A-D6E41794A08B} => C:\Program Files (x86)\Football Manager 2013\fm.exe
Task: {F53538D0-B204-4A68-B7CE-83694A6CDF8E} - System32\Tasks\{5A64CC0A-6FD5-4ED5-ACBA-B130399BAF8B} => C:\Program Files (x86)\Football Manager 2013\fm.exe
Task: {FE93C357-D568-414C-AAF2-D27D230E0BE8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-875823854-1062623708-1804306717-1002Core.job => C:\Users\Sam\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-875823854-1062623708-1804306717-1002UA.job => C:\Users\Sam\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSam.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (Whitelisted) ==============
2012-01-03 16:21 - 2012-01-03 15:16 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2011-04-02 09:06 - 2011-04-02 09:06 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2011-04-02 09:06 - 2011-04-02 09:06 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-03-04 22:25 - 2011-03-04 22:25 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-02 08:57 - 2011-04-02 08:57 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-06-24 12:21 - 2010-06-24 12:21 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2015-07-08 15:51 - 2015-07-08 15:51 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-08 15:51 - 2015-07-08 15:51 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-08 15:51 - 2015-07-08 15:51 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070800\algo.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-08 15:51 - 2015-07-08 15:51 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-06-24 12:19 - 2010-06-24 12:19 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7774 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-875823854-1062623708-1804306717-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 172.20.10.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Sam\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{12EED37E-07F6-4245-AC48-0D393F1CD131}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4819A42A-DE98-483C-BBB3-F3F9C44BEC3A}] => (Allow) LPort=2869
FirewallRules: [{3F4E8C9E-4234-48C7-BB90-9D0F7FC0AFC7}] => (Allow) LPort=1900
FirewallRules: [{56F15EA8-5180-40DC-B4EA-AA542272B837}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{BEA90C6C-899D-43A7-BFC1-FCF5F511E309}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{8843DE93-4285-4F7D-A31B-71CD24F24BC0}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{9FCA2FE9-D39D-4764-9466-3D5390F538C6}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{D52C9054-8212-4E42-941A-4B0B8A04DA49}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AEBB6D16-F3C3-4F70-AF4E-7EC937BE8273}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6D531230-58AB-4797-81D8-F03094ACC383}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CDF4300E-1133-43C0-A5B7-C4989340344E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D18973DC-445A-45B3-8B44-662117D7CD21}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{156DCB6F-E60D-4E09-BF38-CA70781F0B39}C:\program files (x86)\calibre2\calibre.exe] => (Block) C:\program files (x86)\calibre2\calibre.exe
FirewallRules: [UDP Query User{3C9775A2-87C4-4357-9FA9-9724759E6CCE}C:\program files (x86)\calibre2\calibre.exe] => (Block) C:\program files (x86)\calibre2\calibre.exe
FirewallRules: [{C0799FED-7CF6-4D3F-81A1-2D76F1C7F2F6}] => (Allow) C:\Users\Sam\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{20F6A379-08F8-4528-8822-0A904AD0B3AD}] => (Allow) C:\Users\Sam\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0433A5C6-E308-4BD4-ACA8-6F5767263042}] => (Allow) C:\Users\Sam\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{6B7548BB-548B-4BDA-BC09-B9CE1909FF38}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{6497CEA8-087B-431F-AD86-60A16942DD0A}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\20\stats.exe
FirewallRules: [{A1385B4E-CF67-4985-93C0-5BA909A7FAE7}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\20\WinWrapIDE.exe
FirewallRules: [{22A456F3-20F7-4925-A5B6-D8FD83532E3E}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\20\stats.com
FirewallRules: [{CCC2E42D-87E6-4C2E-A629-AF7F55F7E046}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\20\stats.exe
FirewallRules: [{33DE8318-4998-46D6-8E38-547D7C9041A3}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\20\WinWrapIDE.exe
FirewallRules: [{BEB16A5D-4437-453C-88A2-F1D4122EAA66}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\20\stats.com
FirewallRules: [{1104DFD3-FB7F-4F9A-8F04-0AFDA32769A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4D12CFDD-5C7B-4AEB-899C-94CDD6279349}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F03B6BF9-F3B7-4697-8078-DF35E9397665}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{98B389B0-455B-48DB-8EAF-559DF559E49F}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{BD1F6EBA-7245-467E-A794-0F1AA07FEB55}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{25FEFEB0-3A99-4E97-82E0-2DA8F8D3496E}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{F7C9227A-2881-4891-A9B3-1432946F5A19}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [TCP Query User{1CA96C7B-7E4B-4B67-8D59-7E3DC8B74559}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{EEFFF777-A29A-401E-A107-A33526469E69}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{2CE2CBA9-CC4C-41A2-8D67-E08A5E04CE1C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{0CCF903C-56C7-4032-8E82-54CC1FE9B4FC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{4D97BC9C-9ACD-49E8-9F74-58EB9C154685}] => (Allow) C:\Users\Sam\AppData\Roaming\Copy\CopyAgent.exe
FirewallRules: [{573873FA-ED40-44AA-AA13-BC7D5DCB1815}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/08/2015 05:15:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/08/2015 04:52:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/08/2015 04:50:16 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC
Error: (07/08/2015 04:50:16 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC
Error: (07/08/2015 04:24:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/08/2015 03:44:14 PM) (Source: MsiInstaller) (EventID: 11321) (User: Sam-HP)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1321. SA_Error1321: StandardAction(0xC0070529): The Installer has insufficient privileges to modify this file: C:\Program Files (x86)\AVG\AVG2015\avgcrema.exe.
Error: (07/08/2015 03:38:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/08/2015 11:47:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2015 09:38:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/06/2015 05:36:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/08/2015 05:15:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SBSD Security Center Service service failed to start due to the following error:
%%2
Error: (07/08/2015 04:51:33 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (07/08/2015 04:51:33 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (07/08/2015 04:51:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error Code: 21
Error: (07/08/2015 04:51:26 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (07/08/2015 04:51:17 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (07/08/2015 04:51:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswRvrt
aswSnx
aswSP
aswVmm
discache
spldr
Wanarpv6
Error: (07/08/2015 04:35:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avast Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (07/08/2015 04:24:07 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error:
%%5
Error: (07/08/2015 04:24:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SBSD Security Center Service service failed to start due to the following error:
%%2
Microsoft Office:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-08-26 20:33:05.355
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-01 00:29:13.691
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-06-12 20:10:37.390
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-06-12 20:10:37.294
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-06-12 20:07:21.618
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-06-12 20:07:21.523
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-06-12 20:05:21.761
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-06-12 20:05:21.660
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-06-12 20:03:34.484
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-06-12 20:03:34.388
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD A6-3410MX APU with Radeon HD Graphics
Percentage of memory in use: 34%
Total physical RAM: 5609.91 MB
Available physical RAM: 3681.68 MB
Total Virtual: 11218 MB
Available Virtual: 9085.12 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:578.95 GB) (Free:76.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.93 GB) (Free:1.85 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 22901E26)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=578.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== End of log ============================