hi,
thx for answering. here u go....
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by caterpillar (administrator) on PUSSYWAGEN-PC on 16-07-2015 10:41:24
Running from C:\Users\caterpillar\Desktop
Loaded Profiles: caterpillar (Available Profiles: caterpillar & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(SFR & Celliance) C:\Program Files (x86)\SFR\Gestionnaire de Connexion 3G SFR\SFRABCdService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
() C:\Windows\vsnpstd3.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows7FirewallControl] => C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1057792 2010-04-09] (Sphinx Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1006640 2011-10-27] (Synaptics, Inc.)
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762224 2009-06-30] (Microsoft Corporation)
HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\Run: [Google Update] => C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-11-16] (Google Inc.)
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\MountPoints2: {ad78986b-48d4-11e3-9930-001e8c8f999c} - F:\LaunchU3.exe -a
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2011-10-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2011-10-31] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://fr.msn.com/?ocid=iehp
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-18] (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-18] (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{442648D2-4738-4085-B79D-F54F052F0193}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{70042E70-6A40-4DA5-967B-9EECB2FF8C1E}: [DhcpNameServer] 172.20.10.1
FireFox:
========
FF ProfilePath: C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_191.dll [2015-07-10] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_191.dll [2015-07-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-01-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-04-14] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4090824617-66598808-4203011637-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\caterpillar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-4090824617-66598808-4203011637-1000: @tools.google.com/Google Update;version=3 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-4090824617-66598808-4203011637-1000: @tools.google.com/Google Update;version=9 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-11-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-10-26] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\searchplugins\babelfish-translate-en--fr.xml [2011-10-14]
FF SearchPlugin: C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\searchplugins\duckduckgo.xml [2012-06-12]
FF SearchPlugin: C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\searchplugins\leo-deu-eng.xml [2011-10-20]
FF SearchPlugin: C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\searchplugins\leo-deu-fra.xml [2011-10-20]
FF Extension: German Dictionary - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\
[email protected] [2011-11-14]
FF Extension: Ghostery - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\
[email protected] [2012-07-05]
FF Extension: Dictionnaire français «Moderne» - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\
[email protected] [2011-11-14]
FF Extension: LEOs Dictionaries - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\
[email protected] [2011-10-13]
FF Extension: SearchIMDB - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\
[email protected] [2011-11-03]
FF Extension: WikiLook - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\
[email protected] [2011-10-14]
FF Extension: Nuke Anything Enhanced - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\{1ced4832-f06e-413f-aa14-9eb63ad40ace}.xpi [2012-01-21]
FF Extension: Adblock Plus - C:\Users\caterpillar\AppData\Roaming\Mozilla\Firefox\Profiles\cw3o20n4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-16]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-06-23]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync [2012-07-11]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
Chrome:
=======
CHR Profile: C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Youtube Video Downloader) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajcdokmfhjckfhjdgjhdcjpmjgnihkad [2013-07-01]
CHR Extension: (YouTube) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Adblock Plus) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2011-11-24]
CHR Extension: (Google Search) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (The Great Suspender) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2014-02-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Skype Click to Call) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-20]
CHR Extension: (Ghostery) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2012-06-12]
CHR Extension: (Google Wallet) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-11-02]
CHR Extension: (Bitdefender QuickScan) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-12-21]
CHR Extension: (Gmail) - C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
StartMenuInternet: Google Chrome - C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [65536 2010-09-15] () [File not signed]
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
R2 ServiceSFRABCD; C:\Program Files (x86)\SFR\Gestionnaire de Connexion 3G SFR\SFRABCDService.exe [657536 2009-11-05] (SFR & Celliance)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [567808 2010-04-09] (Sphinx Software) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2015-07-15] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 hxctlflt; C:\Windows\System32\DRIVERS\hxctlflt.sys [111104 2009-02-09] (Guillemot Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527360 2007-09-10] (PixArt Imaging Inc.)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [60416 2008-07-22] (Realtek Semiconductor Corporation )
S3 smserial; C:\Windows\System32\DRIVERS\smserial.sys [1202688 2009-10-26] (Motorola Inc.)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.)
S2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-02-24] (Samsung Electronics)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-16 10:41 - 2015-07-16 10:43 - 00019369 _____ C:\Users\caterpillar\Desktop\FRST.txt
2015-07-16 10:41 - 2015-07-16 10:41 - 00000000 ____D C:\Users\caterpillar\Desktop\FRST-OlderVersion
2015-07-15 08:43 - 2015-07-15 08:43 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-07-15 07:57 - 2015-07-16 09:56 - 00000168 _____ C:\Windows\setupact.log
2015-07-15 07:57 - 2015-07-15 07:57 - 00000000 _____ C:\Windows\setuperr.log
2015-07-11 07:24 - 2015-07-16 10:41 - 02133504 _____ (Farbar) C:\Users\caterpillar\Desktop\FRST64.exe
2015-07-11 07:21 - 2015-07-16 10:41 - 00000000 ____D C:\FRST
2015-07-08 12:46 - 2015-07-08 12:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2015-06-17 22:43 - 2015-06-17 22:46 - 00002900 _____ C:\Windows\system32\lic2.xml26045
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-16 10:43 - 2011-11-19 12:46 - 00003914 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA
2015-07-16 10:43 - 2011-11-19 12:46 - 00003518 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core
2015-07-16 10:43 - 2011-11-19 12:46 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA.job
2015-07-16 10:43 - 2011-11-19 12:46 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core.job
2015-07-16 10:11 - 2012-03-29 21:10 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{398CCD1A-C1E8-44C4-B3FE-D7B7EE539EA3}
2015-07-16 10:05 - 2009-07-14 06:45 - 00022224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-16 10:05 - 2009-07-14 06:45 - 00022224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-16 10:01 - 2014-12-21 13:59 - 01887931 _____ C:\Windows\WindowsUpdate.log
2015-07-16 09:59 - 2013-02-16 14:15 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-16 09:59 - 2013-02-16 14:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-16 09:59 - 2012-04-07 11:48 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-16 09:59 - 2011-10-18 14:30 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-16 09:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2015-07-16 09:56 - 2012-09-11 13:10 - 00000000 ____D C:\HebRechw
2015-07-16 09:56 - 2012-03-27 17:49 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-07-16 09:56 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-15 15:02 - 2011-10-27 16:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-15 14:52 - 2011-11-01 12:41 - 00000950 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA.job
2015-07-15 14:52 - 2011-11-01 12:41 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core.job
2015-07-10 13:18 - 2012-07-29 18:03 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2015-07-10 11:23 - 2011-10-16 15:21 - 00000000 ____D C:\Windows\Minidump
2015-07-10 09:27 - 2011-11-09 14:25 - 00000000 ____D C:\Program Files\CCleaner
2015-07-09 15:59 - 2011-11-09 15:07 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2015-06-23 12:40 - 2011-10-13 14:50 - 00000000 ____D C:\Users\caterpillar\AppData\Roaming\Skype
2015-06-17 23:29 - 2011-11-09 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
==================== Files in the root of some directories =======
2012-04-05 16:18 - 2012-04-05 16:18 - 0000600 _____ () C:\Users\caterpillar\AppData\Local\PUTTY.RND
2014-12-18 22:24 - 2015-02-20 12:16 - 0007602 _____ () C:\Users\caterpillar\AppData\Local\Resmon.ResmonCfg
2014-12-21 15:15 - 2014-12-21 15:15 - 0044134 _____ () C:\ProgramData\1419167682.bdinstall.bin
2014-12-21 16:11 - 2014-12-21 16:11 - 0215893 _____ () C:\ProgramData\1419170914.bdinstall.bin
Some files in TEMP:
====================
C:\Users\caterpillar\AppData\Local\Temp\GUR22D5.exe
C:\Users\caterpillar\AppData\Local\Temp\{F06308A6-CA8A-47CC-8E26-5D1067451EFA}-43.0.2357.81_chrome_installer.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-13 13:27
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by caterpillar at 2015-07-16 10:46:19
Running from C:\Users\caterpillar\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4090824617-66598808-4203011637-500 - Administrator - Enabled) => C:\Users\Administrator
caterpillar (S-1-5-21-4090824617-66598808-4203011637-1000 - Administrator - Enabled) => C:\Users\caterpillar
Guest (S-1-5-21-4090824617-66598808-4203011637-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version: - Microsoft) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.191 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{9D00A8DA-650F-21C6-E787-78756733F15F}) (Version: 3.0.715.0 - ATI Technologies, Inc.)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.4 - Auslogics Software Pty Ltd)
AVG 2014 (Version: 14.0.3964 - AVG Technologies) Hidden
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BRAdmin Professional 3 (HKLM-x32\...\{75C885D4-C758-4896-A3B4-90DA34B44C31}) (Version: 3.46.0007 - Brother)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\Dropbox) (Version: 1.2.52 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Gestionnaire de Connexion 3G SFR 2009.11 (HKLM-x32\...\Gestionnaire de Connexion 3G SFR_is1) (Version: - )
Google Chrome (HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
HebRech HebRechw (HKLM-x32\...\{09180703-87F3-4F34-9354-FE1B2ED47AE2}) (Version: 0 - )
Hercules Link (HKLM-x32\...\{B1549CC1-EB81-4E7C-9C7C-8B97CD9FD37A}) (Version: 4.0.2.1 - Hercules)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
NSS (remove only) (HKLM-x32\...\NSS) (Version: 1.0.38.15 - B-Phreaks Ltd)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.3 - Frank Heindörfer, Philip Chinery)
pdfforge PDFArchitect 0.5.5.509 (HKLM\...\{00070886-D6C6-423C-B5A7-3298ABF20E11}) (Version: 0.5.5.509 - pdfforge GbR)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.55.03 - RICOH)
SequoiaView (HKLM-x32\...\SequoiaView) (Version: - )
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SoulSeek 157 NS 13e (HKLM-x32\...\Soulseek2) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.19.0 - Synaptics)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.12979 - TeamViewer)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.622 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows7FirewallControl (x64) 3.5.1.131 (HKLM\...\Windows7FirewallControl_is1) (Version: 3.5.1.131 - Sphinx Software)
Xtra Controller Ex (HKLM-x32\...\{59579B12-97E6-437E-B988-BA032165D355}) (Version: 4.0.2.1 - Hercules)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\caterpillar\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4090824617-66598808-4203011637-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0EC04ED6-188C-41A5-8EED-DD9CF3863BA4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {0EE97BCE-86EC-493A-B6F5-161FD38FB1A5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core => C:\Users\caterpillar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {23DF15F3-422F-4F6F-90AB-6DF044C29C8E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA => C:\Users\caterpillar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {3A708A68-D12E-45D3-9E1F-B41AF053F345} - System32\Tasks\LogonScreenRotator => C:\LogonScreenRotator\LogonScreenRotator.exe [2009-06-04] (luke_smily_face)
Task: {484BA8D2-8B57-4848-950D-B2B3FE82E857} - System32\Tasks\{E3E9C592-3124-42E8-B618-5F65FC29C186} => pcalua.exe -a C:\Users\caterpillar\Desktop\vbruntime\vbrun60sp6.exe -d C:\Users\caterpillar\Desktop\vbruntime
Task: {566E263D-B41A-4D51-B86D-E42F687176AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core => C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {65AFD2A5-8885-4461-99AE-B42EAE6B6858} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-16] (Adobe Systems Incorporated)
Task: {7C6477DB-5EE1-470D-A6EE-348D71CB69C0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA => C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {811F0C7E-C18D-462D-82BD-8AF5734A1AA2} - System32\Tasks\{93F8DABF-18E9-4193-82C9-2E72661B1FAB} => pcalua.exe -a C:\Users\caterpillar\Desktop\vbrun60sp6.exe -d C:\Users\caterpillar\Desktop
Task: {A35CB71F-76C7-4D54-B158-FE075A77CE24} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {A4CB8D2A-FADA-445B-9A53-F0B288A24590} - System32\Tasks\{3B9B2345-DC26-4096-ABEB-F2A90A1DEDE1} => pcalua.exe -a "C:\Users\caterpillar\Downloads\Epson Stylus DX5050\driver\OEMINF.EXE" -d "C:\Users\caterpillar\Downloads\Epson Stylus DX5050\driver"
Task: {D6E05D3F-2873-40EF-A62B-E3387B10C750} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {F0E52FC8-1834-4BEA-BB71-A24B5AEBAD19} - System32\Tasks\Microsoft_Hardware_Launch_vVX1000_exe => C:\Windows\vVX1000.exe [2009-06-30] (Microsoft Corporation)
Task: {FE00D8A8-4697-47B8-BE09-132187F0BD52} - System32\Tasks\{A14B3FDE-A140-424B-B128-8FAE632DF171} => pcalua.exe -a "C:\Users\Administrator\Desktop\Nero 10.0 + Serials en Keygen - DivXNL-Team\Nero-10.0.13100.exe" -d "C:\Users\Administrator\Desktop\Nero 10.0 + Serials en Keygen - DivXNL-Team"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core.job => C:\Users\caterpillar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA.job => C:\Users\caterpillar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000Core.job => C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090824617-66598808-4203011637-1000UA.job => C:\Users\caterpillar\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
==================== Loaded Modules (Whitelisted) ==============
2014-12-21 16:11 - 2013-03-19 13:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2014-12-21 16:11 - 2013-09-03 15:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2013-06-28 10:12 - 2013-06-28 10:12 - 00034304 _____ () C:\Windows\System32\ssm1mlm.dll
2011-06-22 08:42 - 2011-06-22 08:42 - 00034304 _____ () C:\Windows\System32\ssp4ml6.dll
2012-08-14 13:20 - 2010-09-15 15:01 - 00065536 _____ () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
2006-09-19 09:07 - 2006-09-19 09:07 - 00827392 _____ () C:\Windows\vsnpstd3.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-15 08:51 - 2015-07-13 23:55 - 16308040 _____ () C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\43.0.2357.134\PepperFlash\pepflashplayer.dll
2014-04-12 02:37 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-12 02:37 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\caterpillar\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\caterpillar\Desktop\qsinstaller.exe:BDU
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-4090824617-66598808-4203011637-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4090824617-66598808-4203011637-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\caterpillar\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\caterpillar\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: snpstd3 => C:\Windows\vsnpstd3.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{29C63AF6-7554-4230-B623-C083CA4AA6F4}C:\program files (x86)\wakeup! 1.0\wake.exe] => (Allow) C:\program files (x86)\wakeup! 1.0\wake.exe
FirewallRules: [UDP Query User{2A71554E-B772-4E3A-88B5-07962A1699A6}C:\program files (x86)\wakeup! 1.0\wake.exe] => (Allow) C:\program files (x86)\wakeup! 1.0\wake.exe
FirewallRules: [{20CE2189-8561-4DC1-A9A2-8D6B511AFBC1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4A962C6B-65F9-4828-A834-FECE98D5B7F0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F4A53AA6-8BC2-4410-86BB-7BF1A9C52F3A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{924BFD28-A6A6-40AE-9D63-A10CE3583C93}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D10381E9-05A3-4FE5-9E00-3344F64115EE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{07D754C5-8E3E-497F-827F-5B08878C518C}] => (Allow) C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{27553903-B3E5-4496-A434-991AC751D6EF}] => (Allow) C:\Users\caterpillar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{423A68B1-966C-48FD-A238-B3308D50213D}] => (Allow) C:\Program Files (x86)\SFR\Gestionnaire de Connexion 3G SFR\SFR_Dialer_3G.exe
FirewallRules: [{CAA406A7-488D-46A4-A6E5-06DAA2003487}] => (Allow) C:\Program Files (x86)\SFR\Gestionnaire de Connexion 3G SFR\SFR_Dialer_3G.exe
FirewallRules: [{1C599B99-6258-4C12-8F92-28BB2CB2E99F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{7ED0BFF0-A5D2-4F7A-8DB2-5992A9E3220D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{93B40AD7-0BBA-45DC-AD3F-13143CD203A7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{A6600325-FD49-45E7-A900-10087849286C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C2F81A32-F58C-4688-8544-893A85BBFE4E}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{E3628B74-0891-4643-8F55-15210D222BA5}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{088AE719-DD37-40F8-8028-ED123F52AE42}] => (Allow) C:\Users\caterpillar\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{20E5B485-D8AB-40A2-8A26-0187B627084F}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{BB5A52F4-99F3-42CD-8D88-CABFDA54201F}] => (Allow) C:\Users\caterpillar\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Motorola SM56 Data Fax Modem
Description: Motorola SM56 Data Fax Modem
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Motorola Inc
Service: Modem
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/16/2015 09:58:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2015 01:58:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2015 01:34:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14656
Error: (07/15/2015 01:34:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14656
Error: (07/15/2015 01:34:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/15/2015 07:59:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/14/2015 07:43:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/14/2015 07:10:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 55078
Error: (07/14/2015 07:10:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 55078
Error: (07/14/2015 07:10:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (07/16/2015 10:45:32 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (07/16/2015 09:56:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SSPORT service failed to start due to the following error:
%%2
Error: (07/16/2015 09:56:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error:
%%2
Error: (07/15/2015 02:53:27 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (07/15/2015 01:57:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SSPORT service failed to start due to the following error:
%%2
Error: (07/15/2015 01:57:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error:
%%2
Error: (07/15/2015 01:33:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer7 service.
Error: (07/15/2015 07:58:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SSPORT service failed to start due to the following error:
%%2
Error: (07/15/2015 07:58:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error:
%%2
Error: (07/15/2015 07:57:53 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 19:50:57 on 14/07/2015 was unexpected.
Microsoft Office:
=========================
==================== Memory info ===========================
Processor: Intel® Pentium® Dual CPU T2330 @ 1.60GHz
Percentage of memory in use: 77%
Total physical RAM: 1919.27 MB
Available physical RAM: 426.34 MB
Total Virtual: 3838.55 MB
Available Virtual: 758.66 MB
==================== Drives ================================
Drive c: (w7) (Fixed) (Total:29.3 GB) (Free:0.52 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (ants) (Fixed) (Total:43.95 GB) (Free:12.37 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 000DAD2F)
Partition 1: (Not Active) - (Size=1 GB) - (Type=83)
Partition 2: (Active) - (Size=29.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=43.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=37.5 GB) - (Type=05)
==================== End of log ============================
thx for u time.