Hello, this is my first post on this forum, hope I can get some help.
I have AVG antivirus and I get everyday messages about trojan infections ( Trojan Sathurbot, VBCrypt, Trojan Agent, Cryptor etc. ) even if I remove them they keep coming back.
I tried Malwarebytes , seach and destroy , spyhunter but the same result they always keep coming back.
I get a message ( not in the web browser ) to update flash player everyday that seems very strange so i believe it is related with a trojan infection.
Sometimes I also get redirected from Google Chrome to a site called anygator but this seems random.
So if somebody has a solution for me please do not hesitate to reply to my message.
Thank you
Here are the logs :
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by SoundBlaster2 (administrator) on SOUNDBLASTER on 25-03-2015 12:03:39
Running from C:\Users\SoundBlaster2\Downloads
Loaded Profiles: UpdatusUser & SoundBlaster2 (Available profiles: UpdatusUser & SoundBlaster2)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13545032 2013-05-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3710416 2015-02-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe [901632 2015-01-08] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3588957260-3221095627-2875930436-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2649816 2012-12-25] (CyberLink Corp.)
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [1041736 2012-10-16] ()
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\Run: [Gadwin PrintScreen (64-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe [14634656 2014-06-19] (Gadwin Systems)
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\Run: [IVONA Reader] => "D:\Software\IVONA Reader\IVONA Reader.exe.exe" -t -nosplash
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-05-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [201576 2013-05-14] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [0WinSecurityProvider] -> {F76FA5C2-3B6A-451E-8CA5-34C8D0AE0637} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://cool-tvlive.net/terra
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3588957260-3221095627-2875930436-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-3588957260-3221095627-2875930436-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://cool-tvlive.net/terra
SearchScopes: HKU\.DEFAULT -> DefaultScope {9bb2c1cc-4a7d-4cd5-bce9-0ca5f9ff8391} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {9bb2c1cc-4a7d-4cd5-bce9-0ca5f9ff8391} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {9bb2c1cc-4a7d-4cd5-bce9-0ca5f9ff8391} URL =
SearchScopes: HKU\S-1-5-21-3588957260-3221095627-2875930436-1001 -> DefaultScope {9bb2c1cc-4a7d-4cd5-bce9-0ca5f9ff8391} URL =
SearchScopes: HKU\S-1-5-21-3588957260-3221095627-2875930436-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={EC1DEE57-49A1-4013-8C07-8D2097AAFB90}&mid=ecd09b446a1e47d29d2ba5996d86af1d-3489b77b67d54795791cea9fb24f933cec046f4f&lang=en&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2014-09-14 23:30:21&v=18.3.0.879&pid=safeguard&sg=&sap=dsp&q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: WebCGMHlprObj Class -> {56B38F40-4E70-11d4-A076-0080AD86BA2F} -> C:\Windows\SysWow64\cgmopenbho.dll [2005-06-09] (CGM Open Consortium, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-02] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-02] (Oracle Corporation)
BHO-x32: EZ YouTube Video Downloader 1.0 -> {FDBFEA30-EC51-4B8D-B4F0-8CA4F7253C0A} -> C:\Program Files (x86)\EZ YouTube Video Downloader\yvd.dll [2014-01-31] (XtensionPlus)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.3.0.879\AVG SafeGuard toolbar_toolbar.dll [2015-02-25] (AVG Secure Search)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.3.0.879\AVG SafeGuard toolbar_toolbar.dll No File
Toolbar: HKU\S-1-5-21-3588957260-3221095627-2875930436-1002 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-02-25] (AVG Secure Search)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{18BBE6FA-4809-4EF6-B2C2-3DA47FA3A60E}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{4632F52F-B99D-4846-8141-9E099FE4F4E6}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{9966B9C6-BFB2-4E9E-ADC4-9DBD861E9FCC}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{A06625E7-54A1-480E-BE55-F13D58A77E63}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{DB92D200-F11F-4D6D-B505-BD72CABB609F}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll [2015-01-31] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll [2015-01-31] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-06-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3588957260-3221095627-2875930436-1002: @citrixonline.com/appdetectorplugin -> C:\Users\SoundBlaster2\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-02-24] (Citrix Online)
FF Plugin HKU\S-1-5-21-3588957260-3221095627-2875930436-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\SoundBlaster2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-01] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{8167E8F2-A770-4EFB-BA53-8A511051CD9B}] - C:\Program Files (x86)\EZ YouTube Video Downloader\{8167E8F2-A770-4EFB-BA53-8A511051CD9B}
FF Extension: EZ YouTube Video Downloader - C:\Program Files (x86)\EZ YouTube Video Downloader\{8167E8F2-A770-4EFB-BA53-8A511051CD9B} [2014-07-06]
FF HKLM-x32\...\Firefox\Extensions: [{8167E8F2-A770-4EFB-BA53-8A511051CD9B}] - C:\Program Files (x86)\EZ YouTube Video Downloader\{8167E8F2-A770-4EFB-BA53-8A511051CD9B}
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR Profile: C:\Users\SoundBlaster2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\SoundBlaster2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-26]
CHR Extension: (Google Docs) - C:\Users\SoundBlaster2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-07]
CHR Extension: (Google Drive) - C:\Users\SoundBlaster2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-07]
CHR Extension: (YouTube) - C:\Users\SoundBlaster2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-07]
CHR Extension: (Adblock Plus) - C:\Users\SoundBlaster2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-02]
CHR Extension: (Google Search) - C:\Users\SoundBlaster2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-07]
CHR Extension: (Google Sheets) - C:\Users\SoundBlaster2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\SoundBlaster2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Google Wallet) - C:\Users\SoundBlaster2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-06]
CHR Extension: (Gmail) - C:\Users\SoundBlaster2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-07]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3411408 2015-02-19] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [308720 2015-02-19] (AVG Technologies CZ, s.r.o.)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2008-07-18] (Hewlett-Packard) [File not signed]
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [231752 2012-09-25] (NETGEAR)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2008-07-18] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 vToolbarUpdater18.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1802776 2015-02-25] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [270816 2015-02-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-01-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [289248 2015-01-23] (AVG Technologies CZ, s.r.o.)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-02-17] (LogMeIn Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 NPF; C:\Windows\system32\drivers\npf.sys [35344 2014-06-01] (CACE Technologies, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-24] (Microsoft Corporation)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-25 12:03 - 2015-03-25 12:03 - 00030214 _____ () C:\Users\SoundBlaster2\Downloads\FRST.txt
2015-03-25 12:03 - 2015-03-25 12:03 - 00000000 ____D () C:\FRST
2015-03-25 10:43 - 2015-03-25 10:43 - 02095616 _____ (Farbar) C:\Users\SoundBlaster2\Downloads\FRST64.exe
2015-03-25 10:42 - 2015-03-25 10:42 - 00688992 _____ (Swearware) C:\Users\SoundBlaster2\Downloads\dds.scr
2015-03-25 08:46 - 2015-03-25 08:46 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\SoundBlaster2\Downloads\SpyHunter-Installer.exe
2015-03-24 17:13 - 2015-03-24 17:13 - 00080384 _____ () C:\Users\SoundBlaster2\Downloads\10563.xls
2015-03-24 15:55 - 2015-03-24 15:59 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Roaming\BSplayer PRO
2015-03-24 15:55 - 2015-03-24 15:55 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player PRO.lnk
2015-03-24 15:55 - 2015-03-24 15:55 - 00001165 _____ () C:\Users\Public\Desktop\BS.Player PRO.lnk
2015-03-24 15:55 - 2015-03-24 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webteh
2015-03-24 15:55 - 2015-03-24 15:55 - 00000000 ____D () C:\Program Files (x86)\Webteh
2015-03-24 15:54 - 2015-03-24 15:54 - 00057448 _____ () C:\Users\SoundBlaster2\Downloads\Retro.Games.Pack-FL.torrent
2015-03-24 15:52 - 2015-03-24 15:52 - 00026169 _____ () C:\Users\SoundBlaster2\Downloads\BS Player Pro 2.67.1076 - CORE.torrent
2015-03-23 14:39 - 2015-03-23 14:39 - 01457152 _____ () C:\Users\SoundBlaster2\Downloads\La PRO et le gros PÉNIS.pps
2015-03-23 11:35 - 2015-03-23 11:35 - 00016454 _____ () C:\Users\SoundBlaster2\Downloads\EBC909927DF141BBB334FE4ED798C9273BC673C5.torrent
2015-03-23 08:26 - 2015-03-25 08:31 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Local\usas
2015-03-19 14:16 - 2015-03-19 14:16 - 00080384 _____ () C:\Users\SoundBlaster2\Downloads\10714.xls
2015-03-18 08:08 - 2015-03-18 08:08 - 00144896 _____ () C:\Users\SoundBlaster2\Desktop\price offer.xls
2015-03-17 08:27 - 2015-03-17 08:27 - 00094582 _____ () C:\Users\SoundBlaster2\Downloads\quote-template.xlsx
2015-03-13 23:30 - 2015-03-13 23:45 - 00000000 _____ () C:\WINDOWS\SysWOW64\杴条
2015-03-11 15:16 - 2015-03-11 15:16 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2015-03-05 23:54 - 2015-03-05 23:54 - 00043975 _____ () C:\Users\SoundBlaster2\Downloads\4-months-3-weeks-and-2-days-2007-720p-bluray-dts-x264-ea-(Z2)-davd4m.zip
2015-03-05 23:52 - 2015-03-05 23:52 - 00033682 _____ () C:\Users\SoundBlaster2\Downloads\4.Luni.3.Saptamani.Si.2.Zile.2007.Z2.zip
2015-03-05 20:33 - 2015-03-05 20:33 - 00014835 _____ () C:\Users\SoundBlaster2\Downloads\[kickass.to]4.luni.3.saptamani.si.2.zile.dvdrip.aac.ro.torrent
2015-03-05 14:37 - 2015-03-05 14:50 - 99819841 _____ () C:\Users\SoundBlaster2\Downloads\GR_Pickup_Truck_Mock-Up (1).rar
2015-03-05 11:54 - 2015-03-05 11:54 - 00000007 _____ () C:\Users\SoundBlaster2\Downloads\GR_Pickup_Truck_Mock-Up.rar
2015-03-05 11:40 - 2015-03-05 11:40 - 00000000 ____D () C:\Program Files (x86)\IVONA
2015-03-05 11:37 - 2015-03-05 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVONA
2015-03-05 11:37 - 2015-03-05 11:38 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Roaming\IVONA Reader
2015-03-05 11:37 - 2015-03-05 11:37 - 00000797 _____ () C:\Users\Public\Desktop\IVONA Reader.lnk
2015-03-05 11:37 - 2015-03-05 11:37 - 00000000 ___RD () C:\Users\SoundBlaster2\Documents\IVONA Reader Podcasts
2015-03-04 17:38 - 2015-03-05 08:31 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Roaming\WinCL
2015-03-04 16:30 - 2015-03-04 16:30 - 00229376 _____ () C:\Users\SoundBlaster2\AppData\Roaming\Read Me Info.txt
2015-03-02 14:51 - 2015-03-02 14:51 - 00000913 _____ () C:\Users\SoundBlaster2\Desktop\µTorrent.lnk
2015-03-02 14:51 - 2015-03-02 14:51 - 00000893 _____ () C:\Users\SoundBlaster2\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-03-02 11:40 - 2015-03-25 08:30 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-02 11:40 - 2015-03-02 11:40 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\SoundBlaster2\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-02 11:40 - 2015-03-02 11:40 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-02 11:40 - 2015-03-02 11:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-02 11:40 - 2015-03-02 11:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-02 11:40 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-02 11:40 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-02 11:40 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-02 11:39 - 2015-03-02 11:39 - 00939355 _____ (company ) C:\Users\SoundBlaster2\Downloads\Malwarebytes Anti-Malware Premium 2.0.2.1012.exe
2015-03-02 10:17 - 2015-03-02 10:17 - 00000000 ____D () C:\ProgramData\Emsisoft
2015-03-01 19:26 - 2015-03-01 19:26 - 00022802 _____ () C:\Users\SoundBlaster2\Downloads\VA-Pro Fm 90s Hits-PLeY.torrent
2015-03-01 19:23 - 2015-03-01 19:48 - 170674216 _____ (Emsisoft Ltd. ) C:\Users\SoundBlaster2\Downloads\EmsisoftAntiMalwareSetup.exe
2015-02-28 16:40 - 2015-03-25 09:16 - 00014728 _____ () C:\WINDOWS\PFRO.log
2015-02-27 09:14 - 2015-02-27 09:14 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\SoundBlaster2\Downloads\tdsskiller.exe
2015-02-27 08:21 - 2015-03-18 01:27 - 00002190 _____ () C:\WINDOWS\setupact.log
2015-02-27 08:21 - 2015-02-27 08:21 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-26 17:10 - 2015-02-26 17:10 - 00066048 _____ () C:\Users\SoundBlaster2\Downloads\MESSAGER à la Chapelle en Serval (1).xls
2015-02-26 17:02 - 2015-02-23 20:04 - 00001506 __RSH () C:\WINDOWS\system32\Drivers\etc\hosts.20150226-170219.backup
2015-02-26 17:01 - 2015-02-23 20:04 - 00001506 __RSH () C:\WINDOWS\system32\Drivers\etc\hosts.20150226-170151.backup
2015-02-26 16:46 - 2015-02-26 16:46 - 01402880 _____ () C:\Users\SoundBlaster2\Downloads\hijackthis_hijackthis_2.0.4_anglais_17891 (1).msi
2015-02-26 08:19 - 2015-02-26 08:19 - 00003043 _____ () C:\Users\SoundBlaster2\Desktop\HiJackThis.lnk
2015-02-26 08:19 - 2015-02-26 08:19 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2015-02-26 08:19 - 2015-02-26 08:19 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2015-02-26 08:18 - 2015-02-26 08:18 - 01402880 _____ () C:\Users\SoundBlaster2\Downloads\hijackthis_hijackthis_2.0.4_anglais_17891.msi
2015-02-26 08:04 - 2015-03-02 10:52 - 00002279 _____ () C:\Users\SoundBlaster2\Desktop\Google Chrome.lnk
2015-02-26 08:02 - 2015-02-26 08:02 - 00000270 _____ () C:\WINDOWS\Sounds.h
2015-02-26 07:49 - 2015-02-26 07:53 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-25 22:57 - 2015-02-25 22:57 - 00504112 _____ () C:\Users\SoundBlaster2\Downloads\cacaoweb.exe
2015-02-25 14:47 - 2015-02-25 14:47 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Local\Avg2014
2015-02-25 14:45 - 2015-02-25 14:45 - 00000000 ____D () C:\ProgramData\Avg_Update_0215tb
2015-02-25 10:09 - 2015-02-25 11:17 - 505544808 _____ () C:\Users\SoundBlaster2\Downloads\GR_Truck_Mock_Up.rar
2015-02-24 16:21 - 2015-02-24 16:21 - 00015682 _____ () C:\Users\SoundBlaster2\Downloads\VIR 26 K€.tif
2015-02-24 15:05 - 2015-02-24 15:05 - 00020314 _____ () C:\Users\SoundBlaster2\Downloads\IVONA Reader + IVONA Text to Speech MULTILANG - FiLELiST.torrent
2015-02-24 14:34 - 2015-02-24 14:34 - 00066048 _____ () C:\Users\SoundBlaster2\Downloads\MESSAGER à la Chapelle en Serval.xls
2015-02-24 14:09 - 2015-02-24 14:09 - 00000000 ____D () C:\Program Files (x86)\Citrix
2015-02-24 14:08 - 2015-03-02 14:49 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Local\Citrix
2015-02-24 11:54 - 2015-02-24 11:55 - 04823833 _____ () C:\Users\SoundBlaster2\Downloads\GR_ModernArt_2_Photoshop_Action.rar
2015-02-23 16:54 - 2015-02-23 16:54 - 01657316 _____ () C:\Users\SoundBlaster2\Downloads\GR_Oil_Painting_Effect_Vol.03.rar
2015-02-23 16:05 - 2015-02-23 16:06 - 09315513 _____ () C:\Users\SoundBlaster2\Downloads\GR_25_HDR_Photo_FX_V.3_-_Photoshop_Action.rar
2015-02-23 14:40 - 2015-02-23 14:40 - 01368899 _____ () C:\Users\SoundBlaster2\Downloads\GR_Photo_Pop-Out_Creator.rar
2015-02-23 10:35 - 2015-02-23 10:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebExtractor360
2015-02-23 10:35 - 2015-02-23 10:35 - 00000000 ____D () C:\Program Files (x86)\WebExtractor360
2015-02-23 10:34 - 2015-02-23 10:34 - 00243875 _____ () C:\Users\SoundBlaster2\Downloads\WebExtractor360.zip
2015-02-23 09:36 - 2015-03-13 08:39 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Local\Idvsoft
2015-02-23 09:35 - 2015-03-25 09:16 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Local\Idcssoft
2015-02-23 09:33 - 2015-02-23 09:33 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Roaming\northworks.biz
2015-02-23 09:33 - 2015-02-23 09:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ECrawl Shareware
2015-02-23 09:33 - 2000-12-05 22:00 - 00209608 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX
2015-02-23 09:30 - 2015-02-23 09:32 - 01632679 _____ () C:\Users\SoundBlaster2\Downloads\ECrawl.v2.60.rar
2015-02-23 09:24 - 2015-02-23 09:25 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Roaming\Local Store
2015-02-23 09:21 - 2015-02-23 09:48 - 186845261 _____ () C:\Users\SoundBlaster2\Downloads\GR_Retro_Vintage_Text_Effects_10330477.rar
2015-02-23 09:20 - 2015-02-23 09:20 - 00015873 _____ () C:\Users\SoundBlaster2\Downloads\Super Email Extractor (1).torrent
2015-02-23 09:18 - 2015-02-23 09:18 - 00015879 _____ () C:\Users\SoundBlaster2\Downloads\Super Email Extractor.torrent
2015-02-23 08:39 - 2015-02-23 08:39 - 00015865 _____ () C:\Users\SoundBlaster2\Downloads\Atomic Email Hunter (1).torrent
2015-02-23 08:37 - 2015-02-23 08:37 - 00015865 _____ () C:\Users\SoundBlaster2\Downloads\Atomic Email Hunter.torrent
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-25 12:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-25 12:00 - 2013-08-20 13:40 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1
2015-03-25 12:00 - 2013-08-20 13:40 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2
2015-03-25 11:59 - 2015-01-22 16:45 - 02004897 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-25 11:30 - 2013-11-07 01:55 - 00001102 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-25 09:17 - 2013-11-06 20:04 - 00000073 _____ () C:\Users\SoundBlaster2\AppData\Roaming\sp_data.sys
2015-03-25 09:16 - 2013-11-07 01:55 - 00001098 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-25 09:16 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-25 09:16 - 2013-08-20 13:27 - 00000868 _____ () C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-03-25 09:15 - 2013-11-07 02:02 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Roaming\uTorrent
2015-03-25 09:15 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\security
2015-03-25 08:45 - 2014-09-26 17:49 - 00000761 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.txt
2015-03-25 08:27 - 2014-09-04 08:18 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-25 08:19 - 2013-12-31 15:28 - 00003974 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1461E547-98FC-4A90-8DE7-508550600DD5}
2015-03-24 17:46 - 2013-11-06 20:29 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3588957260-3221095627-2875930436-1002
2015-03-24 16:31 - 2013-11-08 09:56 - 05175296 ___SH () C:\Users\SoundBlaster2\Downloads\Thumbs.db
2015-03-24 11:24 - 2013-11-07 16:36 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Roaming\ObviousIdea
2015-03-24 10:53 - 2013-11-26 16:56 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Roaming\EurekaLog
2015-03-23 17:57 - 2013-08-20 13:27 - 00000870 _____ () C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-03-22 02:39 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-03-20 12:36 - 2014-08-25 16:49 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Roaming\Adobe
2015-03-19 14:08 - 2013-11-07 03:44 - 06126080 ___SH () C:\Users\SoundBlaster2\Desktop\Thumbs.db
2015-03-19 13:49 - 2013-11-07 17:09 - 00000000 ____D () C:\Users\SoundBlaster2\Desktop\Andrei
2015-03-17 15:44 - 2013-11-07 19:42 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Local\Microsoft Help
2015-03-13 10:05 - 2014-09-24 17:21 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-11 15:15 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-11 09:05 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-11 08:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Resources
2015-03-06 15:44 - 2014-09-14 22:30 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2015-03-06 10:16 - 2013-12-21 08:48 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Roaming\vlc
2015-03-06 08:40 - 2014-09-14 22:30 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2015-03-05 09:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-04 19:03 - 2014-08-26 08:11 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Local\Adobe
2015-03-04 18:59 - 2014-10-21 09:19 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-03 09:35 - 2013-12-19 08:51 - 00000000 ____D () C:\Users\SoundBlaster2\Desktop\Photowork
2015-03-02 14:51 - 2014-01-09 19:08 - 00000000 ____D () C:\Program Files\ESET
2015-03-02 14:49 - 2014-07-06 16:18 - 00000000 ____D () C:\Users\SoundBlaster2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Westwood
2015-03-02 14:49 - 2014-07-06 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood
2015-03-02 14:48 - 2013-08-20 13:38 - 00000000 ____D () C:\Program Files\ASUS
2015-03-02 14:15 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-03-02 10:41 - 2014-07-17 12:48 - 01525193 _____ () C:\ProgramData\yvd_firefox_se.exe
2015-03-01 19:22 - 2014-07-17 12:48 - 02032503 _____ () C:\ProgramData\yvd_chrome_se.exe
2015-02-28 16:41 - 2014-07-17 12:48 - 00837543 _____ () C:\ProgramData\yvd_ie_se.exe
2015-02-28 16:39 - 2014-10-25 03:13 - 00000000 ____D () C:\Users\SoundBlaster2
2015-02-26 17:01 - 2014-07-31 18:34 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-26 09:56 - 2014-11-24 13:41 - 00000983 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-02-26 09:56 - 2014-09-04 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-02-25 14:46 - 2014-11-28 09:41 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
==================== Files in the root of some directories =======
2014-02-26 12:02 - 2014-02-26 14:02 - 0006830 _____ () C:\Users\SoundBlaster2\AppData\Roaming\Comma Separated Values (Windows).EML
2014-01-29 10:33 - 2014-01-29 10:33 - 0000021 _____ () C:\Users\SoundBlaster2\AppData\Roaming\my_intel.sys
2015-03-04 16:30 - 2015-03-04 16:30 - 0229376 _____ () C:\Users\SoundBlaster2\AppData\Roaming\Read Me Info.txt
2013-11-06 20:04 - 2015-03-25 09:17 - 0000073 _____ () C:\Users\SoundBlaster2\AppData\Roaming\sp_data.sys
2015-01-29 17:21 - 2015-01-29 17:21 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2014-07-17 12:48 - 2014-12-27 18:51 - 0761485 _____ () C:\ProgramData\ChromeTabExtension.crx
2013-04-26 00:15 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-04-26 00:15 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-04-26 00:15 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2014-07-07 12:40 - 2014-07-31 18:22 - 2212978 _____ () C:\ProgramData\Setup_EZ_YouTube_Video_Downloader_v1.2.0.exe
2014-08-16 15:14 - 2014-09-02 00:37 - 2214299 _____ () C:\ProgramData\Setup_EZ_YouTube_Video_Downloader_v1.2.1.exe
2014-09-06 10:36 - 2014-09-06 10:36 - 2465619 _____ () C:\ProgramData\Setup_EZ_YouTube_Video_Downloader_v1.2.3.exe
2014-09-10 05:45 - 2014-09-10 05:46 - 2465301 _____ () C:\ProgramData\Setup_EZ_YouTube_Video_Downloader_v1.2.4.exe
2014-09-13 10:08 - 2014-09-22 21:17 - 2465411 _____ () C:\ProgramData\Setup_EZ_YouTube_Video_Downloader_v1.2.5.exe
2014-07-17 12:48 - 2015-03-01 19:22 - 2032503 _____ () C:\ProgramData\yvd_chrome_se.exe
2014-07-17 12:48 - 2015-03-02 10:41 - 1525193 _____ () C:\ProgramData\yvd_firefox_se.exe
2014-07-17 12:48 - 2015-02-28 16:41 - 0837543 _____ () C:\ProgramData\yvd_ie_se.exe
2013-11-07 01:08 - 2013-11-07 01:11 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2013-11-07 01:07 - 2013-11-07 01:08 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\ProgramData\Setup_EZ_YouTube_Video_Downloader_v1.2.0.exe
C:\ProgramData\Setup_EZ_YouTube_Video_Downloader_v1.2.1.exe
C:\ProgramData\Setup_EZ_YouTube_Video_Downloader_v1.2.3.exe
C:\ProgramData\Setup_EZ_YouTube_Video_Downloader_v1.2.4.exe
C:\ProgramData\Setup_EZ_YouTube_Video_Downloader_v1.2.5.exe
C:\ProgramData\yvd_chrome_se.exe
C:\ProgramData\yvd_firefox_se.exe
C:\ProgramData\yvd_ie_se.exe
Some content of TEMP:
====================
C:\Users\SoundBlaster2\AppData\Local\Temp\dynwrapx.dll
C:\Users\SoundBlaster2\AppData\Local\Temp\mshta.exe
C:\Users\SoundBlaster2\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\SoundBlaster2\AppData\Local\Temp\sqlite3.exe
C:\Users\SoundBlaster2\AppData\Local\Temp\Uninst.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-25 09:47
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by SoundBlaster2 at 2015-03-25 12:04:17
Running from C:\Users\SoundBlaster2\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 3.2.1 - Hewlett-Packard) Hidden
AceBackup 3 (HKLM-x32\...\{87B60A11-AA9E-43FE-A68F-B3C4F80F7D2F}) (Version: 3.0.2 - AceBIT)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
adsl TV (HKLM-x32\...\{3AFDD2C6-8663-46B5-B195-6CEB00D44768}) (Version: 2013.1 - adsl TV / FM)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
A-PDF Data Extractor (HKLM-x32\...\A-PDF Data Extractor_is1) (Version: - A-PDF Solution)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arbortext IsoView 7.3 (HKLM-x32\...\{4BDE5481-42B1-4A16-AF98-31B9FB1AB7C5}) (Version: 7.3.00.15 - PTC)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.6 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4924.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4924.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
Auto Inventory (HKLM-x32\...\Auto Inventory2.4) (Version: 2.4 - Computer Specialties)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5751 - AVG Technologies)
AVG 2015 (Version: 15.0.4315 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5751 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.3.0.879 - AVG Technologies)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.67.1076 - AB Team, d.o.o.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.00 - Canon Inc.)
Canon MG2400 series User Registration (HKLM-x32\...\Canon MG2400 series User Registration) (Version: - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Consult V4 RenaultTrucks (HKLM-x32\...\Consult V4 RenaultTrucks) (Version: - )
Consult VIN (HKLM-x32\...\Consult VIN) (Version: - )
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.0.0 - Business Objects)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dot4 (HKLM\...\{3EEDA265-C6F3-4EC1-A317-1C9315DEDDDE}) (Version: 1.0.0.0 - HP)
ECrawl Shareware (HKLM-x32\...\ECrawl Shareware) (Version: - northworks.biz)
Elevated Installer (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
eMail Extractor 3.2.0 (HKLM-x32\...\eMail Extractor_is1) (Version: - MAX Programming LLC)
Ethereal 0.99.0 (HKLM-x32\...\Ethereal) (Version: 0.99.0 - The Ethereal developer community, http://www.ethereal.com)
EZ YouTube Video Downloader (HKLM-x32\...\EZ YouTube Video Downloader) (Version: 1.2.0 - XtensionPlus) <==== ATTENTION
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Gadwin PrintScreen (64-Bit) (HKLM\...\{2A271428-D127-40B1-9728-662DAA3472F6}) (Version: 5.3.1.0 - Gadwin Systems)
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.3 - goldensoft.org)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
ImTranslator for IE (HKLM-x32\...\ImTranslator for IE) (Version: - )
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
iPhone Backup Extractor (HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\iPhone Backup Extractor) (Version: 5.1.9.0 - Reincubate Ltd)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
IVONA 2 (HKLM-x32\...\IVONA 2) (Version: 1.6.51 - IVONA Software Sp. z o.o.)
IVONA Reader (HKLM-x32\...\IVONA Reader) (Version: - IVONA Software Sp. z o.o.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Light Image Resizer 4.4.1.4 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.4.1.4 - ObviousIdea)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Metal Slug Complete PC 1.0 (HKLM-x32\...\Metal Slug Complete PC) (Version: 1.0 - SNK PLAYMORE)
Microsoft Access 2000 SR-1 Runtime (HKLM-x32\...\{004F0409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Management Objects Collection (HKLM\...\{5677B005-B609-4B5B-9F3C-132BB085D3CF}) (Version: 9.00.1399.06 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{86177DAE-38B1-49DD-912E-35CB703AB779}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Multi (HKLM-x32\...\{7B2C1257-4965-4205-8EFC-71737AAE2C69}) (Version: 6.13.0 - Scania)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.2.27.1 - NETGEAR Inc.)
Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro)
NVIDIA Graphics Driver 311.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.66 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0325 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0325 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Oracle VM VirtualBox 4.3.20 (HKLM\...\{86401870-7AB7-4A8D-8AD6-12B27DF2E6E3}) (Version: 4.3.20 - Oracle Corporation)
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
PokerStars.fr (HKLM-x32\...\PokerStars.fr) (Version: - PokerStars.fr)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6923 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39029 - Realtek Semiconductor Corp.)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.16 - ASUS)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SopCast Tv Plugin 5.9 Setup (HKLM-x32\...\SopCast Tv Plugin 5.9 Setup) (Version: - )
Sp5 (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Sp5Intl (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Sp5TTInt (x32 Version: 5.1.4324.0 - Microsoft) Hidden
SpCommon (x32 Version: 5.1.4324.0 - Microsoft) Hidden
SpPhones (x32 Version: 6.0.3122.0 - Microsoft) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Totally Rad Dirty Pictures 1.5.1 (HKLM-x32\...\Totally Rad Dirty Pictures) (Version: 1.5.1 - Totally Rad!)
Tv_Online (HKLM-x32\...\Tv_Online) (Version: - Tv Online Uninstall)
Unity Web Player (HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Web Data Extractor 8.3 (HKLM-x32\...\{2D889173-0C85-4325-8EAE-E6B68BCA71B7}) (Version: 8.3.0.1 - spadixbd.com)
Westwood Shared Internet Components (HKLM-x32\...\WOLAPI) (Version: - )
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
11-03-2015 09:55:14 Scheduled Checkpoint
20-03-2015 03:58:23 Scheduled Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2015-03-25 08:45 - 00001509 _RASH C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
85.25.107.66 www.google-analytics.com.
85.25.107.66 google-analytics.com.
85.25.107.66 connect.facebook.net.
94.242.254.157 www.google-analytics.com.
94.242.254.157 google-analytics.com.
94.242.254.157 connect.facebook.net.
195.162.69.251 www.google-analytics.com.
195.162.69.251 google-analytics.com.
195.162.69.251 connect.facebook.net.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {08D94BB2-CF63-4159-83CB-F43945C93983} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07] (Google Inc.)
Task: {113699D2-12AE-49D5-8EDD-6CD5C36696A5} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {12650F01-C4B4-48AE-9D0E-466E47F871E0} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2013-01-22] (ASUS)
Task: {12978E33-22AD-40FB-9BEE-D69DDA47C72C} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.)
Task: {314DC277-E453-460D-84C3-2BC2B28EAEF8} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {36F27201-86AC-4123-BEB6-A59F2447CE9E} - System32\Tasks\NCH Software\InventoriaSchedBackup => C:\Program Files (x86)\NCH Software\Inventoria\Inventoria.exe
Task: {3A6643F2-1D41-4485-B6DB-CD34B7EFBDBF} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {3E95A098-A851-455E-8DA9-708E6816721C} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {4FC8513B-E821-45CC-8EB9-F02118A89276} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.)
Task: {573E1ACB-80AD-4F66-A1C9-F7DB219AEBA7} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {61F8546B-779F-4684-8618-6F49244F35D6} - \Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2 No Task File <==== ATTENTION
Task: {6201E03A-3626-4DC9-A33E-58168C3DC2CD} - System32\Tasks\{4D23D2A9-AB16-4AFB-9AE1-9DDEDA2CFDF8} => pcalua.exe -a F:\AutoStarter.exe -d F:\
Task: {81501A38-0080-4496-B094-43F6E4E058CD} - \FF Watcher {43B1C9E7-D441-4F3B-AC0D-3B1C27E5D758} No Task File <==== ATTENTION
Task: {85C48BF2-93DB-4E64-9565-E82C90CECA65} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)
Task: {8A4A2C3D-DBD8-4C5A-9333-A0069C322BD8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {9486BF60-C192-476F-8908-B39D961C4504} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {971BFCEA-BEE5-49B5-90B1-F3E09E2FCE08} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-16] (AsusTek)
Task: {A174FFAE-A60A-4DAB-BC23-35BB54B115FB} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)
Task: {AFEABCD5-9353-4117-B72B-E249D1E47AF3} - System32\Tasks\Open Chrome => Chrome.exe --new-window http://toolbar.avg.com/almost-done?pid= ... mp;lang=en
Task: {CA33ED1A-6DD3-4DBD-BE43-53D9DF03B7F1} - \SomotoUpdateCheckerAutoStart No Task File <==== ATTENTION
Task: {DFBCA31F-E395-4A22-8DD4-8E4EAF0BB8BA} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-12-31] ()
Task: {FF086CCE-2494-4634-A665-989BDA300987} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exeF--new-window http:/toolbar.avg.com/
==================== Loaded Modules (whitelisted) ==============
2013-11-12 10:50 - 2012-12-06 14:52 - 00136704 _____ () C:\WINDOWS\System32\zlhp2600.dll
2012-12-19 07:10 - 2012-12-19 07:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2012-08-24 17:26 - 2012-08-24 17:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2010-01-09 21:17 - 2010-01-09 21:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 02:40 - 2010-01-21 02:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-02-25 14:46 - 2015-02-25 14:46 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
2012-04-16 14:45 - 2012-04-16 14:45 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2013-10-01 12:02 - 2013-10-01 12:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-15 20:12 - 2011-08-15 20:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2012-04-16 11:42 - 2012-04-16 11:42 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 20:12 - 2011-08-15 20:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-15 20:15 - 2011-08-15 20:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 16:41 - 2011-08-17 16:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 16:48 - 2011-08-17 16:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-17 16:48 - 2011-08-17 16:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 19:23 - 2011-08-15 19:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2012-04-16 11:41 - 2012-04-16 11:41 - 00484864 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-04-16 11:56 - 2012-04-16 11:56 - 00500032 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-04-16 11:38 - 2012-04-16 11:38 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2014-07-31 18:34 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-07-31 18:34 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-07-31 18:34 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-02-25 14:46 - 2015-02-25 14:46 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\log4cplusU.dll
2014-07-31 18:34 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-07-31 18:34 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2011-07-19 16:05 - 2011-07-19 16:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-15 20:17 - 2011-08-15 20:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-19 16:04 - 2011-07-19 16:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2013-08-20 13:25 - 2012-06-25 03:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-03-28 10:35 - 2014-03-28 10:35 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-03-21 15:31 - 2015-03-14 11:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-21 15:31 - 2015-03-14 11:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-21 15:31 - 2015-03-14 11:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll
2010-01-09 21:18 - 2010-01-09 21:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2010-01-10 02:05 - 2010-01-10 02:05 - 01040736 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2010-01-10 19:37 - 2010-01-10 19:37 - 00058208 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\UmOutlookStrings.dll
2015-03-21 15:31 - 2015-03-14 11:12 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3588957260-3221095627-2875930436-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\SoundBlaster2\Desktop\mock-up-truck-front.jpg
DNS Servers: 8.8.8.8
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "egui"
HKLM\...\StartupApproved\Run: => "V-bates"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "Andy"
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\StartupApproved\Run: => "Power2GoExpress"
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\StartupApproved\Run: => "NETGEARGenie"
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\StartupApproved\Run: => "Gadwin PrintScreen (64-bit)"
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\StartupApproved\Run: => "BluetoothS"
HKU\S-1-5-21-3588957260-3221095627-2875930436-1002\...\StartupApproved\Run: => "IVONA Reader"
==================== Accounts: =============================
Administrator (S-1-5-21-3588957260-3221095627-2875930436-500 - Administrator - Disabled)
Guest (S-1-5-21-3588957260-3221095627-2875930436-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3588957260-3221095627-2875930436-1004 - Limited - Enabled)
SoundBlaster2 (S-1-5-21-3588957260-3221095627-2875930436-1002 - Administrator - Enabled) => C:\Users\SoundBlaster2
UpdatusUser (S-1-5-21-3588957260-3221095627-2875930436-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/25/2015 10:25:03 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (03/25/2015 09:54:53 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (03/25/2015 09:48:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (03/24/2015 07:01:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (03/23/2015 09:20:44 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (03/23/2015 09:15:52 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (03/21/2015 03:47:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (03/20/2015 03:58:23 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(DefaultUserTemplate). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {51ce39d3-e790-47eb-8d64-ee7828b7b0de}
Error: (03/20/2015 03:30:48 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (03/19/2015 10:06:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
System errors:
=============
Error: (03/25/2015 10:25:48 AM) (Source: DCOM) (EventID: 10010) (User: SoundBlaster)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/25/2015 10:25:18 AM) (Source: DCOM) (EventID: 10010) (User: SoundBlaster)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/25/2015 10:20:33 AM) (Source: DCOM) (EventID: 10010) (User: SoundBlaster)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/25/2015 10:20:03 AM) (Source: DCOM) (EventID: 10010) (User: SoundBlaster)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/25/2015 10:15:07 AM) (Source: DCOM) (EventID: 10010) (User: SoundBlaster)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/25/2015 10:14:37 AM) (Source: DCOM) (EventID: 10010) (User: SoundBlaster)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/25/2015 09:54:46 AM) (Source: DCOM) (EventID: 10010) (User: SoundBlaster)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/25/2015 09:54:03 AM) (Source: DCOM) (EventID: 10010) (User: SoundBlaster)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/25/2015 09:48:24 AM) (Source: DCOM) (EventID: 10010) (User: SoundBlaster)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/25/2015 09:47:54 AM) (Source: DCOM) (EventID: 10010) (User: SoundBlaster)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Microsoft Office Sessions:
=========================
Error: (03/25/2015 10:25:03 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\CCleaner\CCleaner.exe
Error: (03/25/2015 09:54:53 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\CCleaner\CCleaner.exe
Error: (03/25/2015 09:48:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\CCleaner\CCleaner.exe
Error: (03/24/2015 07:01:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\CCleaner\CCleaner.exe
Error: (03/23/2015 09:20:44 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\CCleaner\CCleaner.exe
Error: (03/23/2015 09:15:52 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\CCleaner\CCleaner.exe
Error: (03/21/2015 03:47:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\CCleaner\CCleaner.exe
Error: (03/20/2015 03:58:23 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(DefaultUserTemplate)0x80070539, The security ID structure is invalid.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {51ce39d3-e790-47eb-8d64-ee7828b7b0de}
Error: (03/20/2015 03:30:48 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\CCleaner\CCleaner.exe
Error: (03/19/2015 10:06:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\CCleaner\CCleaner.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 25%
Total physical RAM: 12165.73 MB
Available physical RAM: 9016.21 MB
Total Pagefile: 24453.73 MB
Available Pagefile: 20468.43 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:372.17 GB) (Free:249.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:537.6 GB) (Free:283.09 GB) NTFS
Drive f: (KINGSTON) (Removable) (Total:3.7 GB) (Free:3.62 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: FE9A1DC4)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================