Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

cccleaner hangs computer at 24% + computer ultra slow [Closed]

Started by caterpillar , Jul 10 2015 11:45 PM

  • This topic is locked This topic is locked

#1
caterpillar
Posted 10 July 2015 - 11:45 PM

caterpillar

    New Member

  • Member
  • Pip
  • 4 posts

hi,

 

problem: computer ultra slow when starting, closing, all the time.

tried to desintall programs, clean the computer with cccleaner but since a week it just blocks the whole computer.

 

problably should reinstall windows but no time n energy and am hoping u will get me out of this.

 

thx alot

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-07-2015
Ran by caterpillar (administrator) on PUSSYWAGEN-PC on 11-07-2015 07:25:59
Running from C:\Users\caterpillar\Desktop
Loaded Profiles: caterpillar (Available Profiles: caterpillar & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(SFR & Celliance) C:\Program Files (x86)\SFR\Gestionnaire de Connexion 3G SFR\SFRABCdService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
() C:\Windows\vsnpstd3.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Windows7FirewallControl] => C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1057792 2010-04-09] (Sphinx Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1006640 2011-10-27] (Synaptics, Inc.)
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762224 2009-06-30] (Microsoft Corporation)
HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\Run: [Google Update] => C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-11-16] (Google Inc.)
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\MountPoints2: {ad78986b-48d4-11e3-9930-001e8c8f999c} - F:\LaunchU3.exe -a
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2011-10-31] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-4090824617-66598808-4203011637-1000 -> {0B64B024-4502-4BAB-A8DA-4EC202023E2B} URL = http://www.google.co...rchTerms}&meta=
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-18] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-18] (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{442648D2-4738-4085-B79D-F54F052F0193}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{70042E70-6A40-4DA5-967B-9EECB2FF8C1E}: [DhcpNameServer] 172.20.10.1
 
FireFox:
========
FF ProfilePath: C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_191.dll [2015-07-10] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_191.dll [2015-07-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-01-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-04-14] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4090824617-66598808-4203011637-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\caterpillar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-4090824617-66598808-4203011637-1000: @tools.google.com/Google Update;version=3 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-4090824617-66598808-4203011637-1000: @tools.google.com/Google Update;version=9 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-10-26] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\searchplugins\babelfish-translate-en--fr.xml [2011-10-14]
FF SearchPlugin: C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\searchplugins\duckduckgo.xml [2012-06-12]
FF SearchPlugin: C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\searchplugins\leo-deu-eng.xml [2011-10-20]
FF SearchPlugin: C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\searchplugins\leo-deu-fra.xml [2011-10-20]
FF Extension: German Dictionary - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\[email protected] [2011-11-14]
FF Extension: Ghostery - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\[email protected] [2012-07-05]
FF Extension: Dictionnaire français «Moderne» - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\[email protected] [2011-11-14]
FF Extension: LEOs Dictionaries - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\[email protected] [2011-10-13]
FF Extension: SearchIMDB - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\[email protected] [2011-11-03]
FF Extension: WikiLook - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\[email protected] [2011-10-14]
FF Extension: Nuke Anything Enhanced - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\{1ced4832-f06e-413f-aa14-9eb63ad40ace}.xpi [2012-01-21]
FF Extension: Adblock Plus - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-16]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-06-23]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync [2012-07-11]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
 
Chrome: 
=======
CHR Profile: C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Youtube Video Downloader) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajcdokmfhjckfhjdgjhdcjpmjgnihkad [2013-07-01]
CHR Extension: (YouTube) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Adblock Plus) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2011-11-24]
CHR Extension: (Google Search) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (The Great Suspender) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2014-02-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Skype Click to Call) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-20]
CHR Extension: (Ghostery) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2012-06-12]
CHR Extension: (Google Wallet) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-11-02]
CHR Extension: (Bitdefender QuickScan) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-12-21]
CHR Extension: (Gmail) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
StartMenuInternet: Google Chrome - C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [65536 2010-09-15] () [File not signed]
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
R2 ServiceSFRABCD; C:\Program Files (x86)\SFR\Gestionnaire de Connexion 3G SFR\SFRABCDService.exe [657536 2009-11-05] (SFR & Celliance)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [567808 2010-04-09] (Sphinx Software) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2015-07-10] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 hxctlflt; C:\Windows\System32\DRIVERS\hxctlflt.sys [111104 2009-02-09] (Guillemot Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527360 2007-09-10] (PixArt Imaging Inc.)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [60416 2008-07-22] (Realtek Semiconductor Corporation                           )
S3 smserial; C:\Windows\System32\DRIVERS\smserial.sys [1202688 2009-10-26] (Motorola Inc.)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.)
S2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-02-24] (Samsung Electronics)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-11 07:25 - 2015-07-11 07:27 - 00018839 _____ C:\Users\caterpillar\Desktop\FRST.txt
2015-07-11 07:24 - 2015-07-11 07:24 - 02112512 _____ (Farbar) C:\Users\caterpillar\Desktop\FRST64.exe
2015-07-11 07:21 - 2015-07-11 07:26 - 00000000 ____D C:\FRST
2015-07-10 14:15 - 2015-07-10 14:15 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-07-10 13:36 - 2015-07-11 06:41 - 00000224 _____ C:\Windows\setupact.log
2015-07-10 13:36 - 2015-07-10 13:36 - 00000000 _____ C:\Windows\setuperr.log
2015-07-08 12:46 - 2015-07-08 12:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2015-06-17 22:43 - 2015-06-17 22:46 - 00002900 _____ C:\Windows\system32\lic2.xml26045
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-11 07:27 - 2014-12-21 13:59 - 01631065 _____ C:\Windows\WindowsUpdate.log
2015-07-11 07:22 - 2009-07-14 06:45 - 00022224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-11 07:22 - 2009-07-14 06:45 - 00022224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-11 06:59 - 2013-02-16 14:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-11 06:40 - 2011-11-19 12:46 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA.job
2015-07-11 05:52 - 2011-11-01 12:41 - 00000950 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA.job
2015-07-11 05:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2015-07-10 22:59 - 2013-02-16 14:15 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-10 22:59 - 2012-04-07 11:48 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-10 22:59 - 2011-10-18 14:30 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-10 21:20 - 2012-03-27 17:49 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-07-10 21:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-10 14:52 - 2011-11-01 12:41 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core.job
2015-07-10 14:14 - 2012-03-29 21:10 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{398CCD1A-C1E8-44C4-B3FE-D7B7EE539EA3}
2015-07-10 13:18 - 2012-07-29 18:03 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2015-07-10 11:23 - 2011-10-16 15:21 - 00000000 ____D C:\Windows\Minidump
2015-07-10 09:27 - 2011-11-09 14:25 - 00000000 ____D C:\Program Files\CCleaner
2015-07-09 15:59 - 2011-11-09 15:07 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2015-07-09 11:46 - 2011-11-19 12:46 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core.job
2015-07-02 23:22 - 2012-09-11 13:10 - 00000000 ____D C:\HebRechw
2015-07-01 15:06 - 2011-10-27 16:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-23 12:40 - 2011-10-13 14:50 - 00000000 ____D C:\Users\caterpillar\AppData\Roaming\Skype
2015-06-17 23:29 - 2011-11-09 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
 
==================== Files in the root of some directories =======
 
2012-04-05 16:18 - 2012-04-05 16:18 - 0000600 _____ () C:\Users\caterpillar\AppData\Local\PUTTY.RND
2014-12-18 22:24 - 2015-02-20 12:16 - 0007602 _____ () C:\Users\caterpillar\AppData\Local\Resmon.ResmonCfg
2014-12-21 15:15 - 2014-12-21 15:15 - 0044134 _____ () C:\ProgramData\1419167682.bdinstall.bin
2014-12-21 16:11 - 2014-12-21 16:11 - 0215893 _____ () C:\ProgramData\1419170914.bdinstall.bin
 
Some files in TEMP:
====================
C:\Users\caterpillar\AppData\Local\Temp\GUR22D5.exe
C:\Users\caterpillar\AppData\Local\Temp\{F06308A6-CA8A-47CC-8E26-5D1067451EFA}-43.0.2357.81_chrome_installer.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-08 13:49
 
==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-07-2015
Ran by caterpillar at 2015-07-11 07:28:22
Running from C:\Users\caterpillar\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4090824617-66598808-4203011637-500 - Administrator - Enabled) => C:\Users\Administrator
caterpillar (S-1-5-21-4090824617-66598808-4203011637-1000 - Administrator - Enabled) => C:\Users\caterpillar
Guest (S-1-5-21-4090824617-66598808-4203011637-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.191 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.191 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{9D00A8DA-650F-21C6-E787-78756733F15F}) (Version: 3.0.715.0 - ATI Technologies, Inc.)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.4 - Auslogics Software Pty Ltd)
AVG 2014 (Version: 14.0.3964 - AVG Technologies) Hidden
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BRAdmin Professional 3 (HKLM-x32\...\{75C885D4-C758-4896-A3B4-90DA34B44C31}) (Version: 3.46.0007 - Brother)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\Dropbox) (Version: 1.2.52 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Gestionnaire de Connexion 3G SFR 2009.11 (HKLM-x32\...\Gestionnaire de Connexion 3G SFR_is1) (Version:  - )
Google Chrome (HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
HebRech HebRechw (HKLM-x32\...\{09180703-87F3-4F34-9354-FE1B2ED47AE2}) (Version: 0 - )
Hercules Link (HKLM-x32\...\{B1549CC1-EB81-4E7C-9C7C-8B97CD9FD37A}) (Version: 4.0.2.1 - Hercules)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
NSS (remove only) (HKLM-x32\...\NSS) (Version: 1.0.38.15 - B-Phreaks Ltd)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.3 - Frank Heindörfer, Philip Chinery)
pdfforge PDFArchitect 0.5.5.509 (HKLM\...\{00070886-D6C6-423C-B5A7-3298ABF20E11}) (Version: 0.5.5.509 - pdfforge GbR)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.55.03 - RICOH)
SequoiaView (HKLM-x32\...\SequoiaView) (Version:  - )
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SoulSeek 157 NS 13e (HKLM-x32\...\Soulseek2) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.19.0 - Synaptics)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.12979 - TeamViewer)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.622  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows7FirewallControl (x64) 3.5.1.131 (HKLM\...\Windows7FirewallControl_is1) (Version: 3.5.1.131 - Sphinx Software)
Xtra Controller Ex (HKLM-x32\...\{59579B12-97E6-437E-B988-BA032165D355}) (Version: 4.0.2.1 - Hercules)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
10-07-2015 22:54:03 Scheduled Checkpoint
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0EC04ED6-188C-41A5-8EED-DD9CF3863BA4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {0EE97BCE-86EC-493A-B6F5-161FD38FB1A5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core => C:\Users\caterpillar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {23DF15F3-422F-4F6F-90AB-6DF044C29C8E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA => C:\Users\caterpillar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {3A708A68-D12E-45D3-9E1F-B41AF053F345} - System32\Tasks\LogonScreenRotator => C:\LogonScreenRotator\LogonScreenRotator.exe [2009-06-04] (luke_smily_face)
Task: {484BA8D2-8B57-4848-950D-B2B3FE82E857} - System32\Tasks\{E3E9C592-3124-42E8-B618-5F65FC29C186} => pcalua.exe -a C:\Users\caterpillar\Desktop\vbruntime\vbrun60sp6.exe -d C:\Users\caterpillar\Desktop\vbruntime
Task: {566E263D-B41A-4D51-B86D-E42F687176AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core => C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {65AFD2A5-8885-4461-99AE-B42EAE6B6858} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-10] (Adobe Systems Incorporated)
Task: {7C6477DB-5EE1-470D-A6EE-348D71CB69C0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA => C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {811F0C7E-C18D-462D-82BD-8AF5734A1AA2} - System32\Tasks\{93F8DABF-18E9-4193-82C9-2E72661B1FAB} => pcalua.exe -a C:\Users\caterpillar\Desktop\vbrun60sp6.exe -d C:\Users\caterpillar\Desktop
Task: {9CF0836F-F557-480A-8453-6F2196FD9FA0} - System32\Tasks\{3F5A0CC4-7995-49DA-805A-22344F3DFB60} => Iexplore.exe http://ui.skype.com/...;LastError=1618
Task: {A35CB71F-76C7-4D54-B158-FE075A77CE24} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {A4CB8D2A-FADA-445B-9A53-F0B288A24590} - System32\Tasks\{3B9B2345-DC26-4096-ABEB-F2A90A1DEDE1} => pcalua.exe -a "C:\Users\caterpillar\Downloads\Epson Stylus DX5050\driver\OEMINF.EXE" -d "C:\Users\caterpillar\Downloads\Epson Stylus DX5050\driver"
Task: {D6E05D3F-2873-40EF-A62B-E3387B10C750} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {F0E52FC8-1834-4BEA-BB71-A24B5AEBAD19} - System32\Tasks\Microsoft_Hardware_Launch_vVX1000_exe => C:\Windows\vVX1000.exe [2009-06-30] (Microsoft Corporation)
Task: {F1178F98-6F30-4A9F-B479-16FCBBFF7C1B} - System32\Tasks\{80B7C45F-D564-4D0B-AB60-4CCED258D839} => Iexplore.exe http://ui.skype.com/...ed-notinstalled
Task: {FE00D8A8-4697-47B8-BE09-132187F0BD52} - System32\Tasks\{A14B3FDE-A140-424B-B128-8FAE632DF171} => pcalua.exe -a "C:\Users\Administrator\Desktop\Nero 10.0 + Serials en Keygen - DivXNL-Team\Nero-10.0.13100.exe" -d "C:\Users\Administrator\Desktop\Nero 10.0 + Serials en Keygen - DivXNL-Team"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core.job => C:\Users\caterpillar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA.job => C:\Users\caterpillar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core.job => C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA.job => C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-12-21 16:11 - 2013-03-19 13:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2014-12-21 16:11 - 2013-09-03 15:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2013-06-28 10:12 - 2013-06-28 10:12 - 00034304 _____ () C:\Windows\System32\ssm1mlm.dll
2011-06-22 08:42 - 2011-06-22 08:42 - 00034304 _____ () C:\Windows\System32\ssp4ml6.dll
2012-08-14 13:20 - 2010-09-15 15:01 - 00065536 _____ () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
2006-09-19 09:07 - 2006-09-19 09:07 - 00827392 _____ () C:\Windows\vsnpstd3.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-12 02:37 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-12 02:37 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\caterpillar\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\caterpillar\Desktop\qsinstaller.exe:BDU
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\caterpillar\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\caterpillar\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: snpstd3 => C:\Windows\vsnpstd3.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{29C63AF6-7554-4230-B623-C083CA4AA6F4}C:\program files (x86)\wakeup! 1.0\wake.exe] => (Allow) C:\program files (x86)\wakeup! 1.0\wake.exe
FirewallRules: [UDP Query User{2A71554E-B772-4E3A-88B5-07962A1699A6}C:\program files (x86)\wakeup! 1.0\wake.exe] => (Allow) C:\program files (x86)\wakeup! 1.0\wake.exe
FirewallRules: [{20CE2189-8561-4DC1-A9A2-8D6B511AFBC1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4A962C6B-65F9-4828-A834-FECE98D5B7F0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F4A53AA6-8BC2-4410-86BB-7BF1A9C52F3A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{924BFD28-A6A6-40AE-9D63-A10CE3583C93}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D10381E9-05A3-4FE5-9E00-3344F64115EE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{07D754C5-8E3E-497F-827F-5B08878C518C}] => (Allow) C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{27553903-B3E5-4496-A434-991AC751D6EF}] => (Allow) C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{423A68B1-966C-48FD-A238-B3308D50213D}] => (Allow) C:\Program Files (x86)\SFR\Gestionnaire de Connexion 3G SFR\SFR_Dialer_3G.exe
FirewallRules: [{CAA406A7-488D-46A4-A6E5-06DAA2003487}] => (Allow) C:\Program Files (x86)\SFR\Gestionnaire de Connexion 3G SFR\SFR_Dialer_3G.exe
FirewallRules: [{1C599B99-6258-4C12-8F92-28BB2CB2E99F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{7ED0BFF0-A5D2-4F7A-8DB2-5992A9E3220D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{93B40AD7-0BBA-45DC-AD3F-13143CD203A7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{A6600325-FD49-45E7-A900-10087849286C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C2F81A32-F58C-4688-8544-893A85BBFE4E}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{E3628B74-0891-4643-8F55-15210D222BA5}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{088AE719-DD37-40F8-8028-ED123F52AE42}] => (Allow) C:\Users\caterpillar\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{20E5B485-D8AB-40A2-8A26-0187B627084F}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{BB5A52F4-99F3-42CD-8D88-CABFDA54201F}] => (Allow) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Motorola SM56 Data Fax Modem
Description: Motorola SM56 Data Fax Modem
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Motorola Inc
Service: Modem
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/11/2015 06:12:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15141
 
Error: (07/11/2015 06:12:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15141
 
Error: (07/11/2015 06:12:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/10/2015 10:12:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 123516
 
Error: (07/10/2015 10:12:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 123516
 
Error: (07/10/2015 10:12:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/10/2015 10:10:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14625
 
Error: (07/10/2015 10:10:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14625
 
Error: (07/10/2015 10:10:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/10/2015 09:21:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (07/10/2015 10:12:28 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (07/10/2015 09:20:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SSPORT service failed to start due to the following error: 
%%2
 
Error: (07/10/2015 09:20:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
%%2
 
Error: (07/10/2015 02:10:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SSPORT service failed to start due to the following error: 
%%2
 
Error: (07/10/2015 02:09:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
%%2
 
Error: (07/10/2015 02:09:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 14:08:24 on ‎10/‎07/‎2015 was unexpected.
 
Error: (07/10/2015 01:37:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (07/10/2015 01:37:53 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
 
Error: (07/10/2015 01:37:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SSPORT service failed to start due to the following error: 
%%2
 
Error: (07/10/2015 01:37:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
%%2
 
 
Microsoft Office:
=========================
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® Dual CPU T2330 @ 1.60GHz
Percentage of memory in use: 69%
Total physical RAM: 1919.27 MB
Available physical RAM: 588.32 MB
Total Virtual: 3838.55 MB
Available Virtual: 1611.89 MB
 
==================== Drives ================================
 
Drive c: (w7) (Fixed) (Total:29.3 GB) (Free:0.23 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (ants) (Fixed) (Total:43.95 GB) (Free:12.37 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 000DAD2F)
Partition 1: (Not Active) - (Size=1 GB) - (Type=83)
Partition 2: (Active) - (Size=29.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=43.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=37.5 GB) - (Type=05)
 
==================== End of log ============================

 

 


  • 0

Advertisements

#2
Essexboy
Posted 15 July 2015 - 10:36 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi, sorry for the delay. If you still require assistance could you post a fresh FRST scan please
  • 0

#3
caterpillar
Posted 16 July 2015 - 03:31 AM

caterpillar

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

hi,

thx for answering. here u go....

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015

Ran by caterpillar (administrator) on PUSSYWAGEN-PC on 16-07-2015 10:41:24
Running from C:\Users\caterpillar\Desktop
Loaded Profiles: caterpillar (Available Profiles: caterpillar & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(SFR & Celliance) C:\Program Files (x86)\SFR\Gestionnaire de Connexion 3G SFR\SFRABCdService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
() C:\Windows\vsnpstd3.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Windows7FirewallControl] => C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1057792 2010-04-09] (Sphinx Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1006640 2011-10-27] (Synaptics, Inc.)
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762224 2009-06-30] (Microsoft Corporation)
HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\Run: [Google Update] => C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-11-16] (Google Inc.)
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\MountPoints2: {ad78986b-48d4-11e3-9930-001e8c8f999c} - F:\LaunchU3.exe -a
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2011-10-31] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-4090824617-66598808-4203011637-1000 -> {0B64B024-4502-4BAB-A8DA-4EC202023E2B} URL = http://www.google.co...rchTerms}&meta=
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-18] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-18] (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{442648D2-4738-4085-B79D-F54F052F0193}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{70042E70-6A40-4DA5-967B-9EECB2FF8C1E}: [DhcpNameServer] 172.20.10.1
 
FireFox:
========
FF ProfilePath: C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_191.dll [2015-07-10] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_191.dll [2015-07-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-01-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-04-14] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4090824617-66598808-4203011637-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\caterpillar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-4090824617-66598808-4203011637-1000: @tools.google.com/Google Update;version=3 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-4090824617-66598808-4203011637-1000: @tools.google.com/Google Update;version=9 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-10-26] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\searchplugins\babelfish-translate-en--fr.xml [2011-10-14]
FF SearchPlugin: C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\searchplugins\duckduckgo.xml [2012-06-12]
FF SearchPlugin: C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\searchplugins\leo-deu-eng.xml [2011-10-20]
FF SearchPlugin: C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\searchplugins\leo-deu-fra.xml [2011-10-20]
FF Extension: German Dictionary - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\[email protected] [2011-11-14]
FF Extension: Ghostery - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\[email protected] [2012-07-05]
FF Extension: Dictionnaire français «Moderne» - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\[email protected] [2011-11-14]
FF Extension: LEOs Dictionaries - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\[email protected] [2011-10-13]
FF Extension: SearchIMDB - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\[email protected] [2011-11-03]
FF Extension: WikiLook - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\[email protected] [2011-10-14]
FF Extension: Nuke Anything Enhanced - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\{1ced4832-f06e-413f-aa14-9eb63ad40ace}.xpi [2012-01-21]
FF Extension: Adblock Plus - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-16]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-06-23]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync [2012-07-11]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
 
Chrome: 
=======
CHR Profile: C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Youtube Video Downloader) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajcdokmfhjckfhjdgjhdcjpmjgnihkad [2013-07-01]
CHR Extension: (YouTube) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Adblock Plus) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2011-11-24]
CHR Extension: (Google Search) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (The Great Suspender) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2014-02-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Skype Click to Call) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-20]
CHR Extension: (Ghostery) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2012-06-12]
CHR Extension: (Google Wallet) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-11-02]
CHR Extension: (Bitdefender QuickScan) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-12-21]
CHR Extension: (Gmail) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
StartMenuInternet: Google Chrome - C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [65536 2010-09-15] () [File not signed]
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
R2 ServiceSFRABCD; C:\Program Files (x86)\SFR\Gestionnaire de Connexion 3G SFR\SFRABCDService.exe [657536 2009-11-05] (SFR & Celliance)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [567808 2010-04-09] (Sphinx Software) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2015-07-15] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 hxctlflt; C:\Windows\System32\DRIVERS\hxctlflt.sys [111104 2009-02-09] (Guillemot Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527360 2007-09-10] (PixArt Imaging Inc.)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [60416 2008-07-22] (Realtek Semiconductor Corporation                           )
S3 smserial; C:\Windows\System32\DRIVERS\smserial.sys [1202688 2009-10-26] (Motorola Inc.)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.)
S2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-02-24] (Samsung Electronics)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-16 10:41 - 2015-07-16 10:43 - 00019369 _____ C:\Users\caterpillar\Desktop\FRST.txt
2015-07-16 10:41 - 2015-07-16 10:41 - 00000000 ____D C:\Users\caterpillar\Desktop\FRST-OlderVersion
2015-07-15 08:43 - 2015-07-15 08:43 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-07-15 07:57 - 2015-07-16 09:56 - 00000168 _____ C:\Windows\setupact.log
2015-07-15 07:57 - 2015-07-15 07:57 - 00000000 _____ C:\Windows\setuperr.log
2015-07-11 07:24 - 2015-07-16 10:41 - 02133504 _____ (Farbar) C:\Users\caterpillar\Desktop\FRST64.exe
2015-07-11 07:21 - 2015-07-16 10:41 - 00000000 ____D C:\FRST
2015-07-08 12:46 - 2015-07-08 12:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2015-06-17 22:43 - 2015-06-17 22:46 - 00002900 _____ C:\Windows\system32\lic2.xml26045
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-16 10:43 - 2011-11-19 12:46 - 00003914 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA
2015-07-16 10:43 - 2011-11-19 12:46 - 00003518 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core
2015-07-16 10:43 - 2011-11-19 12:46 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA.job
2015-07-16 10:43 - 2011-11-19 12:46 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core.job
2015-07-16 10:11 - 2012-03-29 21:10 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{398CCD1A-C1E8-44C4-B3FE-D7B7EE539EA3}
2015-07-16 10:05 - 2009-07-14 06:45 - 00022224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-16 10:05 - 2009-07-14 06:45 - 00022224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-16 10:01 - 2014-12-21 13:59 - 01887931 _____ C:\Windows\WindowsUpdate.log
2015-07-16 09:59 - 2013-02-16 14:15 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-16 09:59 - 2013-02-16 14:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-16 09:59 - 2012-04-07 11:48 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-16 09:59 - 2011-10-18 14:30 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-16 09:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2015-07-16 09:56 - 2012-09-11 13:10 - 00000000 ____D C:\HebRechw
2015-07-16 09:56 - 2012-03-27 17:49 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-07-16 09:56 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-15 15:02 - 2011-10-27 16:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-15 14:52 - 2011-11-01 12:41 - 00000950 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA.job
2015-07-15 14:52 - 2011-11-01 12:41 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core.job
2015-07-10 13:18 - 2012-07-29 18:03 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2015-07-10 11:23 - 2011-10-16 15:21 - 00000000 ____D C:\Windows\Minidump
2015-07-10 09:27 - 2011-11-09 14:25 - 00000000 ____D C:\Program Files\CCleaner
2015-07-09 15:59 - 2011-11-09 15:07 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2015-06-23 12:40 - 2011-10-13 14:50 - 00000000 ____D C:\Users\caterpillar\AppData\Roaming\Skype
2015-06-17 23:29 - 2011-11-09 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
 
==================== Files in the root of some directories =======
 
2012-04-05 16:18 - 2012-04-05 16:18 - 0000600 _____ () C:\Users\caterpillar\AppData\Local\PUTTY.RND
2014-12-18 22:24 - 2015-02-20 12:16 - 0007602 _____ () C:\Users\caterpillar\AppData\Local\Resmon.ResmonCfg
2014-12-21 15:15 - 2014-12-21 15:15 - 0044134 _____ () C:\ProgramData\1419167682.bdinstall.bin
2014-12-21 16:11 - 2014-12-21 16:11 - 0215893 _____ () C:\ProgramData\1419170914.bdinstall.bin
 
Some files in TEMP:
====================
C:\Users\caterpillar\AppData\Local\Temp\GUR22D5.exe
C:\Users\caterpillar\AppData\Local\Temp\{F06308A6-CA8A-47CC-8E26-5D1067451EFA}-43.0.2357.81_chrome_installer.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-13 13:27
 
==================== End of log ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by caterpillar at 2015-07-16 10:46:19
Running from C:\Users\caterpillar\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4090824617-66598808-4203011637-500 - Administrator - Enabled) => C:\Users\Administrator
caterpillar (S-1-5-21-4090824617-66598808-4203011637-1000 - Administrator - Enabled) => C:\Users\caterpillar
Guest (S-1-5-21-4090824617-66598808-4203011637-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.191 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{9D00A8DA-650F-21C6-E787-78756733F15F}) (Version: 3.0.715.0 - ATI Technologies, Inc.)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.4 - Auslogics Software Pty Ltd)
AVG 2014 (Version: 14.0.3964 - AVG Technologies) Hidden
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BRAdmin Professional 3 (HKLM-x32\...\{75C885D4-C758-4896-A3B4-90DA34B44C31}) (Version: 3.46.0007 - Brother)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\Dropbox) (Version: 1.2.52 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Gestionnaire de Connexion 3G SFR 2009.11 (HKLM-x32\...\Gestionnaire de Connexion 3G SFR_is1) (Version:  - )
Google Chrome (HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
HebRech HebRechw (HKLM-x32\...\{09180703-87F3-4F34-9354-FE1B2ED47AE2}) (Version: 0 - )
Hercules Link (HKLM-x32\...\{B1549CC1-EB81-4E7C-9C7C-8B97CD9FD37A}) (Version: 4.0.2.1 - Hercules)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
NSS (remove only) (HKLM-x32\...\NSS) (Version: 1.0.38.15 - B-Phreaks Ltd)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.3 - Frank Heindörfer, Philip Chinery)
pdfforge PDFArchitect 0.5.5.509 (HKLM\...\{00070886-D6C6-423C-B5A7-3298ABF20E11}) (Version: 0.5.5.509 - pdfforge GbR)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.55.03 - RICOH)
SequoiaView (HKLM-x32\...\SequoiaView) (Version:  - )
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SoulSeek 157 NS 13e (HKLM-x32\...\Soulseek2) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.19.0 - Synaptics)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.12979 - TeamViewer)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.622  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows7FirewallControl (x64) 3.5.1.131 (HKLM\...\Windows7FirewallControl_is1) (Version: 3.5.1.131 - Sphinx Software)
Xtra Controller Ex (HKLM-x32\...\{59579B12-97E6-437E-B988-BA032165D355}) (Version: 4.0.2.1 - Hercules)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0EC04ED6-188C-41A5-8EED-DD9CF3863BA4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {0EE97BCE-86EC-493A-B6F5-161FD38FB1A5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core => C:\Users\caterpillar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {23DF15F3-422F-4F6F-90AB-6DF044C29C8E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA => C:\Users\caterpillar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {3A708A68-D12E-45D3-9E1F-B41AF053F345} - System32\Tasks\LogonScreenRotator => C:\LogonScreenRotator\LogonScreenRotator.exe [2009-06-04] (luke_smily_face)
Task: {484BA8D2-8B57-4848-950D-B2B3FE82E857} - System32\Tasks\{E3E9C592-3124-42E8-B618-5F65FC29C186} => pcalua.exe -a C:\Users\caterpillar\Desktop\vbruntime\vbrun60sp6.exe -d C:\Users\caterpillar\Desktop\vbruntime
Task: {566E263D-B41A-4D51-B86D-E42F687176AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core => C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {65AFD2A5-8885-4461-99AE-B42EAE6B6858} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-16] (Adobe Systems Incorporated)
Task: {7C6477DB-5EE1-470D-A6EE-348D71CB69C0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA => C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {811F0C7E-C18D-462D-82BD-8AF5734A1AA2} - System32\Tasks\{93F8DABF-18E9-4193-82C9-2E72661B1FAB} => pcalua.exe -a C:\Users\caterpillar\Desktop\vbrun60sp6.exe -d C:\Users\caterpillar\Desktop
Task: {9CF0836F-F557-480A-8453-6F2196FD9FA0} - System32\Tasks\{3F5A0CC4-7995-49DA-805A-22344F3DFB60} => Iexplore.exe http://ui.skype.com/...;LastError=1618
Task: {A35CB71F-76C7-4D54-B158-FE075A77CE24} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {A4CB8D2A-FADA-445B-9A53-F0B288A24590} - System32\Tasks\{3B9B2345-DC26-4096-ABEB-F2A90A1DEDE1} => pcalua.exe -a "C:\Users\caterpillar\Downloads\Epson Stylus DX5050\driver\OEMINF.EXE" -d "C:\Users\caterpillar\Downloads\Epson Stylus DX5050\driver"
Task: {D6E05D3F-2873-40EF-A62B-E3387B10C750} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {F0E52FC8-1834-4BEA-BB71-A24B5AEBAD19} - System32\Tasks\Microsoft_Hardware_Launch_vVX1000_exe => C:\Windows\vVX1000.exe [2009-06-30] (Microsoft Corporation)
Task: {F1178F98-6F30-4A9F-B479-16FCBBFF7C1B} - System32\Tasks\{80B7C45F-D564-4D0B-AB60-4CCED258D839} => Iexplore.exe http://ui.skype.com/...ed-notinstalled
Task: {FE00D8A8-4697-47B8-BE09-132187F0BD52} - System32\Tasks\{A14B3FDE-A140-424B-B128-8FAE632DF171} => pcalua.exe -a "C:\Users\Administrator\Desktop\Nero 10.0 + Serials en Keygen - DivXNL-Team\Nero-10.0.13100.exe" -d "C:\Users\Administrator\Desktop\Nero 10.0 + Serials en Keygen - DivXNL-Team"
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core.job => C:\Users\caterpillar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA.job => C:\Users\caterpillar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core.job => C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA.job => C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-12-21 16:11 - 2013-03-19 13:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2014-12-21 16:11 - 2013-09-03 15:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2013-06-28 10:12 - 2013-06-28 10:12 - 00034304 _____ () C:\Windows\System32\ssm1mlm.dll
2011-06-22 08:42 - 2011-06-22 08:42 - 00034304 _____ () C:\Windows\System32\ssp4ml6.dll
2012-08-14 13:20 - 2010-09-15 15:01 - 00065536 _____ () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
2006-09-19 09:07 - 2006-09-19 09:07 - 00827392 _____ () C:\Windows\vsnpstd3.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-15 08:51 - 2015-07-13 23:55 - 16308040 _____ () C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\43.0.2357.134\PepperFlash\pepflashplayer.dll
2014-04-12 02:37 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-12 02:37 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\caterpillar\Desktop\qsinstaller.exe:BDU
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\caterpillar\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\caterpillar\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: snpstd3 => C:\Windows\vsnpstd3.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{29C63AF6-7554-4230-B623-C083CA4AA6F4}C:\program files (x86)\wakeup! 1.0\wake.exe] => (Allow) C:\program files (x86)\wakeup! 1.0\wake.exe
FirewallRules: [UDP Query User{2A71554E-B772-4E3A-88B5-07962A1699A6}C:\program files (x86)\wakeup! 1.0\wake.exe] => (Allow) C:\program files (x86)\wakeup! 1.0\wake.exe
FirewallRules: [{20CE2189-8561-4DC1-A9A2-8D6B511AFBC1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4A962C6B-65F9-4828-A834-FECE98D5B7F0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F4A53AA6-8BC2-4410-86BB-7BF1A9C52F3A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{924BFD28-A6A6-40AE-9D63-A10CE3583C93}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D10381E9-05A3-4FE5-9E00-3344F64115EE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{07D754C5-8E3E-497F-827F-5B08878C518C}] => (Allow) C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{27553903-B3E5-4496-A434-991AC751D6EF}] => (Allow) C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{423A68B1-966C-48FD-A238-B3308D50213D}] => (Allow) C:\Program Files (x86)\SFR\Gestionnaire de Connexion 3G SFR\SFR_Dialer_3G.exe
FirewallRules: [{CAA406A7-488D-46A4-A6E5-06DAA2003487}] => (Allow) C:\Program Files (x86)\SFR\Gestionnaire de Connexion 3G SFR\SFR_Dialer_3G.exe
FirewallRules: [{1C599B99-6258-4C12-8F92-28BB2CB2E99F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{7ED0BFF0-A5D2-4F7A-8DB2-5992A9E3220D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{93B40AD7-0BBA-45DC-AD3F-13143CD203A7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{A6600325-FD49-45E7-A900-10087849286C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C2F81A32-F58C-4688-8544-893A85BBFE4E}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{E3628B74-0891-4643-8F55-15210D222BA5}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{088AE719-DD37-40F8-8028-ED123F52AE42}] => (Allow) C:\Users\caterpillar\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{20E5B485-D8AB-40A2-8A26-0187B627084F}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{BB5A52F4-99F3-42CD-8D88-CABFDA54201F}] => (Allow) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Motorola SM56 Data Fax Modem
Description: Motorola SM56 Data Fax Modem
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Motorola Inc
Service: Modem
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/16/2015 09:58:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/15/2015 01:58:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/15/2015 01:34:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14656
 
Error: (07/15/2015 01:34:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14656
 
Error: (07/15/2015 01:34:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/15/2015 07:59:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/14/2015 07:43:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/14/2015 07:10:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 55078
 
Error: (07/14/2015 07:10:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 55078
 
Error: (07/14/2015 07:10:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (07/16/2015 10:45:32 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (07/16/2015 09:56:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SSPORT service failed to start due to the following error: 
%%2
 
Error: (07/16/2015 09:56:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
%%2
 
Error: (07/15/2015 02:53:27 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (07/15/2015 01:57:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SSPORT service failed to start due to the following error: 
%%2
 
Error: (07/15/2015 01:57:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
%%2
 
Error: (07/15/2015 01:33:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer7 service.
 
Error: (07/15/2015 07:58:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SSPORT service failed to start due to the following error: 
%%2
 
Error: (07/15/2015 07:58:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
%%2
 
Error: (07/15/2015 07:57:53 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 19:50:57 on ‎14/‎07/‎2015 was unexpected.
 
 
Microsoft Office:
=========================
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® Dual CPU T2330 @ 1.60GHz
Percentage of memory in use: 77%
Total physical RAM: 1919.27 MB
Available physical RAM: 426.34 MB
Total Virtual: 3838.55 MB
Available Virtual: 758.66 MB
 
==================== Drives ================================
 
Drive c: (w7) (Fixed) (Total:29.3 GB) (Free:0.52 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (ants) (Fixed) (Total:43.95 GB) (Free:12.37 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 000DAD2F)
Partition 1: (Not Active) - (Size=1 GB) - (Type=83)
Partition 2: (Active) - (Size=29.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=43.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=37.5 GB) - (Type=05)
 
==================== End of log ============================
 
thx for u time.

 


  • 0

#4
Essexboy
Posted 16 July 2015 - 07:36 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
This is the main problem :

Drive c: (w7) (Fixed) (Total:29.3 GB) (Free:0.52 GB) NTFS ==>[drive with boot components (obtained from BCD)]

You do not have sufficient drive space left for the system to function correctly

You have two further partitions where you can copy some files over to .. But , realistically you need at least 3GB free on your C drive

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Task: {484BA8D2-8B57-4848-950D-B2B3FE82E857} - System32\Tasks\{E3E9C592-3124-42E8-B618-5F65FC29C186} => pcalua.exe -a C:\Users\caterpillar\Desktop\vbruntime\vbrun60sp6.exe -d C:\Users\caterpillar\Desktop\vbruntime
Task: {811F0C7E-C18D-462D-82BD-8AF5734A1AA2} - System32\Tasks\{93F8DABF-18E9-4193-82C9-2E72661B1FAB} => pcalua.exe -a C:\Users\caterpillar\Desktop\vbrun60sp6.exe -d C:\Users\caterpillar\Desktop
Task: {FE00D8A8-4697-47B8-BE09-132187F0BD52} - System32\Tasks\{A14B3FDE-A140-424B-B128-8FAE632DF171} => pcalua.exe -a "C:\Users\Administrator\Desktop\Nero 10.0 + Serials en Keygen - DivXNL-Team\Nero-10.0.13100.exe" -d "C:\Users\Administrator\Desktop\Nero 10.0 + Serials en Keygen - DivXNL-Team"
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#5
caterpillar
Posted 17 July 2015 - 03:40 AM

caterpillar

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

here u go, 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by caterpillar at 2015-07-17 09:33:09 Run:1
Running from C:\Users\caterpillar\Desktop
Loaded Profiles: caterpillar (Available Profiles: caterpillar & Administrator)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Task: {484BA8D2-8B57-4848-950D-B2B3FE82E857} - System32\Tasks\{E3E9C592-3124-42E8-B618-5F65FC29C186} => pcalua.exe -a C:\Users\caterpillar\Desktop\vbruntime\vbrun60sp6.exe -d C:\Users\caterpillar\Desktop\vbruntime
Task: {811F0C7E-C18D-462D-82BD-8AF5734A1AA2} - System32\Tasks\{93F8DABF-18E9-4193-82C9-2E72661B1FAB} => pcalua.exe -a C:\Users\caterpillar\Desktop\vbrun60sp6.exe -d C:\Users\caterpillar\Desktop
Task: {FE00D8A8-4697-47B8-BE09-132187F0BD52} - System32\Tasks\{A14B3FDE-A140-424B-B128-8FAE632DF171} => pcalua.exe -a "C:\Users\Administrator\Desktop\Nero 10.0 + Serials en Keygen - DivXNL-Team\Nero-10.0.13100.exe" -d "C:\Users\Administrator\Desktop\Nero 10.0 + Serials en Keygen - DivXNL-Team"
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => key removed successfully
HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => key not found. 
"HKCR\PROTOCOLS\Handler\linkscanner" => key removed successfully
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{484BA8D2-8B57-4848-950D-B2B3FE82E857}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{484BA8D2-8B57-4848-950D-B2B3FE82E857}" => key removed successfully
C:\Windows\System32\Tasks\{E3E9C592-3124-42E8-B618-5F65FC29C186} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E3E9C592-3124-42E8-B618-5F65FC29C186}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{811F0C7E-C18D-462D-82BD-8AF5734A1AA2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{811F0C7E-C18D-462D-82BD-8AF5734A1AA2}" => key removed successfully
C:\Windows\System32\Tasks\{93F8DABF-18E9-4193-82C9-2E72661B1FAB} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{93F8DABF-18E9-4193-82C9-2E72661B1FAB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE00D8A8-4697-47B8-BE09-132187F0BD52}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE00D8A8-4697-47B8-BE09-132187F0BD52}" => key removed successfully
C:\Windows\System32\Tasks\{A14B3FDE-A140-424B-B128-8FAE632DF171} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A14B3FDE-A140-424B-B128-8FAE632DF171}" => key removed successfully
C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => moved successfully.
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {0CE046E6-B865-4602-90B1-B3B321F74D1B}.
{5292245C-E8A6-4C7D-AFBA-86995A520C01} canceled.
{12002945-F482-4CB2-B66B-E109943C67A1} canceled.
{BBB4FE91-1884-4E2C-BD75-D9A84D9EAD35} canceled.
3 out of 4 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 2.1 GB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 09:35:40 ====
 
thx again

  • 0

#6
Essexboy
Posted 17 July 2015 - 06:17 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK that cleared just over 2GB how is the computer behaving now ?
  • 0

#7
caterpillar
Posted 19 July 2015 - 06:43 AM

caterpillar

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

its a start.  thx alot.


  • 0

#8
Essexboy
Posted 19 July 2015 - 07:23 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Is CC able to run now ?
  • 0

#9
Essexboy
Posted 23 July 2015 - 08:27 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP