Hello.My computer is somehow infected by malware but I think its clean already,I just have one concern and need extra opinion.Here's the details:
I reinstalled Internet explorer 11 from Programs and Features in control panel and I also installed Chrome.I tried opening a website I usually open in Firefox that loads advertisement in both IE 11 and chrome.Then I just found out my homepage was changed.So I run rkill.exe and scan my pc using Adwcleaner and TDSSkiller and JRT and all of them remove unnecessary adware.Then I run Superantispyware and Malwarebytes Antimalware and both found tracking cookies and the 2 homepage malware which redirect chrome and IE 11.I delete them and then run Avast antivirus on bootscan mode and it found virus on hiberfil.sys named MBR:Alureon-O[Rtk].I tried deleting it but it wont nor does move it to chest.So i turn off hibernation using elevated command prompt.Then I rescan using Avast on bootscan and it found no virus.Then I renable the hibernation and rescan again using Avast on bootscan mode and it found a virus on hiberfil.sys named Win32:Rimecud[Trj].This time the virus name for hiberfil.sys is different which makes me think its false positive.I rescan using Malwarebytes Antimalware and it doesnt find anymore malware.The browsers homepage return to normal also.I hope to hear any expert opinion if this is false positive or not.This is the FRST log as recommended.
=============================================================
FRST Log
=============================================================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-12-2015
Ran by JV (administrator) on CK12 (10-12-2015 21:45:21)
Running from C:\Users\JV\Desktop
Loaded Profiles: JV (Available Profiles: JV & Guest)
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(Chicony Electronics Co., Ltd.) C:\Program Files\ChiconyCam\CECPLFKT.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\HexChat\hexchat.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Microsoft Corporation) C:\Users\JV\Downloads\Windows-KB890830-V5.31.exe
(Microsoft Corporation) C:\2c1271da504185d8ffca0a6422\mrtstub.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-25] (Avast Software s.r.o.)
HKLM\...\Run: [NSU_agent] => C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [X]
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\Run: [DownloadAccelerator] => "C:\Program Files\DAP\DAP.EXE" /STARTUP
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [634504 2015-06-24] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\Run: [] => [X]
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\Run: [Viber] => C:\Users\JV\AppData\Local\Viber\Viber.exe [51657424 2015-11-09] ()
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6819232 2015-12-02] (SUPERAntiSpyware)
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {00cd985d-f759-11e2-80af-0090f5b2a4a6} - "G:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {10e6f10b-7424-11e1-a247-0090f5a76241} - E:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {10e6f11a-7424-11e1-a247-0090f5a76241} - E:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {1ffbed76-b1e7-11e2-bc07-0090f5a76241} - E:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {1ffc0235-b1e7-11e2-bc07-0090f5a76241} - E:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {464226f4-ae93-11e2-a798-0090f5a76241} - E:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {60434a31-ccbd-11e2-9fc8-0090f5a76241} - G:\Autorun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {60b7afb9-b277-11e2-a4da-0090f5a76241} - E:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {7b9e0f0b-91ac-11e4-8761-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {89d0ae4a-c116-11e2-bf24-0090f5a76241} - E:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {89d0ae52-c116-11e2-bf24-0090f5a76241} - E:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {9d0a7d8b-1c81-11e3-98bc-0090f5b2a4a6} - E:\Autorun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {9d65efa6-b1eb-11e2-bc07-0090f5a76241} - E:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {9d65f2ef-b1eb-11e2-bc07-0090f5a76241} - E:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {b7c4efcf-ce4e-11e2-96db-0090f5a76241} - E:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {e12d7514-c2f6-11e2-b7a9-0090f5a76241} - E:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {e2de45f5-b1fc-11e2-bc07-0090f5a76241} - F:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {ec3f2e0f-ae99-11e2-a798-0090f5a76241} - F:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {ec3f4192-ae99-11e2-a798-0090f5a76241} - E:\AutoRun.exe
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\MountPoints2: {f964ff73-94b3-11e4-af50-0090f5b2a4a6} - E:\AutoRun.exe
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-08] (SuperAdBlocker.com)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-06-25] (Avast Software s.r.o.)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2012-04-16]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.1 192.168.254.1
Tcpip\..\Interfaces\{28EFEA0C-3E6B-41E8-B421-601655388E88}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{7EF0F4CC-F911-4151-AE99-50219EDC6958}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{8212067E-CD09-4F98-828D-E0754EEFE98C}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{854BA6D0-002D-48F3-9B17-6F9C1513CFB0}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{8606FECD-9B49-4F07-AB16-5DBB18B7F58C}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{C12ACE4E-8A69-4007-A822-BB23D8D20B47}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{C12ACE4E-8A69-4007-A822-BB23D8D20B47}: [DhcpNameServer] 192.168.254.1 192.168.254.1
Internet Explorer:
==================
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ph.msn.com/?rd=1&ucc=PH&dcc=PH&opt=0
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-4288802170-422726538-3330711173-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=mkg028
BHO: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-13] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-25] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Encarta Web Companion Helper Object -> {955BE0B8-BC85-4CAF-856E-8E0D8B610560} -> C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL [2006-06-10] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-13] (Oracle Corporation)
Toolbar: HKLM - Encarta Web Companion - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL [2006-06-10] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-4288802170-422726538-3330711173-1000 -> Encarta Web Companion - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL [2006-06-10] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\nrsqjtlc.SosMiVida
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-13] (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll [2013-02-05] (McAfee, Inc.)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4288802170-422726538-3330711173-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\JV\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CCMSDK.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\cgpcfg.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CgpCore.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\confmgr.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctxlogging.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctxmui.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\icafile.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\icalogon.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npicaN.dll [2012-03-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\sslsdk_b.dll [2012-03-19] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\TcpPServ.dll [2012-03-28] (Citrix Systems, Inc.)
FF SearchPlugin: C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\i585k2w0.default\searchplugins\google-avast.xml [2014-12-18]
FF SearchPlugin: C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\fi3vzewu.default-1372242972952\searchplugins\google-avast.xml [2014-12-18]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\nrsqjtlc.SosMiVida\extensions\[email protected] [2015-12-08]
FF Extension: anonymoX - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\i585k2w0.default\Extensions\[email protected] [2014-12-04] [not signed]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\i585k2w0.default\Extensions\[email protected] [2014-12-04] [not signed]
FF Extension: No Name - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\fi3vzewu.default-1372242972952\Extensions\[email protected] [2013-06-26] [not signed]
FF Extension: No Name - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\fi3vzewu.default-1372242972952\Extensions\[email protected] [2013-07-01] [not signed]
FF Extension: HTTPS-Everywhere - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\fi3vzewu.default-1372242972952\Extensions\[email protected] [2013-07-01] [not signed]
FF Extension: Adblock Plus - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\fi3vzewu.default-1372242972952\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-26] [not signed]
FF Extension: BetterPrivacy - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\fi3vzewu.default-1372242972952\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-06-26] [not signed]
FF Extension: anonymoX - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\sr7klcl4.Default User\Extensions\[email protected] [2014-12-20] [not signed]
FF Extension: DownloadHelper - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\sr7klcl4.Default User\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-12-22] [not signed]
FF Extension: DownloadHelper - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\1isjgkdr.Jb\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-01-06] [not signed]
FF Extension: DownloadHelper - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\kdehjshi.Anon\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-01-23] [not signed]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\vg813slu.eliceyoung\Extensions\[email protected] [2015-02-13] [not signed]
FF Extension: No Name - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\vg813slu.eliceyoung\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-02-13] [not signed]
FF Extension: DownloadHelper - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\vg813slu.eliceyoung\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-02-01] [not signed]
FF Extension: No Name - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\vg813slu.eliceyoung\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-02-13] [not signed]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\t3pdit8x.QueLocura\Extensions\[email protected] [2015-03-09] [not signed]
FF Extension: No Name - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\t3pdit8x.QueLocura\Extensions\[email protected] [2015-03-12] [not signed]
FF Extension: Stealthy - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\t3pdit8x.QueLocura\Extensions\[email protected] [2015-02-23] [not signed]
FF Extension: No Name - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\nrsqjtlc.SosMiVida\Extensions\[email protected] [2015-07-16] [not signed]
FF Extension: No Name - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\nrsqjtlc.SosMiVida\Extensions\[email protected] [2015-10-02] [not signed]
FF Extension: FoxyProxy Standard - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\nrsqjtlc.SosMiVida\Extensions\[email protected] [2015-09-23]
FF Extension: No Name - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\nrsqjtlc.SosMiVida\Extensions\[email protected] [2015-10-18] [not signed]
FF Extension: Video DownloadHelper - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\nrsqjtlc.SosMiVida\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-31]
FF Extension: Adblock Plus - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\nrsqjtlc.SosMiVida\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-28]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\r0awm7rs.Default User\Extensions\[email protected] [2015-12-01]
FF Extension: No Name - C:\Users\JV\AppData\Roaming\Mozilla\Firefox\Profiles\r0awm7rs.Default User\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-12-01] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DAP\daplinkchecker => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-25] [not signed]
FF HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files\DAP\DAPFireFox => not found
Chrome:
=======
CHR Profile: C:\Users\JV\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\JV\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-03]
CHR Extension: (Google Docs) - C:\Users\JV\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-03]
CHR Extension: (Google Drive) - C:\Users\JV\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-03]
CHR Extension: (YouTube) - C:\Users\JV\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-03]
CHR Extension: (Google Search) - C:\Users\JV\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-03]
CHR Extension: (Google Sheets) - C:\Users\JV\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-03]
CHR Extension: (Google Docs Offline) - C:\Users\JV\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-03]
CHR Extension: (Avast Online Security) - C:\Users\JV\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-03]
CHR Extension: (Video DownloadHelper) - C:\Users\JV\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2015-12-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JV\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-03]
CHR Extension: (Gmail) - C:\Users\JV\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-03]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-13]
=============================================================
Addition.txt
=============================================================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:09-12-2015
Ran by JV (2015-12-10 21:38:09)
Running from C:\Users\JV\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) (2012-03-20 15:50:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4288802170-422726538-3330711173-500 - Administrator - Disabled)
Guest (S-1-5-21-4288802170-422726538-3330711173-501 - Limited - Enabled) => C:\Users\Guest
JV (S-1-5-21-4288802170-422726538-3330711173-1000 - Administrator - Enabled) => C:\Users\JV
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Any Video Converter Ultimate 4.6.1 (HKLM\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Assessment and Deployment Kit (HKLM\...\{fc46d1b2-9557-4c1f-baac-04af4d2db7e4}) (Version: 8.59.25584 - Microsoft Corporation)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version: - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.1.4 - Belkin International, Inc.)
BisonCam (HKLM\...\{4BB1DCED-84D3-47F9-B718-5947E904593E}) (Version: 6.96.2728.07.1 - BisonCam)
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.9.17.9138 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{4FCF716C-CEB4-499D-AFB8-A5375105EC2A}) (Version: 0.9.17.9138 - BlueStack Systems, Inc.)
calibre (HKLM\...\{98B88424-054D-4866-8EC1-513616801BAE}) (Version: 1.1.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Cheat Engine 6.3 (HKLM\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
ChiconyCam (HKLM\...\{A2201542-DA80-457F-8BD9-6C9C90196481}) (Version: 1.0.28.111 - Chicony Electronics Co.,Ltd.)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix online plug-in - web (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 12.3.0.8 - Citrix Systems, Inc.)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CyberLink PowerDVD 10 (HKLM\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1705 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Deluge 1.3.6 (HKLM\...\Deluge) (Version: - )
DivX Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Download Accelerator Plus (DAP) (HKLM\...\Download Accelerator Plus (DAP)) (Version: 10060 (Build 2599) - Speedbit Ltd.)
Dream Chronicles The Chosen Child Powerd by Lay-by.org (HKLM\...\Dream Chronicles The Chosen Child Powerd by Lay-by.org) (Version: - )
DVD X Player Professional V3.0 (HKLM\...\DVD X Player Professional 3.0_is1) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Flasher version 3.12.1 (HKLM\...\NokiaFlasher_is1) (Version: 3.12.1 - Nokia)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.0.6.722 - Foxit Corporation)
Fraps (HKLM\...\Fraps) (Version: - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GlassFish Server Open Source Edition 4.1 (HKLM\...\nbi-glassfish-mod-4.1.0.13.0) (Version: - )
Globe Tattoo Broadband (HKLM\...\Globe Tattoo Broadband) (Version: 23.009.09.01.158 - Huawei Technologies Co.,Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
GTK2-Runtime (HKLM\...\GTK2-Runtime) (Version: 2.16.6-2010-05-12-ash - Alexander Shaduri)
HandBrake 0.10.2 (HKLM\...\HandBrake) (Version: 0.10.2 - )
HeRO Mini version 1.1 (HKLM\...\{3942218E-B7AA-4D8E-BC3B-0573FF8A36BD}_is1) (Version: 1.1 - HeRO Server.net)
HexChat (HKLM\...\HexChat_is1) (Version: 2.10.2 - HexChat)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
inSSIDer 3 (HKLM\...\{CDF246AE-C6E3-438F-AA76-21700DCC15F6}) (Version: 3.0.6.42 - MetaGeek, LLC)
Intel Driver Update Utility (HKLM\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JMicron Ethernet Adapter NDIS Driver (HKLM\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.14.11 - JMicron Technology Corp.)
Kits Configuration Installer (Version: 8.59.25584 - Microsoft) Hidden
LightScribe 1.4.124.1 (Version: 1.4.124.1 - hxxp://www.lightscribe.com) Hidden
LinuxLive USB Creator (HKLM\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
LiveUSB Creator (remove only) (HKLM\...\LiveUSB Creator) (Version: - )
Magic ISO Maker v5.4 (build 0256) (HKLM\...\Magic ISO Maker v5.4 (build 0256)) (Version: - )
Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
MediaInfo 0.7.72 (HKLM\...\MediaInfo) (Version: 0.7.72 - MediaArea.net)
Metric Collection SDK (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Student with Encarta Premium 2007 (HKLM\...\{07041881-E9B4-4DF6-A845-CAAFD093E477}) (Version: 2007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
mIRC (HKLM\...\mIRC) (Version: 6.35 - mIRC Co. Ltd.)
Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.22.00.158 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 42.0 (x86 en-US) (HKLM\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{874AF83E-1BF6-4F2B-9086-BF62BDAE1033}) (Version: 7.02.5608 - Nero AG)
NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
NirSoft VideoCacheView (HKLM\...\NirSoft VideoCacheView) (Version: - )
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Software Updater (HKLM\...\{7130468A-F53F-4698-8C09-A339EA3B05E6}) (Version: 3.0.655 - Nokia Corporation)
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (Version: 3.8.54.0 - Nokia) Hidden
Opera Stable 34.0.2036.25 (HKLM\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software)
Oracle VM VirtualBox 4.3.20 (HKLM\...\{3ACD85F2-BD6D-44FE-8CAE-5C1C3757ED7E}) (Version: 4.3.20 - Oracle Corporation)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5875) (Version: - )
Photomatix Pro version 4.2.7 (HKLM\...\PhotomatixPro42x32_is1) (Version: 4.2.7 - HDRsoft Ltd)
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
Python 2.6 python-libtorrent-0.15.0 (HKLM\...\{80288C53-0091-47AE-8361-69E0170A72EE}) (Version: 0.15.0 - Arvid Norberg)
Python python-libtorrent-0.16.10 (HKLM\...\{2107E270-83E8-4E3E-A1C8-B78B308F663E}) (Version: 0.16.10 - Arvid Norberg)
REACHit (HKLM\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.000.12 - Lenovo)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0180 - REALTEK Semiconductor Corp.)
Return To Krondor (HKLM\...\Return To Krondor_is1) (Version: - GOG.com)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 4.20 (32-bit) (HKLM\...\Sandboxie) (Version: 4.20 - Sandboxie Holdings, LLC)
SMART BRO (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Subtitle Edit 3.4.6 (HKLM\...\SubtitleEdit_is1) (Version: 3.4.6.544 - Nikse)
Sun Broadband Hotspot (HKLM\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1210 - SUPERAntiSpyware.com)
System Requirements Lab (HKLM\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
Tattoo (HKLM\...\Tattoo) (Version: 1.09.00.158 - Huawei Technologies Co.,Ltd)
Toolkit Documentation (Version: 8.59.25584 - Microsoft) Hidden
Total Video Converter 3.71 100812 (HKLM\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Viber (HKU\S-1-5-21-4288802170-422726538-3330711173-1000\...\{7de2db6a-6f4b-4b45-82b9-57d5d7f1c952}) (Version: 5.4.0.1664 - Viber Media Inc.)
Viber (Version: 5.4.0.1664 - Viber Media Inc.) Hidden
Video Mover (HKLM\...\Video Mover_is1) (Version: - )
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WD SmartWare (HKLM\...\{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}) (Version: 1.2.0.8 - Western Digital)
Windows Assessment and Deployment Kit for Windows 8.1 (HKLM\...\{e9e06304-a604-434b-b35f-d9beb94dc06d}) (Version: 8.100.26866 - Microsoft Corporation)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows PE x86 x64 (HKLM\...\{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4288802170-422726538-3330711173-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\JV\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4288802170-422726538-3330711173-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\JV\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4288802170-422726538-3330711173-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\JV\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-4288802170-422726538-3330711173-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\JV\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 10:04 - 2009-06-11 05:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0096714F-B602-4AD7-866E-5457F88D4CA6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-03] (AVAST Software)
Task: {1672768E-1743-4BA5-8B87-512BCBB1B07A} - System32\Tasks\{78EA0D6E-12C0-4911-9420-FB8E517A7C89} => pcalua.exe -a D:\AutoRun\AutoRun.exe -d D:\
Task: {17992D0E-1DF1-4B53-8A22-34E3CDBF3D81} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files\Lenovo\REACHit\webAgent.exe [2015-11-11] (Lenovo)
Task: {2447BC18-2FB0-42B2-93F4-09B0F741DCE8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {27F9D2F5-2911-410E-8E79-CE6FFC2B680D} - System32\Tasks\{699142F1-5243-4597-860D-708E97526D1E} => pcalua.exe -a "C:\Program Files\OPPLUS-EN.EXE" -d "C:\Program Files"
Task: {331C804C-5DBB-4873-92D9-D2E3C08EC34A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {34CEA2E9-2383-4DD4-B7C3-7F6F605CB6F4} - System32\Tasks\{B68CBDB6-A3B1-4451-A16E-53A4EF4A81BD} => pcalua.exe -a D:\OPPLUS-EN.EXE -d D:\
Task: {3DA333AB-2F7F-485E-BEF9-76AEB2BC132E} - System32\Tasks\avastBCLRestartS-1-5-21-4288802170-422726538-3330711173-1000 => Firefox.exe
Task: {4051B077-028F-4655-B899-127C8229EE71} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4288802170-422726538-3330711173-1000UA => C:\Users\JV\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-16] (Facebook Inc.)
Task: {4369C65D-F332-4D2F-B1C7-D801184A0944} - System32\Tasks\Opera scheduled Autoupdate 1449128365 => C:\Program Files\Opera\launcher.exe [2015-12-04] (Opera Software)
Task: {4C382A07-3DAE-4E53-8D04-FF30CF304E96} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-20] (Adobe Systems Incorporated)
Task: {6D61D7F4-E44D-494D-A327-F10E5EC656D7} - System32\Tasks\{64FC0251-32FB-4DA2-A1C7-DB6FF64A4E11} => pcalua.exe -a C:\VC6\vcredist.exe -d C:\VC6
Task: {70CF628C-823C-450F-B297-BA56EB943734} - System32\Tasks\{8E2CEFE5-46B0-4F06-8C7F-7F6CFB3FB2AA} => pcalua.exe -a C:\Users\JV\AppData\Local\Temp\7zSDFD3.tmp\MicroInstallerNative.exe -d C:\Users\JV\AppData\Local\Temp\7zSDFD3.tmp
Task: {826612A8-F6B6-47EF-AD54-16267E0E5890} - System32\Tasks\{5112848E-7B32-4B3C-887A-8E02E26670CA} => C:\Program Files\GOGcom\Return To Krondor\RtK.exe
Task: {8BDA7A56-F49B-432A-93F0-93D1817157CB} - System32\Tasks\{2FCAB470-B028-4B49-920A-9FCD5A29DB0E} => pcalua.exe -a "C:\Program Files\LiveUSB Creator\liveusb-creator.exe" -d "C:\Program Files\LiveUSB Creator"
Task: {9409D851-87BD-47A4-92C3-AEDE2D321651} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files\Lenovo\REACHit\webAgent.exe [2015-11-11] (Lenovo)
Task: {A6E77EF8-173D-49C8-AC5C-7D8918E4D464} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-25] (Avast Software s.r.o.)
Task: {B1CBA65F-A114-4476-956C-CF32DF2F88C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {B6C00253-9870-41B5-95C0-EC7E69E39C4F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4288802170-422726538-3330711173-1000Core => C:\Users\JV\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-16] (Facebook Inc.)
Task: {BB129500-C3C5-4858-9BBD-912B0D4272AA} - System32\Tasks\{456F7CAA-B186-4CB8-BD00-53B4276683B2} => pcalua.exe -a E:\OPPLUS-EN.EXE -d E:\
Task: {CE7E42AF-99F0-4B05-B438-0B8BDACFD611} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {D2B68DB8-13E8-418C-9AE3-D82B6FBEF962} - System32\Tasks\{F6254570-9A46-49BB-B9CC-D0C432639E28} => pcalua.exe -a C:\Users\Keith\Downloads\pecsetup.exe -d C:\Users\Keith\Downloads
Task: {FA4FAB6E-73EC-4925-B0D2-FA37CDE9C5CE} - System32\Tasks\{263E2554-5CE8-4457-9F68-4BD17F9A5154} => pcalua.exe -a C:\Users\JV\Downloads\pecsetup.exe -d C:\Users\JV\Downloads
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4288802170-422726538-3330711173-1000Core.job => C:\Users\JV\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4288802170-422726538-3330711173-1000UA.job => C:\Users\JV\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Public\Desktop\Sun Broadband.lnk -> C:\Program Files\Hotspot\Sun Broadband\LaunchWebUI.exe () -> hxxp://ufi.home <==== ATTENTION
==================== Loaded Modules (Whitelisted) ==============
2015-06-25 02:18 - 2015-06-25 02:18 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-25 02:17 - 2015-06-25 02:17 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-09 15:45 - 2015-12-09 15:45 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15120804\algo.dll
2015-12-10 21:29 - 2015-12-10 21:29 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15121000\algo.dll
2013-05-12 09:34 - 2010-07-29 18:19 - 00234496 _____ () C:\Program Files\Total Video Converter\TVCShellExt.dll
2013-05-10 18:22 - 2011-04-19 16:29 - 00132608 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2015-03-13 02:11 - 2015-03-13 02:11 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-12 19:33 - 2014-11-25 19:09 - 00596480 _____ () C:\Program Files\HexChat\hexchat.exe
2014-12-12 19:33 - 2014-11-22 19:44 - 00021504 _____ () C:\Program Files\HexChat\iconv.dll
2014-12-12 19:33 - 2014-11-22 19:46 - 01164288 _____ () C:\Program Files\HexChat\cairo.dll
2014-12-12 19:33 - 2014-11-22 19:44 - 00562688 _____ () C:\Program Files\HexChat\fontconfig.dll
2014-12-12 19:33 - 2014-11-22 19:44 - 01103360 _____ () C:\Program Files\HexChat\libxml2.dll
2014-12-12 19:33 - 2014-11-22 19:44 - 00590336 _____ () C:\Program Files\HexChat\pixman-1.dll
2014-12-12 19:33 - 2014-11-22 19:44 - 00167936 _____ () C:\Program Files\HexChat\libpng16.dll
2014-12-12 19:33 - 2014-11-22 19:44 - 00068096 _____ () C:\Program Files\HexChat\zlib1.dll
2014-12-12 19:33 - 2014-11-22 19:46 - 00638976 _____ () C:\Program Files\HexChat\harfbuzz.dll
2014-12-12 19:33 - 2014-11-22 19:47 - 00045568 _____ () C:\Program Files\HexChat\lib\gtk-2.0\i686-pc-vs10\engines\libwimp.dll
2014-12-12 19:33 - 2014-11-22 19:46 - 00250368 _____ () C:\Program Files\HexChat\lib\enchant\libenchant_myspell.dll
2014-12-12 19:33 - 2014-11-25 19:09 - 00010752 _____ () C:\Program Files\HexChat\plugins\hcupd.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:BF3D62E7
AlternateDataStreams: C:\Users\Guest\Documents\Shakespeare in Love.avi:TOC.WMV
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35683292.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\62276656.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35683292.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\62276656.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4288802170-422726538-3330711173-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\JV\Pictures\slide_329660_3226554_free_tonemapped.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AffinegyService => 2
MSCONFIG\Services: Belkin Local Backup Service => 2
MSCONFIG\Services: Belkin Network USB Helper => 2
MSCONFIG\Services: BrowserProtect => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: Globe Tattoo Broadband. RunOuc => 2
MSCONFIG\Services: HWDeviceService.exe => 2
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: Mobile Broadband HL Service => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NBService => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: UI Assistant Service => 2
MSCONFIG\Services: WDDMService => 2
MSCONFIG\Services: WDSmartWareBackgroundService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk => C:\Windows\pss\WDDMStatus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDSmartWare.lnk => C:\Windows\pss\WDSmartWare.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^JV^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Andy => C:\Program Files\Andy\HandyAndy.exe
MSCONFIG\startupreg: BDRegion => C:\Program Files\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: CheckNDISPort_df => C:\Program Files\Hotspot\Sun Broadband\CheckNDISPort_df.exe
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: DAP10 => "C:\Program Files\DAP\DAP.EXE" /STARTUP
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DownloadAccelerator => "C:\Program Files\DAP\DAP.EXE" /STARTUP
MSCONFIG\startupreg: Facebook Update => "C:\Users\JV\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: InstaLAN => "C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: Mobile Partner => C:\Program Files\Tattoo\Tattoo
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: tuto4pc_ph_3 => "C:\Program Files\tuto4pc_ph_3\tuto4pc_ph_3.exe"
MSCONFIG\startupreg: UIExec => "C:\Program Files\SMART BRO\UIExec.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A2C36785-4F54-430B-BDDF-CBF63566DA3C}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{CAF92A68-02DA-4E00-809F-A2662276ADDF}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{31BA0E7A-5B8D-4289-8137-A3EDFEBC6B40}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{29C380EB-17DD-4034-A5B4-325731006514}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{011F72B6-0945-4973-9425-2EFEA39C43B2}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{BC866431-7F66-4FDF-A97F-271C79854F7F}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{C6CB9D5E-04B8-4F99-8D56-88B0542AEFF2}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{E99D52E9-D138-4BFD-867F-552449C96D65}] => (Allow) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
FirewallRules: [{5FE2EA27-171E-4359-8370-18C6B717702F}] => (Allow) LPort=19540
FirewallRules: [TCP Query User{7F7AEBE5-C2D1-46E7-83E7-36113D00F5F9}C:\program files\droidpad\droidpad.exe] => (Allow) C:\program files\droidpad\droidpad.exe
FirewallRules: [UDP Query User{F06F025B-CF6B-42BF-A320-23315C1CA38B}C:\program files\droidpad\droidpad.exe] => (Allow) C:\program files\droidpad\droidpad.exe
FirewallRules: [{4F031E1A-BD1B-4535-A6D0-71D370E1D2D5}] => (Allow) C:\Program Files\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{B5DC6213-91F2-4A08-8B78-B964A7AE76E2}] => (Allow) C:\Program Files\CyberLink\PowerDVD10\PowerDVD9.EXE
FirewallRules: [TCP Query User{9076DD80-6C0B-4D01-8C70-3B6072051136}C:\program files\deluge\deluge.exe] => (Allow) C:\program files\deluge\deluge.exe
FirewallRules: [UDP Query User{8D950510-1053-4C9C-AA2B-D9F7E9C17CF1}C:\program files\deluge\deluge.exe] => (Allow) C:\program files\deluge\deluge.exe
FirewallRules: [{87599544-6C53-463B-BB6F-1B5EE54E3E54}] => (Block) C:\program files\deluge\deluge.exe
FirewallRules: [{E062327D-6D42-4894-A80A-E4A4C4A2B4F8}] => (Block) C:\program files\deluge\deluge.exe
FirewallRules: [TCP Query User{659502A6-3819-437D-917F-289F5111BCF6}C:\program files\deluge\deluged.exe] => (Block) C:\program files\deluge\deluged.exe
FirewallRules: [UDP Query User{21F2547D-3EB4-4736-BA19-22F323B079D8}C:\program files\deluge\deluged.exe] => (Block) C:\program files\deluge\deluged.exe
FirewallRules: [TCP Query User{3219103D-15D3-4CF7-862D-8E8C1CB8F0E7}C:\program files\kainy\kainy.exe] => (Allow) C:\program files\kainy\kainy.exe
FirewallRules: [UDP Query User{103CF424-48DC-4461-BF28-A8DF797F4B92}C:\program files\kainy\kainy.exe] => (Allow) C:\program files\kainy\kainy.exe
FirewallRules: [TCP Query User{658D15EB-D259-43CA-A113-A4DC3F6F0BA7}C:\program files\deluge\deluged.exe] => (Allow) C:\program files\deluge\deluged.exe
FirewallRules: [UDP Query User{77A26D6E-914D-4493-B4A8-2B8C162B07F4}C:\program files\deluge\deluged.exe] => (Allow) C:\program files\deluge\deluged.exe
FirewallRules: [{76B0A695-A0BD-49CE-8713-5AAD542D75EC}] => (Allow) C:\Users\JV\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{C22E62F9-1F4A-4847-AC0C-4BA26A11E097}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [UDP Query User{4FDE137F-5F6F-4107-84BD-0825C3F71041}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [{0EECF8F6-51CB-4863-A807-73D01463A443}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{635CD570-3F5E-4CBF-A2A5-A6746ED0AB03}C:\program files\hexchat\hexchat.exe] => (Block) C:\program files\hexchat\hexchat.exe
FirewallRules: [UDP Query User{0FEDDF23-A695-4563-ACD8-114DF8F86F66}C:\program files\hexchat\hexchat.exe] => (Block) C:\program files\hexchat\hexchat.exe
FirewallRules: [{A4234EA0-BB55-4983-B347-A22790F3EE33}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{75DBDAAF-9611-436D-8074-91155187986C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{83AF9D3A-B877-4CFF-A5A7-31FCE4DDC555}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4AED7E9B-3511-4A4C-855C-B6868C6DD47A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{0EB6006D-B60B-412D-8607-327799F911F7}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5514A9C7-E3E9-47C1-A175-CC96B85D74D3}] => (Allow) LPort=2869
FirewallRules: [{AEA5AB46-EE43-4870-BED3-7D4522C4AA03}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{A9F1B304-DBD5-4376-BB90-011D6A99D138}C:\program files\dap\dap.exe] => (Allow) C:\program files\dap\dap.exe
FirewallRules: [UDP Query User{D3506515-E732-4538-98C6-C57ED825241D}C:\program files\dap\dap.exe] => (Allow) C:\program files\dap\dap.exe
FirewallRules: [TCP Query User{EC637348-1613-44A8-B018-76D3EE95A64A}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe
FirewallRules: [UDP Query User{37831E6E-6C17-4BF8-9137-16554ED1A1EE}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe
FirewallRules: [{D131907C-4736-4DE3-988D-104E1D2BFEFD}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{DC609E6C-D67E-4BAF-AEBE-94AF361548C7}] => (Allow) C:\Program Files\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{5F50D24D-A95A-4F57-956E-EE7984F8453B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BA224110-0759-462F-AF11-6CE72E45DAE5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5C31B598-2EB4-465B-9884-B9ADBF6EEB6F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: DroidPad Joystick
Description: DroidPad Joystick
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Digitalsquid
Service: droidpad
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: TSSTcorp CDDVDW TS-L633C ATA Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/10/2015 12:32:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (12/10/2015 06:24:01 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (12/10/2015 05:13:41 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (12/10/2015 05:12:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2015 10:41:31 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (12/09/2015 10:36:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2015 07:42:06 PM) (Source: Google Update) (EventID: 20) (User: CK12)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (12/09/2015 03:08:38 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (12/09/2015 03:06:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2015 01:42:05 PM) (Source: Google Update) (EventID: 20) (User: CK12)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
System errors:
=============
Error: (12/10/2015 03:34:31 PM) (Source: volsnap) (EventID: 35) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.
Error: (12/10/2015 05:20:46 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (12/10/2015 05:13:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064
Error: (12/09/2015 10:42:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Update service terminated with the following error:
%%-2147467243
Error: (12/09/2015 10:41:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064
Error: (12/09/2015 10:36:39 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The BlueStacks Android Service service hung on starting.
Error: (12/09/2015 10:34:41 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:48:17 PM on 12/9/2015 was unexpected.
Error: (12/09/2015 03:14:16 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (12/09/2015 03:08:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064
Error: (12/09/2015 03:06:59 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The BlueStacks Android Service service hung on starting.
CodeIntegrity:
===================================
Date: 2015-11-20 23:58:33.544
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume21\Windows\WinSxS\x86_microsoft-windows-a..cation-creduibroker_31bf3856ad364e35_6.2.8250.0_none_52d3f248b304423d\CredentialUIBroker.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-11-20 23:58:33.509
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume21\Windows\WinSxS\x86_microsoft-windows-a..cation-creduibroker_31bf3856ad364e35_6.2.8250.0_none_52d3f248b304423d\CredentialUIBroker.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-11-20 23:58:33.474
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume21\Windows\WinSxS\x86_microsoft-windows-a..cation-creduibroker_31bf3856ad364e35_6.2.8250.0_none_52d3f248b304423d\CredentialUIBroker.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-11-20 23:58:33.429
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume21\Windows\WinSxS\x86_microsoft-windows-a..cation-creduibroker_31bf3856ad364e35_6.2.8250.0_none_52d3f248b304423d\CredentialUIBroker.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-11-20 23:58:24.623
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume21\Windows\WinSxS\x86_microsoft-windows-advancedtaskmanager_31bf3856ad364e35_6.2.8250.0_none_36ffad4a914b0e0b\TM.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-11-20 23:58:24.560
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume21\Windows\WinSxS\x86_microsoft-windows-advancedtaskmanager_31bf3856ad364e35_6.2.8250.0_none_36ffad4a914b0e0b\TM.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-11-20 23:58:24.482
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume21\Windows\WinSxS\x86_microsoft-windows-advancedtaskmanager_31bf3856ad364e35_6.2.8250.0_none_36ffad4a914b0e0b\TM.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-11-20 23:58:24.404
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume21\Windows\WinSxS\x86_microsoft-windows-advancedtaskmanager_31bf3856ad364e35_6.2.8250.0_none_36ffad4a914b0e0b\TM.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-11-20 23:58:21.284
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume21\Windows\WinSxS\x86_microsoft-windows-appid_31bf3856ad364e35_6.2.8250.0_none_df64e2b657f308cb\appidapi.dll because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-11-20 23:58:21.269
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume21\Windows\WinSxS\x86_microsoft-windows-appid_31bf3856ad364e35_6.2.8250.0_none_df64e2b657f308cb\appidapi.dll because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
==================== Memory info ===========================
Processor: Intel® Core i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 68%
Total physical RAM: 1908.54 MB
Available physical RAM: 601.61 MB
Total Virtual: 3639.24 MB
Available Virtual: 2007.34 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:341.7 GB) (Free:2.17 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:29.3 GB) (Free:0.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 36AC6F0D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=341.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=124 GB) - (Type=05)
==================== End of Addition.txt ============================