Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Very slow computer [Closed]


  • This topic is locked This topic is locked

#1
Kristina

Kristina

    Member

  • Member
  • PipPipPip
  • 319 posts

Hello! My computer has been running very slow the past months. It has a slow startup, slow Internet and it slows down quickly if I multitask. Some months ago I got some virus notifications from Avira, so maybe these played a role in the infection.

 

I have tried several solutions. I cleaned it with Panda Cloud Cleaner, which repaired some problems in regkeys and windows policy files. I ran Malware Bytes, which also cleaned several malware. I also ran Superantispyware, which found lots of stuff, but for some reason blocks and never gets to complete the scan. I tried IOBIT malware fighter, which didn't find malware, but several problems in regkeys and also updated my drivers (I uninstalled IOBIt eventually, as it came with lots of other programs). The computer is as slow now though. 

 

Here are the FRST logs. Thanks gor looking into this!

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-08-2015
Ran by Adina (administrator) on ADINA-PC (11-08-2015 12:47:47)
Running from C:\Users\Adina\Desktop
Loaded Profiles: Adina (Available Profiles: Adina)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CrystalIDEA Software) C:\Program Files (x86)\Uninstall Tool\utool.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3286268403-3730969245-115541542-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3286268403-3730969245-115541542-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitsdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-3286268403-3730969245-115541542-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-26] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-26] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{5B4EFA6D-7621-4D76-8693-0DF6876A99CF}: [DhcpNameServer] 192.168.1.1 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Adina\AppData\Roaming\Mozilla\Firefox\Profiles\dPkUxnrF.default
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing 
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-23] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-26] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] ()
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipediaro.xml [2015-04-05]
FF Extension: Avira Browser Safety - C:\Users\Adina\AppData\Roaming\Mozilla\Firefox\Profiles\dPkUxnrF.default\Extensions\[email protected] [2015-08-08]
FF Extension: Adblock Plus - C:\Users\Adina\AppData\Roaming\Mozilla\Firefox\Profiles\dPkUxnrF.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-18]
 
Chrome: 
=======
CHR Profile: C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-17]
CHR Extension: (Google Docs) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-17]
CHR Extension: (Google Drive) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-17]
CHR Extension: (YouTube) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-17]
CHR Extension: (Google Search) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-17]
CHR Extension: (YoWindow Free Weather) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef [2015-02-20]
CHR Extension: (Google Sheets) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-17]
CHR Extension: (AdBlock) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-04]
CHR Extension: (Google Scholar Button) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2015-04-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-03-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-17]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-02-10]
CHR Extension: (Gmail) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-3286268403-3730969245-115541542-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-3286268403-3730969245-115541542-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
S4 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [818952 2011-12-22] (ABBYY)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-25] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-25] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2014-04-24] (Intel Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-18] (Disc Soft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-24] (Intel Corporation)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2000-01-01] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-11-19] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-11 12:43 - 2015-08-11 12:47 - 00013732 _____ C:\Users\Adina\Desktop\FRST.txt
2015-08-11 12:41 - 2015-08-11 12:41 - 02171392 _____ (Farbar) C:\Users\Adina\Desktop\FRST64.exe
2015-08-09 13:02 - 2015-08-09 13:01 - 45601967 _____ C:\Users\Adina\Desktop\0 Carte simpozion 2015_08.08.2015.rar
2015-08-09 13:01 - 2015-08-09 13:01 - 45601967 _____ C:\Users\Adina\Downloads\0 Carte simpozion 2015_08.08.2015.rar
2015-08-05 17:58 - 2000-01-01 03:00 - 02804952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-08-05 17:50 - 2015-08-05 17:50 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2015-08-05 17:48 - 2015-08-05 18:21 - 00000000 ____D C:\ProgramData\ProductData
2015-08-05 17:47 - 2015-08-05 18:21 - 00000000 ____D C:\Users\Adina\AppData\Roaming\IObit
2015-08-05 17:47 - 2015-08-05 18:21 - 00000000 ____D C:\ProgramData\IObit
2015-08-05 17:47 - 2015-08-05 18:21 - 00000000 ____D C:\Program Files (x86)\IObit
2015-08-05 17:47 - 2015-08-05 17:47 - 00000000 ____D C:\Users\Adina\AppData\Roaming\Apple Computer
2015-08-03 23:32 - 2015-08-05 18:29 - 00008052 _____ C:\Users\Adina\Downloads\hijackthis.log
2015-08-03 23:32 - 2015-08-03 23:33 - 00000000 ____D C:\Users\Adina\Downloads\backups
2015-07-31 12:04 - 2015-08-09 12:35 - 00002402 _____ C:\Windows\PFRO.log
2015-07-31 12:02 - 2015-07-31 12:02 - 00001275 _____ C:\Users\Adina\Desktop\PCloudCleaner.LOG
2015-07-31 11:32 - 2015-07-31 11:32 - 33065176 _____ (Panda Security ) C:\Users\Adina\Downloads\PandaCloudCleaner.exe
2015-07-31 11:32 - 2015-07-31 11:32 - 00001290 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2015-07-31 11:32 - 2015-07-31 11:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2015-07-31 11:31 - 2015-07-31 11:31 - 00039480 _____ C:\Users\Adina\Downloads\qsinstaller.exe
2015-07-31 01:03 - 2015-08-11 11:21 - 00000896 _____ C:\Windows\setupact.log
2015-07-31 01:03 - 2015-07-31 01:03 - 00000000 _____ C:\Windows\setuperr.log
2015-07-29 22:19 - 2015-08-04 22:53 - 00000000 ____D C:\ProgramData\TEMP
2015-07-29 22:19 - 2015-07-29 22:23 - 00000000 ____D C:\Users\Adina\AppData\Roaming\DarkParablesBriarRose_BFG
2015-07-29 22:19 - 2015-07-29 22:19 - 00002598 _____ C:\Users\Adina\Desktop\Dark Parables Curse of Briar Rose Collectors Edition.lnk
2015-07-29 22:18 - 2015-07-29 22:18 - 00000000 ____D C:\Program Files (x86)\Games
2015-07-29 21:39 - 2015-07-29 21:39 - 00020652 _____ C:\Users\Adina\Downloads\[kat.cr]dark.parables.curse.of.briar.rose.ce.new.hog.puzzle.wendy99.torrent
2015-07-29 21:30 - 2015-07-29 23:37 - 00000000 ____D C:\Users\Adina\Documents\My Games
2015-07-29 20:51 - 2015-07-29 20:51 - 00003026 _____ C:\Windows\System32\Tasks\{A56A4BFA-16CD-45C6-87D9-3EA0206EBFAA}
2015-07-29 20:51 - 2015-07-29 20:51 - 00003026 _____ C:\Windows\System32\Tasks\{982E5B6E-A805-43F4-B3B7-C4B030513C09}
2015-07-29 00:11 - 2015-07-29 00:14 - 00000000 ____D C:\Users\Adina\Desktop\concert robbie
2015-07-28 23:57 - 2015-07-29 13:49 - 00000000 ____D C:\Users\Adina\Desktop\diverse
2015-07-28 13:09 - 2015-07-25 21:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 13:09 - 2015-07-25 21:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 13:09 - 2015-07-25 21:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 13:09 - 2015-07-25 21:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 13:09 - 2015-07-25 21:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 13:09 - 2015-07-25 21:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 13:09 - 2015-07-25 21:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 13:09 - 2015-07-25 20:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-25 19:28 - 2015-07-25 19:28 - 00049882 _____ C:\Users\Adina\Downloads\[kat.cr]game.of.thrones.s05.season.5.complete.1080p.hdtv.x264.anoxmous.torrent
2015-07-24 23:07 - 2015-07-24 23:08 - 06609608 _____ (Piriform Ltd) C:\Users\Adina\Downloads\ccsetup508.exe
2015-07-24 15:23 - 2015-07-24 15:52 - 00000000 ___SD C:\Users\Adina\Documents\2. Ruxandra
2015-07-24 15:22 - 2015-07-24 15:22 - 00018432 ___SH C:\Users\Adina\Documents\Thumbs.db
2015-07-23 21:53 - 2015-07-23 21:54 - 00011723 _____ C:\Users\Adina\Downloads\Taylors-Code-2015-Mirrors-MP3-320.torrent
2015-07-21 09:46 - 2015-05-09 21:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-21 06:53 - 2015-07-15 06:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 06:53 - 2015-07-15 06:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 06:53 - 2015-07-15 06:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 06:53 - 2015-07-15 06:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 06:53 - 2015-07-15 05:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 06:53 - 2015-07-15 05:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 06:53 - 2015-07-15 05:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 06:53 - 2015-07-15 05:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 06:53 - 2015-07-15 04:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 06:53 - 2015-07-15 04:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-17 22:08 - 2015-07-17 22:08 - 00000303 _____ C:\Users\Adina\Downloads\Pièce jointe sans titre 00031.htm
2015-07-17 22:02 - 2015-07-17 22:02 - 05786112 _____ C:\Users\Adina\Downloads\La_Vieillesse.pps
2015-07-17 19:46 - 2015-07-17 19:46 - 00680870 _____ C:\Users\Adina\Downloads\Admitere_2009.rar
2015-07-17 19:44 - 2015-07-17 19:44 - 00735080 _____ C:\Users\Adina\Downloads\Admitere_2010.rar
2015-07-17 17:02 - 2015-07-17 17:02 - 00246093 _____ C:\Users\Adina\Downloads\Admitere_2011.rar
2015-07-17 16:59 - 2015-07-17 17:00 - 00237232 _____ C:\Users\Adina\Downloads\Admitere_2012.rar
2015-07-15 19:04 - 2015-07-15 19:04 - 00000000 ____D C:\Users\Adina\AppData\Roaming\Nero
2015-07-15 19:02 - 2015-07-15 19:02 - 00000000 ____D C:\ProgramData\Nero
2015-07-15 14:20 - 2015-07-15 14:20 - 00688408 _____ (Samsung Electronics) C:\Windows\system32\eed_sl.exe
2015-07-15 14:20 - 2015-07-15 14:20 - 00158040 _____ (SS) C:\Windows\system32\ssk4mci.exe
2015-07-15 14:20 - 2015-07-15 14:20 - 00022528 _____ () C:\Windows\system32\ssk4mlm.dll
2015-07-15 04:51 - 2015-07-09 20:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 04:51 - 2015-07-09 20:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 04:51 - 2015-07-09 20:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 04:51 - 2015-07-09 20:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 04:51 - 2015-07-09 20:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 04:51 - 2015-07-09 20:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 04:51 - 2015-07-09 20:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 04:51 - 2015-07-09 20:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 04:51 - 2015-07-09 20:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 04:51 - 2015-07-09 20:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 04:51 - 2015-07-09 20:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 04:51 - 2015-07-09 20:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 04:51 - 2015-07-09 20:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 04:51 - 2015-07-09 20:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 04:51 - 2015-07-09 20:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 04:51 - 2015-07-09 20:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 04:51 - 2015-07-03 00:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 04:51 - 2015-07-03 00:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 04:51 - 2015-07-02 23:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 04:51 - 2015-07-02 23:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 04:51 - 2015-07-02 23:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 04:51 - 2015-07-02 23:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 04:51 - 2015-07-02 23:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 04:51 - 2015-07-02 23:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 04:51 - 2015-07-02 23:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 04:51 - 2015-07-02 22:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 04:51 - 2015-07-02 22:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 04:51 - 2015-07-02 21:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 04:51 - 2015-06-27 05:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 04:51 - 2015-06-27 05:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 04:51 - 2015-06-27 04:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 04:51 - 2015-06-27 04:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 04:51 - 2015-06-25 21:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 04:51 - 2015-06-25 20:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 04:51 - 2015-06-25 11:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 04:51 - 2015-06-20 23:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 04:51 - 2015-06-20 22:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 04:51 - 2015-06-20 22:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 04:51 - 2015-06-20 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 04:51 - 2015-06-20 22:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 04:51 - 2015-06-20 22:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 04:51 - 2015-06-20 22:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 04:51 - 2015-06-20 22:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 04:51 - 2015-06-20 22:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 04:51 - 2015-06-20 22:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 04:51 - 2015-06-20 22:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 04:51 - 2015-06-20 22:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 04:51 - 2015-06-20 22:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 04:51 - 2015-06-20 22:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 04:51 - 2015-06-20 21:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 04:51 - 2015-06-20 21:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 04:51 - 2015-06-20 21:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 04:51 - 2015-06-20 21:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 04:51 - 2015-06-20 21:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 04:51 - 2015-06-19 21:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 04:51 - 2015-06-19 21:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 04:51 - 2015-06-19 21:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 04:51 - 2015-06-19 21:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 04:51 - 2015-06-19 21:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 04:51 - 2015-06-19 21:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 04:51 - 2015-06-19 21:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 04:51 - 2015-06-19 21:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 04:51 - 2015-06-19 21:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 04:51 - 2015-06-19 21:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 04:51 - 2015-06-19 20:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 04:51 - 2015-06-19 20:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 04:51 - 2015-06-19 20:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 04:51 - 2015-06-19 20:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 04:51 - 2015-06-19 20:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 04:51 - 2015-06-19 20:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 04:51 - 2015-06-19 20:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 04:51 - 2015-06-19 20:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 04:51 - 2015-06-19 20:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 04:51 - 2015-06-17 20:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 04:51 - 2015-06-17 20:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 04:51 - 2015-06-09 21:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 04:51 - 2015-06-09 21:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 04:51 - 2015-06-02 03:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 04:51 - 2015-06-02 02:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 04:50 - 2015-07-04 21:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 04:50 - 2015-07-04 20:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 04:50 - 2015-07-01 23:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 04:50 - 2015-07-01 23:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 04:50 - 2015-07-01 23:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 04:50 - 2015-07-01 23:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 04:50 - 2015-07-01 23:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 04:50 - 2015-07-01 23:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 04:50 - 2015-07-01 23:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 04:50 - 2015-07-01 23:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 04:50 - 2015-07-01 23:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 04:50 - 2015-07-01 23:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 04:50 - 2015-07-01 23:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 04:50 - 2015-07-01 23:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 04:50 - 2015-07-01 23:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 04:50 - 2015-07-01 23:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 04:50 - 2015-07-01 23:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 04:50 - 2015-07-01 23:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 04:50 - 2015-07-01 23:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 04:50 - 2015-07-01 23:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 04:50 - 2015-07-01 23:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 04:50 - 2015-07-01 23:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 04:50 - 2015-07-01 23:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 04:50 - 2015-07-01 23:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 04:50 - 2015-07-01 23:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 04:50 - 2015-07-01 23:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 04:50 - 2015-07-01 23:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 04:50 - 2015-07-01 23:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 04:50 - 2015-07-01 23:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 04:50 - 2015-07-01 23:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 04:50 - 2015-07-01 23:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 04:50 - 2015-07-01 23:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 04:50 - 2015-07-01 23:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 04:50 - 2015-07-01 23:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 04:50 - 2015-07-01 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 04:50 - 2015-07-01 23:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 04:50 - 2015-07-01 23:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 04:50 - 2015-07-01 22:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 04:50 - 2015-07-01 22:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 04:50 - 2015-07-01 22:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 04:50 - 2015-06-20 22:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 04:50 - 2015-06-20 22:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 04:50 - 2015-06-20 22:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 04:50 - 2015-06-20 21:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 04:50 - 2015-06-16 00:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 04:50 - 2015-06-16 00:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 04:50 - 2015-06-16 00:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 04:50 - 2015-06-16 00:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 04:50 - 2015-06-16 00:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 04:50 - 2015-06-16 00:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 04:50 - 2015-06-16 00:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 04:50 - 2015-06-16 00:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 04:50 - 2015-06-16 00:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 04:50 - 2015-06-16 00:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 04:50 - 2015-06-16 00:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 04:50 - 2015-06-16 00:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 04:50 - 2015-06-11 20:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-15 04:50 - 2015-06-11 20:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 04:50 - 2015-06-11 20:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 04:50 - 2015-06-11 20:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 04:50 - 2015-06-11 20:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 04:50 - 2015-06-11 20:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 04:50 - 2015-06-11 16:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-15 04:50 - 2015-04-27 22:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 04:50 - 2015-04-27 22:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 04:50 - 2015-04-27 22:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 04:50 - 2015-04-27 22:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 04:50 - 2015-04-27 22:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 04:50 - 2015-04-27 22:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 04:50 - 2015-04-27 22:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 04:50 - 2015-04-27 22:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-11 12:47 - 2014-09-04 18:03 - 00000000 ____D C:\FRST
2015-08-11 12:45 - 2014-11-18 14:58 - 00000000 ____D C:\Users\Adina\AppData\Roaming\uTorrent
2015-08-11 12:29 - 2014-11-17 22:58 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-11 12:18 - 2014-11-17 22:56 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-11 11:43 - 2009-07-14 07:45 - 00035008 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-11 11:43 - 2009-07-14 07:45 - 00035008 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-11 11:27 - 2009-07-14 08:13 - 00787798 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-11 11:25 - 2014-11-18 07:18 - 01680455 _____ C:\Windows\WindowsUpdate.log
2015-08-11 11:21 - 2014-11-27 18:41 - 00458104 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-11 11:21 - 2014-11-17 22:56 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-11 11:21 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-11 01:21 - 2014-11-18 00:58 - 00000000 ____D C:\Users\Adina\AppData\Local\Battle.net
2015-08-10 21:18 - 2015-07-09 23:34 - 00000000 ____D C:\Users\Adina\Desktop\documente sustinere
2015-08-09 12:35 - 2014-11-18 14:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-08 15:00 - 2015-07-04 09:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-05 23:52 - 2014-11-18 00:58 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-05 18:29 - 2014-11-17 21:35 - 00000000 ____D C:\Users\Adina\AppData\Local\VirtualStore
2015-08-05 18:22 - 2014-11-17 21:35 - 00000000 ____D C:\Users\Adina
2015-08-05 18:21 - 2015-04-04 16:37 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-05 18:21 - 2014-11-19 15:46 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-08-05 18:21 - 2014-11-18 20:51 - 00000000 ____D C:\Users\Adina\Desktop\Shortcuts
2015-08-05 18:21 - 2014-11-18 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-05 18:21 - 2014-11-18 19:21 - 00000000 ____D C:\Program Files\CCleaner
2015-08-05 18:21 - 2014-11-18 00:58 - 00000000 ____D C:\Users\Adina\AppData\Roaming\Battle.net
2015-08-05 18:21 - 2014-11-17 23:03 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-05 18:21 - 2014-11-17 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-05 18:21 - 2014-11-17 23:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-05 18:21 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\registration
2015-08-05 18:20 - 2015-05-09 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-08-05 18:20 - 2014-11-19 00:52 - 00000000 __RHD C:\MSOCache
2015-08-05 18:08 - 2014-11-18 07:15 - 00000000 ____D C:\Windows\Panther
2015-07-31 12:01 - 2015-02-10 13:51 - 00000000 ____D C:\Users\Adina\AppData\Roaming\QuickScan
2015-07-31 01:03 - 2015-05-08 23:16 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-07-30 23:17 - 2014-12-07 18:23 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-30 22:56 - 2014-12-07 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-30 22:56 - 2014-12-07 18:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-29 22:51 - 2014-11-18 16:18 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-07-29 00:50 - 2014-11-18 03:06 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-28 16:13 - 2015-07-10 16:39 - 00000000 ___HD C:\$Windows.~BT
2015-07-25 18:41 - 2015-05-27 17:32 - 00000000 ____D C:\Users\Adina\AppData\Roaming\Skype
2015-07-25 05:25 - 2014-11-17 23:02 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-25 05:25 - 2014-11-17 23:02 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-24 17:48 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\spool
2015-07-24 15:35 - 2014-11-28 15:25 - 00000000 ____D C:\Program Files (x86)\MathType
2015-07-17 10:33 - 2015-04-04 16:37 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-17 08:06 - 2015-06-26 14:02 - 00000000 ____D C:\Users\Adina\Desktop\Dacia
2015-07-16 10:31 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 10:03 - 2009-07-14 08:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-07-16 08:19 - 2015-03-08 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-16 08:13 - 2014-11-17 22:56 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 08:13 - 2014-11-17 22:56 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 07:25 - 2015-05-06 20:11 - 00000000 ____D C:\Users\Adina\Desktop\MATEMATICA-COMPLET
2015-07-16 07:12 - 2014-12-10 16:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 01:11 - 2014-11-18 13:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-16 01:05 - 2014-11-17 23:55 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 22:01 - 2015-05-18 02:07 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 22:01 - 2014-11-18 22:07 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
 
==================== Files in the root of some directories =======
 
2014-12-07 15:49 - 2014-12-07 16:25 - 0007608 _____ () C:\Users\Adina\AppData\Local\Resmon.ResmonCfg
2014-11-19 15:47 - 2014-11-19 15:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Adina\AppData\Local\Temp\avgnt.exe
 
 
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\⵲䝎灕⽤㔱〮ㄮ⸰㌴‴倨剅㭓圠卋※久※噁⁅⸸⸳〳㌮㬸嘠䙄㠠ㄮ⸱㌲⸶㠷※楗摮睯⁳‷牐景獥楳湯污※敓癲捩⁥慐正ㄠ※湕瑩摥匠慴整㭳㌠慢㕥㑢〴ㄴ㉥っ㔱攳㜷㍣㈲〲㑥改㜳㠴ㄱ㍡㭦〠〰㄰㤴㤹ⴶ噁佈ⵅ〰〰〰㬱唠㭓䈠䥕䑌ㄠ⸵⸰〱㐮㐳※㬰ㄠ※㬱朠潯汧⁥档潲敭※㬱㤠䌲䘱㔶㕆䌸㐷㝃㠷㙅䙆㈰䔸䔰㠷㌳㑆䉁䙃䘵㬹〠)t萕䈲i耀PDesktop萐䈲e耀3l.dll
C:\Windows\SysWOW64\⵲䝎灕⽤㔱〮ㄮ⸰㌴‴倨剅㭓圠卋※久※噁⁅⸸⸳〳㐮㬰嘠䙄㠠ㄮ⸱㌲⸹㈹※楗摮睯⁳‷牐景獥楳湯污※敓癲捩⁥慐正ㄠ※湕瑩摥匠慴整㭳㌠慢㕥㑢〴ㄴ㉥っ㔱攳㜷㍣㈲〲㑥改㜳㠴ㄱ㍡㭦〠〰㄰㤴㤹ⴶ噁佈ⵅ〰〰〰㬱唠㭓䈠䥕䑌ㄠ⸵⸰〱㐮㐳※㬰ㄠ※㬱朠潯汧⁥档潲敭※㬱㤠䌲䘱㔶㕆䌸㐷㝃㠷㙅䙆㈰䔸䔰㠷㌳㑆䉁䙃䘵㬹〠)t᫸ⷍi耀PDesktop᫥ⷍe耀3l.dll
C:\Windows\SysWOW64\⵲䝎灕⽤㔱〮ㄮ⸰㌴‴倨剅㭓圠卋※久※噁⁅⸸⸳〳㐮㬰嘠䙄㠠ㄮ⸱㌲⸹㈹※楗摮睯⁳‷牐景獥楳湯污※敓癲捩⁥慐正ㄠ※湕瑩摥匠慴整㭳㌠慢㕥㑢〴ㄴ㉥っ㔱攳㜷㍣㈲〲㑥改㜳㠴ㄱ㍡㭦〠〰㄰㤴㤹ⴶ噁佈ⵅ〰〰〰㬱唠㭓䈠䥕䑌ㄠ⸵⸰〱㐮㐳※㬰ㄠ※㬱朠潯汧⁥档潲敭※㬱㤠䌲䘱㔶㕆䌸㐷㝃㠷㙅䙆㈰䔸䔰㠷㌳㑆䉁䙃䘵㬹〠)t秤༏i耀PDesktop秡༏e耀3l.dll
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-03 12:33
 
==================== End of log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-08-2015
Ran by Adina (2015-08-11 12:48:17)
Running from C:\Users\Adina\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Adina (S-1-5-21-3286268403-3730969245-115541542-1000 - Administrator - Enabled) => C:\Users\Adina
Administrator (S-1-5-21-3286268403-3730969245-115541542-500 - Administrator - Disabled)
Guest (S-1-5-21-3286268403-3730969245-115541542-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3286268403-3730969245-115541542-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ABBYY FineReader 11 Corporate Edition (HKLM-x32\...\{F1100000-0010-0000-0000-074957833700}) (Version: 11.0.460 - ABBYY)
ACDSee Pro 6 (HKLM-x32\...\{D40B2C78-30CA-4A8F-A157-C86B491C73AF}) (Version: 6.0.169 - ACD Systems International Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AIMP Packages (HKU\S-1-5-21-3286268403-3730969245-115541542-1000\...\AIMP Packages) (Version:  - ) <==== ATTENTION
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1479, 06.02.2015 - AIMP DevTeam)
AutoCorect 4.1.5 (HKLM-x32\...\AutoCorect stil contemporan_is1) (Version:  - Cosmin Ciupercă & Dan Morlova)
Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1078 - AB Team, d.o.o.)
Canon MP Navigator 3.0 (HKLM-x32\...\MP Navigator 3.0) (Version:  - )
Canon MP460 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP460) (Version:  - )
Catan: Creator's Edition (HKLM-x32\...\Catan: Creator's Edition_is1) (Version: 1.0.0.0 - United Soft Media)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dark Parables Curse of Briar Rose Collectors Edition 1.00 (HKLM-x32\...\Dark Parables Curse of Briar Rose Collectors Edition 1.00) (Version:  - )
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Google Chrome (HKLM-x32\...\{1C09ED77-DA78-3DC4-8721-E7F2257F1166}) (Version: 66.30.49217 - Google, Inc.)
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel® Corporation) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.4.1000 - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
LavasoftTcpService (x32 Version: 2.3.4.2 - Lavasoft) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MathType 6 (HKLM-x32\...\DSMT6) (Version: 6.9 - Design Science, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2003 Proofing Tools (HKLM-x32\...\{901F0409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 ro) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 ro)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
Mp3tag v2.66 (HKLM-x32\...\Mp3tag) (Version: v2.66 - Florian Heidenreich)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.107 - Panda Security)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7266 - Realtek Semiconductor Corp.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.03.77.00(10/24/2013) - Samsung Electronics Co., Ltd.)
Samsung M262x 282x Series (HKLM-x32\...\Samsung M262x 282x Series) (Version: 1.24 (12/18/2013) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42849 - TeamViewer)
Uninstall Tool (HKLM-x32\...\Uninstall Tool_is1) (Version: 2.9.5 - CrystalIdea Software, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3286268403-3730969245-115541542-1000_Classes\CLSID\{A9C3E504-32AB-1470-E638-35D8A871A37C}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
05-08-2015 18:18:44 Restore Operation
05-08-2015 18:26:28 Windows Update
09-08-2015 12:50:52 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 05:34 - 2009-06-11 00:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0FD4F37A-E625-498D-8464-2DE46AB2CAF1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {27421CEB-F20F-4EB2-A32F-4EAFC2C9345F} - System32\Tasks\{A56A4BFA-16CD-45C6-87D9-3EA0206EBFAA} => H:\Jocuri\Sherlock Holmes - Crimes & Punishments\Binaries\Win32\Sherlock.exe
Task: {5D9BE433-BF8D-4E0F-939A-16B2887688D3} - System32\Tasks\{4C9705F2-9C9B-4058-8E16-3DE8937F28F8} => pcalua.exe -a "E:\7. Kituri\Kituri\Office 2003\Ms Office Proofing Tools 2003 SP3\Office 2003 Proofing Tools SP3\PTKSETUP.EXE" -d "E:\7. Kituri\Kituri\Office 2003\Ms Office Proofing Tools 2003 SP3\Office 2003 Proofing Tools SP3"
Task: {6D4E7620-C685-4DED-A3A2-0AE90BFD38AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-17] (Google Inc.)
Task: {81DD47E2-C2A8-4C5B-A5E3-0A6BA71BF67B} - System32\Tasks\{982E5B6E-A805-43F4-B3B7-C4B030513C09} => H:\Jocuri\Sherlock Holmes - Crimes & Punishments\Binaries\Win32\Sherlock.exe
Task: {8AB68211-26A1-4239-A4FF-5644C13FCE84} - System32\Tasks\{BA3553B1-9AC5-4561-8DFD-B0E2DB18A41F} => pcalua.exe -a "C:\Program Files (x86)\Canon\MP Navigator 3.1\Maint.exe" -c /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator 3.1\uninst.ini
Task: {8EFB835C-480B-4914-845E-5A4624D1330A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-17] (Google Inc.)
Task: {8F418F15-B6DF-4E00-A9AD-C21F6D43589E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated)
Task: {B41CA308-31A0-4F60-A9E8-5B63CBB22B0B} - System32\Tasks\{A3FA0511-C406-4F1F-94C4-9B7D4479716B} => pcalua.exe -a C:\Users\Adina\Downloads\CommunicatorMUI.exe -d C:\Users\Adina\Downloads
Task: {C52E1688-C9C5-4FC3-870F-B7C380F4E89D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-07-15 14:20 - 2015-07-15 14:20 - 00022528 _____ () C:\Windows\System32\ssk4mlm.dll
2009-09-01 06:31 - 2009-09-01 06:31 - 00022016 _____ () C:\Windows\System32\ssp2ml6.dll
2015-08-06 11:19 - 2015-07-31 09:46 - 01763144 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll
2015-08-06 11:19 - 2015-07-31 09:46 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll
2014-11-18 00:29 - 2012-05-25 05:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2014-11-18 00:28 - 2012-05-25 05:25 - 00078336 _____ () C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:57B2B96C
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3286268403-3730969245-115541542-1000\...\localhost -> localhost
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3286268403-3730969245-115541542-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adina\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\startupreg: AdAwareTray => "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: EEDSpeedLauncher => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVCpl => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: Web Companion => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{5D94FA77-FA5E-44ED-9657-6D9FDFF1F15D}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{1B35706C-8785-4FA4-BBA3-D4B6B303474F}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{428D8EDD-40D8-4231-9584-5259FC334970}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{B8EFA85C-55B2-4E71-BE9F-62170EB8E43C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F98AAC1A-3DFD-4CC4-BCBD-1840FE279CF2}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{014A7BC6-2553-41E7-9338-F83DBCB01EE9}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{9F87A617-B9FE-4C1F-842A-EACD2D092947}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{C5719F1A-10D0-4CD2-ADD5-353E3246894D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{D948A120-A5F3-4FFD-BC4E-B7F7297216AE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{5C6E0D32-E2AF-49A8-98E0-84DFCE98DBC8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{2F4E7EA2-D8E8-4009-A0FE-8A6923BB5A51}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{638A1625-B836-41ED-911F-77C00B1398D1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{845A4A35-D8E2-45D4-B9E7-596A0A73F146}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{F2645E6F-B4C0-4065-9268-58D45090E4DC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{F4CB0F5D-9A0A-45A5-A568-F08D0D92108D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{616D50CC-1CD1-441C-B805-6680D59B0676}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{D4862A76-C7F9-46E3-9D48-728F05B3E07C}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{F049481C-0CB3-4E79-9F36-5AF7E336AAE0}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{8A5D6C12-E259-4629-A5B7-4ABE8086DF2F}] => (Allow) C:\Users\Adina\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{329416E9-60BA-4764-8BC3-FADBD4077EDD}] => (Allow) C:\Users\Adina\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DCF5F993-B580-4E13-B3D5-1615C0733AD7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6817C6EF-E4CB-4374-8D4D-DFB99300D745}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E75CCAE3-A23C-4492-994E-4428761C5572}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{CA5639EE-0BDF-4CEB-8DA7-76051DC1A27B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{64E781C0-C2D4-4764-ACE5-4BDB8951268A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{07DB7939-D668-4398-ABB1-7AC46ED65227}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B94687AD-4A3A-48C8-9475-AEABE8F10F20}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{188CC085-1D9F-41A8-937C-AE572BF2A120}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{86A8ABE8-8DAC-4685-8045-E1E09EF21678}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{7B3175E9-52EE-444A-A639-A62CBFEE9F01}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4BB9D4ED-2FDD-4EFC-9FC7-45E689FCFA37}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{85113B0A-793E-45F2-8A74-19C599EC354F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A8BC8AD8-9A87-4399-AAE0-447C183358AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4FFD1EC8-F479-40C4-AA56-0F4AB2CB0F77}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2786CF80-AC97-4CE7-8D2B-825D529CF1E4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9521593F-3C03-4620-8A8C-3B1875745D88}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/11/2015 12:45:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: utool.exe, version: 2.9.5.5078, time stamp: 0x4b151fb4
Faulting module name: utool.exe, version: 2.9.5.5078, time stamp: 0x4b151fb4
Exception code: 0xc0000409
Fault offset: 0x0001b237
Faulting process id: 0x414
Faulting application start time: 0xutool.exe0
Faulting application path: utool.exe1
Faulting module path: utool.exe2
Report Id: utool.exe3
 
Error: (08/11/2015 11:30:48 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (08/11/2015 11:21:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/10/2015 09:02:17 PM) (Source: Windows Backup) (EventID: 4100) (User: )
Description: Backup did not complete successfully because a shadow copy could not be created. Free up disk space on the drive that you are backing up by deleting unnecessary files and then try again.
 
Error: (08/10/2015 08:52:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/10/2015 08:38:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/09/2015 01:18:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/09/2015 01:01:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (08/09/2015 12:36:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/08/2015 10:37:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ACDSeeQVPro6.exe, version: 6.0.143.0, time stamp: 0x50598fa4
Faulting module name: ntdll.dll, version: 6.1.7601.18869, time stamp: 0x55636317
Exception code: 0xc0000005
Fault offset: 0x00039e33
Faulting process id: 0x250
Faulting application start time: 0xACDSeeQVPro6.exe0
Faulting application path: ACDSeeQVPro6.exe1
Faulting module path: ACDSeeQVPro6.exe2
Report Id: ACDSeeQVPro6.exe3
 
 
System errors:
=============
Error: (08/11/2015 01:22:12 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (08/10/2015 09:05:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Pro.
 
Error: (08/10/2015 08:51:25 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:47:19 PM on ‎8/‎10/‎2015 was unexpected.
 
Error: (08/09/2015 12:52:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Pro.
 
Error: (08/08/2015 10:49:33 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\System32\DRIVERS\PSKMAD.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (08/08/2015 02:59:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:22:28 PM on ‎8/‎8/‎2015 was unexpected.
 
Error: (08/08/2015 09:08:08 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Pro.
 
Error: (08/07/2015 01:11:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Pro.
 
Error: (08/06/2015 03:20:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Pro.
 
Error: (08/06/2015 01:50:04 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
 
Microsoft Office:
=========================
Error: (03/15/2015 10:00:08 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1051 seconds with 960 seconds of active time.  This session ended with a crash.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3 CPU 540 @ 3.07GHz
Percentage of memory in use: 56%
Total physical RAM: 3383.48 MB
Available physical RAM: 1477.44 MB
Total Virtual: 6765.18 MB
Available Virtual: 3921.13 MB
 
==================== Drives ================================
 
Drive c: (Windows7) (Fixed) (Total:97.56 GB) (Free:18.73 GB) NTFS
Drive d: (Filme) (Fixed) (Total:232.88 GB) (Free:113.24 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (Media) (Fixed) (Total:368.1 GB) (Free:91.86 GB) NTFS
Drive h: (Seagate) (Fixed) (Total:2794.51 GB) (Free:2059.11 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 6B3001B9)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E58DABCD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.
 
==================== End of log ============================

Edited by Kristina, 11 August 2015 - 04:13 AM.

  • 0

Advertisements


#2
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Hi, :)

:welcome:

My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):
  • Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
  • Please do not install any new software while we are working on this system as it may hinder our process.
  • Malware removal is a complicated process and so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
  • Please do not try to fix anything without being ask.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
  • Back up your data. I will not knowingly suggest you any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
  • If you are confused about any instruction, stop and ask. Do not keep on going.
  • Do not repeat the steps if you face any problems.
  • I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
  • Private Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
  • The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.
 
  • Step #1 Uninstall Programs
    I want you to uninstall the following program(s) listed below due to poor reputation we receive about them. To uninstall a program, go to Start > Control Panel > Uninstall a program or Start > Control Panel > Programs and Features. Wait for the list to fill up and double-click on the items I have listed below and follow the on-screen instruction to remove/uninstall them.
    • AIMP Packages

 
  • Step #2 Fix with FRST
    Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
    • Open Notepad.exe. Do not use any other text editor software;
    • Copy and Paste the contents inside the code-box to your Notepad --
      Start
      CreateRestorePoint:
      CloseProcesses:
      EmptyTemp:
      CHR Extension: (Bitdefender QuickScan) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-02-10]
      CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
      CHR HKU\S-1-5-21-3286268403-3730969245-115541542-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - https://clients2.goo...ice/update2/crx
      CHR HKU\S-1-5-21-3286268403-3730969245-115541542-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
      2015-08-05 17:50 - 2015-08-05 17:50 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
      2015-08-05 17:47 - 2015-08-05 18:21 - 00000000 ____D C:\Users\Adina\AppData\Roaming\IObit
      2015-08-05 17:47 - 2015-08-05 18:21 - 00000000 ____D C:\ProgramData\IObit
      2015-08-05 17:47 - 2015-08-05 18:21 - 00000000 ____D C:\Program Files (x86)\IObit
      C:\Users\Adina\AppData\Local\Temp\avgnt.exe
      C:\Windows\SysWOW64\⵲䝎灕⽤㔱〮ㄮ⸰㌴‴倨剅㭓圠卋※久※噁⁅⸸⸳〳㌮㬸嘠䙄㠠ㄮ⸱㌲⸶㠷※楗摮睯⁳‷牐景獥楳湯污※敓癲捩⁥慐正ㄠ※湕瑩摥匠慴整㭳㌠慢㕥㑢〴ㄴ㉥っ㔱攳㜷㍣㈲〲㑥改㜳㠴ㄱ㍡㭦〠〰㄰㤴㤹ⴶ噁佈ⵅ〰〰〰㬱唠㭓䈠䥕䑌ㄠ⸵⸰〱㐮㐳※㬰ㄠ※㬱朠潯汧⁥档潲敭※㬱㤠䌲䘱㔶㕆䌸㐷㝃㠷㙅䙆㈰䔸䔰㠷㌳㑆䉁䙃䘵㬹〠)t萕䈲i耀PDesktop萐䈲e耀3l.dll
      C:\Windows\SysWOW64\⵲䝎灕⽤㔱〮ㄮ⸰㌴‴倨剅㭓圠卋※久※噁⁅⸸⸳〳㐮㬰嘠䙄㠠ㄮ⸱㌲⸹㈹※楗摮睯⁳‷牐景獥楳湯污※敓癲捩⁥慐正ㄠ※湕瑩摥匠慴整㭳㌠慢㕥㑢〴ㄴ㉥っ㔱攳㜷㍣㈲〲㑥改㜳㠴ㄱ㍡㭦〠〰㄰㤴㤹ⴶ噁佈ⵅ〰〰〰㬱唠㭓䈠䥕䑌ㄠ⸵⸰〱㐮㐳※㬰ㄠ※㬱朠潯汧⁥档潲敭※㬱㤠䌲䘱㔶㕆䌸㐷㝃㠷㙅䙆㈰䔸䔰㠷㌳㑆䉁䙃䘵㬹〠)t᫸ⷍi耀PDesktop᫥ⷍe耀3l.dll
      C:\Windows\SysWOW64\⵲䝎灕⽤㔱〮ㄮ⸰㌴‴倨剅㭓圠卋※久※噁⁅⸸⸳〳㐮㬰嘠䙄㠠ㄮ⸱㌲⸹㈹※楗摮睯⁳‷牐景獥楳湯污※敓癲捩⁥慐正ㄠ※湕瑩摥匠慴整㭳㌠慢㕥㑢〴ㄴ㉥っ㔱攳㜷㍣㈲〲㑥改㜳㠴ㄱ㍡㭦〠〰㄰㤴㤹ⴶ噁佈ⵅ〰〰〰㬱唠㭓䈠䥕䑌ㄠ⸵⸰〱㐮㐳※㬰ㄠ※㬱朠潯汧⁥档潲敭※㬱㤠䌲䘱㔶㕆䌸㐷㝃㠷㙅䙆㈰䔸䔰㠷㌳㑆䉁䙃䘵㬹〠)t秤༏i耀PDesktop秡༏e耀3l.dll
      AlternateDataStreams: C:\ProgramData\TEMP:57B2B96C
      CMD: bitsadmin /reset /allusers
      End
    • Click on File > Save as...
      • Inside the File Name box type fixlist.txt;
      • From the Save as type drop down list, choose All Files
    • Save the file to your Desktop;
    • Re-run FRST.exe and click Fix;
      • Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.
    • After the completion, a log will be produced;
    • Copy and Paste the contents of the log in your next reply.
 
  • Required Log(s):
    • FRST Fix Log
Regards,
Valinorum
  • 0

#3
Kristina

Kristina

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 319 posts

Hi and thank you for taking care of this! I uninstalled AIMP3. Here is the new log:

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:12-08-2015
Ran by Adina (2015-08-13 06:17:54) Run:2
Running from C:\Users\Adina\Desktop
Loaded Profiles: Adina (Available Profiles: Adina)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:
CHR Extension: (Bitdefender QuickScan) - C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-02-10]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-3286268403-3730969245-115541542-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-3286268403-3730969245-115541542-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
2015-08-05 17:50 - 2015-08-05 17:50 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2015-08-05 17:47 - 2015-08-05 18:21 - 00000000 ____D C:\Users\Adina\AppData\Roaming\IObit
2015-08-05 17:47 - 2015-08-05 18:21 - 00000000 ____D C:\ProgramData\IObit
2015-08-05 17:47 - 2015-08-05 18:21 - 00000000 ____D C:\Program Files (x86)\IObit
C:\Users\Adina\AppData\Local\Temp\avgnt.exe
C:\Windows\SysWOW64\??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????)t??i?PDesktop??e?3l.dll
C:\Windows\SysWOW64\??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????)t??i?PDesktop??e?3l.dll
C:\Windows\SysWOW64\??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????)t??i?PDesktop??e?3l.dll
AlternateDataStreams: C:\ProgramData\TEMP:57B2B96C
CMD: bitsadmin /reset /allusers
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\Users\Adina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie => moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => key removed successfully
"HKU\S-1-5-21-3286268403-3730969245-115541542-1000\SOFTWARE\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion" => key removed successfully
"HKU\S-1-5-21-3286268403-3730969245-115541542-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => key removed successfully
C:\Windows\Tasks\ImCleanDisabled => moved successfully.
C:\Users\Adina\AppData\Roaming\IObit => moved successfully.
C:\ProgramData\IObit => moved successfully.
C:\Program Files (x86)\IObit => moved successfully.
C:\Users\Adina\AppData\Local\Temp\avgnt.exe => moved successfully.
 
"C:\Windows\SysWOW64\??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????)t??i?PDesktop??e?3l.dll" folder move:
 
Could not move "C:\Windows\SysWOW64\??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????)t??i?PDesktop??e?3l.dll" => Scheduled to move on reboot.
 
 
"C:\Windows\SysWOW64\??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????)t??i?PDesktop??e?3l.dll" folder move:
 
Could not move "C:\Windows\SysWOW64\??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????)t??i?PDesktop??e?3l.dll" => Scheduled to move on reboot.
 
 
"C:\Windows\SysWOW64\??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????)t??i?PDesktop??e?3l.dll" folder move:
 
Could not move "C:\Windows\SysWOW64\??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????)t??i?PDesktop??e?3l.dll" => Scheduled to move on reboot.
 
C:\ProgramData\TEMP => ":57B2B96C" ADS removed successfully.
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {D30F0386-F5F6-469E-98CA-00680056A1E0}.
Unable to cancel {663D9021-8A55-4107-B76F-DFE773BDFF85}.
0 out of 2 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 1.1 GB temporary data Removed.
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-13 06:21:21)<=
 
"C:\Windows\SysWOW64\??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????)t??i?PDesktop??e?3l.dll" => Could not move
"C:\Windows\SysWOW64\??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????)t??i?PDesktop??e?3l.dll" => Could not move
"C:\Windows\SysWOW64\??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????)t??i?PDesktop??e?3l.dll" => Could not move
 
==== End of Fixlog 06:21:21 ====

Edited by Kristina, 12 August 2015 - 09:25 PM.

  • 0

#4
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
  • Step #3 ESET Online Scanner
    Disable your security programs which includes but not limited to anti-virus, anti-malware, anti-spyware et cetera. Peruse this for additional information.
    • Download esetsmartinstaller_enu.exe by clicking here.
    • Right-click on the program and choose Run as administrator.
    • Accept their terms and condition and proceed.
    • Install Add-On/Active X if prompted.
    • From the Computer Scan Setting check the following box --
      • Enable detection for potentially unwanted programs
    • Click on Advanced Setting --
      • Check the box beside Remove Found Threats;
      • Check the box beside Scan archives
      • Check the box beside Scan for potentially unsafe applications
      • Check the box beside Enable Anti-Stealth Technology
    • Click on Start and wait for the virus signature database to update.
    • The online scan will begin automatically and can take several hours.
      • Note: Do not touch either the Mouse or keyboard during the scan. Otherwise it may stall.
    • After the Scan finishes --
      • If no threats were found:
        • Put a checkmark in Uninstall application on close.
        • Close the program and report that nothing was found
      • If threats were found:
        • Open the file located in C:\Program Files\ESET\ESET Online Scanner\log.txt (32-bit) or C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt (64-bit).
        • Copy and Paste contents of the log file in your next reply.
    Note: Enable your security programs afterwards.
 
  • Required Log(s):
    • ESET Scan Log
Regards,
Valinorum
  • 0

#5
Kristina

Kristina

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 319 posts
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=44be2a9e5d4b874aa1d70f2ffe05bfa1
# end=init
# utc_time=2015-08-13 08:19:57
# local_time=2015-08-13 11:19:57 (+0200, GTB Daylight Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25265
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=44be2a9e5d4b874aa1d70f2ffe05bfa1
# end=updated
# utc_time=2015-08-13 08:21:46
# local_time=2015-08-13 11:21:46 (+0200, GTB Daylight Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=44be2a9e5d4b874aa1d70f2ffe05bfa1
# engine=25265
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-08-14 01:58:25
# local_time=2015-08-14 04:58:25 (+0200, GTB Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 81497 191147355 0 0
# scanned=724050
# found=7
# cleaned=7
# scan_time=20198
sh=95515E5CD54F8D3B375FAFB34E53C0C1D2E7C344 ft=1 fh=00a7bfbc17a0357b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Adina\Downloads\ccsetup504.exe"
sh=81144D6C8B14A323FDB72DEB5550ACB342DAE29F ft=1 fh=e7a3434de026ca88 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Adina\Downloads\ccsetup505.exe"
sh=012CB3E628C9FAC1159A4BA01F79C6C905757FF9 ft=1 fh=2ab5bfb1b985039b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Adina\Downloads\ccsetup506.exe"
sh=BCA0BBDC1ECA7D7049B11DFDF06A731B0DEB0330 ft=1 fh=5d043d2b7dcbb6c6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Adina\Downloads\ccsetup507.exe"
sh=AA7AFFCBDAF13C3872F32EACCF3BEFB92FD0FA80 ft=1 fh=02ff89afc7fa57e5 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Adina\Downloads\ccsetup508.exe"
sh=84D768277C467CD43FC3F7B785C5CD7FAFF44130 ft=1 fh=7c03f57dc03b7e3f vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Adina\Downloads\dfsetup219.exe"
sh=9FF42C1E9010423B13227638593A945CEB642F37 ft=1 fh=a5eab053a7baf5f8 vn="a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application (cleaned by deleting - quarantined)" ac=C fn="H:\Windows.old\Windows\Installer\MSI61B2.tmp"

Edited by Kristina, 13 August 2015 - 09:28 PM.

  • 0

#6
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Log looks good. How is your PC?
  • 0

#7
Kristina

Kristina

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 319 posts

Computer is about as slow, it slows down quickly on multitasking.


  • 0

#8
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Perform a Clean Boot and tell me the result.
  • 0

#9
Kristina

Kristina

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 319 posts

The startup is decent, but still the computer slows on multitasking. I'm thinking that the older hardware might also be part of the problem?


  • 0

#10
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts

I'm thinking that the older hardware might also be part of the problem?

I am also inclining to believe so. Try un-installing software you do not use and clean the PC off dusts. Although I see no traces of malware infection, post a fresh FRST scan log for my perusal just to be sure.
  • 0

#11
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP