Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help in removing sheur4.aulg and various malwares..


  • This topic is locked This topic is locked
7 replies to this topic

#1 Sladare

Sladare

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 08 February 2014 - 10:04 AM

I had run Avg free edition 2013 and it has detected a sheur4.aulg in my system . 

Despite removing it multiple times , it just keep coming back. I not sure if it due to this virus but my computer restart on several occasion by itself ,

i cant access my regedit , and my "Folder option" is gone , all the folders in my external harddisk which is connect to the infected computer became shortcuts 

. I tried using OTL to generate a virus log but i was not able to run it. Please help , what can i do to fix this ?

The operating system is vista. 


Edited by Sladare, 08 February 2014 - 10:07 AM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:35 AM

Posted 08 February 2014 - 01:25 PM





Hello Sladare

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I would like you to run this program for me.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Sladare

Sladare
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 10 February 2014 - 08:35 AM

Hello Gringo , 

Thank you for the welcome and the prompt response , sorry for the late reply ! 

Here are the logs !
 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-02-2014 03
Ran by sladare (administrator) on SLADARE-PC on 10-02-2014 21:29:25
Running from C:\Users\sladare\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(百度在线网络技术北京有限公司) C:\Program Files\Common Files\Baidu\BaiduProtect\1.2.0.47\BaiduProtect.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\system32\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCD.exe
(Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Creative Technology Ltd) C:\Windows\System32\CTHELPER.EXE
(Creative Technology Ltd) C:\Windows\System32\CTXFIHLP.EXE
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\daemon.exe
(BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe
(Gemalto N.V.) C:\Users\sladare\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
(Funshion Online Technologies Ltd.) C:\Program Files\Funshion Online\2.8.9.7\Funshion.exe
(酷狗音乐) C:\Program Files\KuGou\KuGou2010\KuGoo.exe
() C:\Program Files\Baidu\BaiduPlayer\1.19.0.78\BaiduPlayer.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\WScript.exe
() C:\Program Files\KuWo\KWMUSIC\bin\kwmusic.exe
(BitLeader) C:\Program Files\lg_fwupdate\fwupdate.exe
(Creative Technology Ltd) C:\Windows\SYSTEM32\CTXFISPI.EXE
(酷狗计算机科技有限公司) C:\Program Files\KuGou\KuGou2010\kgdaemon.exe
() C:\Program Files\KuWo\KWMUSIC\bin\IESandBox.exe
() C:\Program Files\Baidu\BaiduPlayer\1.19.0.78\BaiduP2PService.exe
(Funshion Online Technologies Ltd.) C:\Program Files\Funshion Online\2.8.9.7\FunshionService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(MyPCBackup.com) C:\Program Files\MyPC Backup\MyPC Backup.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\Funshion Online\2.8.9.7\InnerWeb.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\KuWo\KWMUSIC\bin\KwService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [56928 2006-11-23] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [54832 2006-12-05] ()
HKLM\...\Run: [LGODDFU] - C:\Program Files\lg_fwupdate\lgfw.exe [27760 2012-07-18] (Bitleader)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [SecurDisc] - C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [1628208 2007-05-15] (Nero AG)
HKLM\...\Run: [InCD] - C:\Program Files\Nero\Nero 7\InCD\InCD.exe [1057328 2007-05-15] (Nero AG)
HKLM\...\Run: [VolPanel] - C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [180224 2006-12-06] (Creative Technology Ltd)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [591696 2008-05-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-25] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2013\avgui.exe [4411952 2013-11-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2552856 2014-02-05] ()
HKLM\...\Run: [TkBellExe] - C:\Program Files\Common Files\Real\Update_OB\realsched.exe [202256 2010-03-14] (RealNetworks, Inc.)
HKLM\...\Run: [DBAgent] - C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1516680 2012-11-08] (Seagate Technology LLC)
HKLM\...\Run: [kwmusic] - C:\Program Files\KuWo\KWMUSIC\Kwmusic.exe [548272 2012-09-13] (酷我科技)
HKLM\...\Run: [CTHelper] - C:\Windows\system32\CTHELPER.EXE [19456 2007-03-05] (Creative Technology Ltd)
HKLM\...\Run: [CTxfiHlp] - C:\Windows\system32\CTXFIHLP.EXE [19968 2007-03-05] (Creative Technology Ltd)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3813712 2014-02-04] (LogMeIn Inc.)
HKLM\...\Policies\Explorer\Run: [winsys] - C:\Windows\winsys.exe No File
HKU\.DEFAULT\...\Run: [DevconDefaultDB] - C:\Windows\system32\READREG /SILENT /FAIL=1
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\daemon.exe [691656 2009-04-23] (DT Soft Ltd)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [969104 2012-12-14] (BitTorrent, Inc.)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Run: [EPSON Stylus Office TX600FW(Network)] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEKL.EXE [188928 2008-03-05] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Run: [Akamai NetSession Interface] - "C:\Users\sladare\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Run: [SanDiskSecureAccess_Manager.exe] - C:\Users\sladare\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe [30705792 2012-09-12] (Gemalto N.V.)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Run: [Funshion] - C:\Program Files\Funshion Online\2.8.9.7\Funshion.exe [5193352 2014-01-26] (Funshion Online Technologies Ltd.)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-08-09] (InstallShield Software Corporation)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Run: [kugou] - C:\Program Files\KuGou\KuGou2010\KuGoo.exe [5061232 2010-11-04] (酷狗音乐)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Run: [BAIDUMEDIA] - C:\Program Files\Baidu\BaiduPlayer\1.19.0.78\BaiduPlayer.exe [1328592 2012-12-18] ()
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Run: [Uploader] - C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [122032 2012-11-08] (Seagate Technology LLC)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Run: [0adf0] - C:\Users\sladare\AppData\Roaming\1cc91\0adf0.js [47706 2014-02-10] ()
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Policies\Explorer: [NofolderOptions] 1
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Policies\Explorer: [NoControlPanel] 1
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\MountPoints2: {466e578e-754f-11df-bc77-0019dbf62880} - G:\CONTROL.EXE
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\MountPoints2: {d50cc4f1-d59f-11de-bc00-0019dbf62880} - G:\StartPortableApps.exe --cdmenu
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\MountPoints2: {d50cc53f-d59f-11de-bc00-0019dbf62880} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL exiplorer.exe
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\MountPoints2: {dbfe8ab4-7694-11e3-b7af-0019dbf62880} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1694180103-1537940920-2146257652-1000\...\MountPoints2: {e6486991-f848-11e2-9436-0019dbf62880} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1694180103-1537940920-2146257652-1001\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1694180103-1537940920-2146257652-1001\...\Run: [msnmsgr] - C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4240760 2010-09-23] (Microsoft Corporation)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1001\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-03-17] (Apple Inc.)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1001\...\Run: [kugou] - C:\Program Files\KuGou\KuGou2010\KuGoo.exe [5061232 2010-11-04] (酷狗音乐)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1001\...\Run: [Funshion] - "C:\Program Files\Funshion Online\Funshion\Funshion.exe" startbywindows tray
HKU\S-1-5-21-1694180103-1537940920-2146257652-1001\...\MountPoints2: {41c809cb-a367-11de-a9ec-000d0b96b0aa} - G:\qfhozq.exe
HKU\S-1-5-21-1694180103-1537940920-2146257652-1001\...\MountPoints2: {466e578e-754f-11df-bc77-0019dbf62880} - G:\dvyxdk.exe
HKU\S-1-5-21-1694180103-1537940920-2146257652-1002\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1694180103-1537940920-2146257652-1002\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-03-17] (Apple Inc.)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1002\...\Run: [EPSON TX600FW Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEKL.EXE [188928 2008-03-05] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1002\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1694180103-1537940920-2146257652-1002\...\MountPoints2: {466e578e-754f-11df-bc77-0019dbf62880} - G:\dvyxdk.exe
Startup: C:\Users\Rina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\funshion.lnk
ShortcutTarget: funshion.lnk -> C:\Program Files\Funshion Online\Funshion\Funshion.exe (No File)
Startup: C:\Users\sladare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=62002018_3_hao_pg
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = ǝ
耀ǝ牐ǝⷲ㤮耀ǝ
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://xin.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x472426EC25DDCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-sg
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/
SearchScopes: HKLM - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.chatzum.com/?q={searchTerms}
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.chatzum.com/?q={searchTerms}
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={C887F60D-ED07-428C-A3A1-3CBB2F4FF099}&mid=37f476405783a317d745f32e866bf363-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&pr=fr&d=2012-10-13 20:35:22&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=FWV5&o=14197&src=crm&q={searchTerms}&locale=en_US
SearchScopes: HKCU - {18EAB056-9057-F224-FD4C-1F6569C4D8D2} URL = http://www.plusnetwork.com/s/?q={searchTerms}&iesrc={referrer:source?}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={C887F60D-ED07-428C-A3A1-3CBB2F4FF099}&mid=37f476405783a317d745f32e866bf363-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&pr=fr&d=2012-10-13 20:35:22&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://search.chatzum.com/?q={SearchTerms}
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search/web?q={searchTerms}
BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} -  No File
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
BHO: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
Toolbar: HKLM - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\Windows\System32\KuGoo3DownXControl.ocx ()
Handler: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\Windows\System32\KuGoo3DownXControl.ocx ()
Handler: kuwo - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\system32\mshtml.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\sladare\AppData\Roaming\Mozilla\Firefox\Profiles\oa7evyi0.default
FF user.js: detected! => C:\Users\sladare\AppData\Roaming\Mozilla\Firefox\Profiles\oa7evyi0.default\user.js
FF NewTab: hxxp://home.sweetim.com/?src=97&barid={CFE05FD8-B961-11E1-8229-0019DBF62880}
FF DefaultSearchEngine: AVG Secure Search
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.hao123.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @ahnlab.com/asp/npaosmgr.1 - C:\Program Files\AhnLab\ASP\Components\aosmgr\conflict_221\npaosmgr.dll (AhnLab, Inc.)
FF Plugin: @ahnlab.com/asp/npmkd25aos - C:\Program Files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll (AhnLab, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll (AVG Technologies)
FF Plugin: @baidu.com/npxbdsetup - C:\Windows\Downloaded Program Files\1709937\npxbdsetup.dll ()
FF Plugin: @baidu.com/npxbdyy - C:\Program Files\Baidu\BaiduPlayer\1.19.0.78\npxbdyy.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @funshion.com/npFunshion - C:\Users\sladare\funshion\funshiontools\npFunshion.dll No File
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin: @pages.tvunetworks.com/WebPlayer - C:\Program Files\TVUPlayer\npTVUAx.dll (TVU networks)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=6.0.12.709 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.709 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.709 - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @ahnlab.com/asp/npmkd25aos - C:\Program Files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll (AhnLab, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\sladare\AppData\Roaming\Mozilla\Firefox\Profiles\oa7evyi0.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\sladare\AppData\Roaming\Mozilla\Firefox\Profiles\oa7evyi0.default\searchplugins\search-web.xml
FF SearchPlugin: C:\Users\sladare\AppData\Roaming\Mozilla\Firefox\Profiles\oa7evyi0.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: TVU Web Player - C:\Users\sladare\AppData\Roaming\Mozilla\Firefox\Profiles\oa7evyi0.default\Extensions\firefox@tvunetworks.com [2010-06-17]
FF Extension: DVDVideoSoft Menu - C:\Users\sladare\AppData\Roaming\Mozilla\Firefox\Profiles\oa7evyi0.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010-08-26]
FF Extension: Funshion Player Extension - C:\Users\sladare\AppData\Roaming\Mozilla\Firefox\Profiles\oa7evyi0.default\Extensions\{D119EDE5-84F2-4204-927D-D8811DC193B9} [2013-06-08]
FF Extension: OneClickDownloader - C:\Users\sladare\AppData\Roaming\Mozilla\Firefox\Profiles\oa7evyi0.default\Extensions\OneClickDownload@OneClickDownload.com.xpi [2013-02-02]
FF Extension: Yontoo - C:\Users\sladare\AppData\Roaming\Mozilla\Firefox\Profiles\oa7evyi0.default\Extensions\plugin@yontoo.com.xpi [2013-03-06]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\sladare\AppData\Roaming\Mozilla\Firefox\Profiles\oa7evyi0.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-09-20]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\sladare\AppData\Roaming\Mozilla\Firefox\Profiles\oa7evyi0.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012-12-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-03-14]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 [2014-01-09]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\sladare\AppData\Roaming\IDM\idmmzcc3
FF Extension: IDM CC - C:\Users\sladare\AppData\Roaming\IDM\idmmzcc3 [2009-11-20]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchKeyword: google.com.sg
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.170.4) - C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (AhnLab Online Security) - C:\Program Files\AhnLab\ASP\Components\aosmgr\conflict_221\npaosmgr.dll (AhnLab, Inc.)
CHR Plugin: (AhnLab MyKeyDefense 2.5) - C:\Program Files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll (AhnLab, Inc.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (TVU Web Player for FireFox) - C:\Program Files\TVUPlayer\npTVUAx.dll (TVU networks)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\sladare\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Adblock Plus) - C:\Users\sladare\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-10-14]
CHR Extension: (Google Search) - C:\Users\sladare\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (Fast save) - C:\Users\sladare\AppData\Local\Google\Chrome\User Data\Default\Extensions\daoincddhgnedmchclkdggndobibobhm [2012-06-29]
CHR Extension: (New Tab) - C:\Users\sladare\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnpmlnedpdikbgdghljdepnljfpkhccn [2012-07-06]
CHR Extension: (AVG Security Toolbar) - C:\Users\sladare\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-12-10]
CHR Extension: (Google Wallet) - C:\Users\sladare\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\sladare\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\sladare\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-06-19]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [2014-01-09]
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\sladare\AppData\Local\Temp\YontooLayers.crx [2014-01-09]
CHR HKLM\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files\1ClickDownload\oneclickdownloader10.crx [2012-06-05]
 
========================== Services (Whitelisted) =================
 
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
S2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [36392 2014-02-06] (Just Develop It)
S3 BaiduUpdater; C:\Program Files\Baidu\BaiduUpdate\bdupdate.exe [1259440 2014-01-02] (Baidu.com, Inc.)
R2 BDSGRTP; C:\Program Files\Common Files\Baidu\BaiduProtect\1.2.0.47\BaiduProtect.exe [1170784 2014-01-18] (百度在线网络技术北京有限公司)
S2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
S2 gupdate1ca3a17658e0b84; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-09-21] (Google Inc.)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1677648 2014-02-04] (LogMeIn Inc.)
S2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-02] (Nero AG)
R2 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1550896 2007-05-15] (Nero AG)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-02-04] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-07] (McAfee, Inc.)
S3 npggsvc; C:\Windows\system32\GameMon.des [4513528 2012-08-14] (INCA Internet Co., Ltd.)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2011-09-14] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-08] ()
R2 Seagate Dashboard Services; C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [15552 2012-11-08] (Seagate Technology LLC)
S3 usprserv; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 vToolbarUpdater17.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-09] (AVG Secure Search)
S3 DAUpdaterSvc; C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [X]
S2 FunshionSvr; C:\Users\sladare\funshion\funshiontools\FunshionSvr.dll [X]
S2 mysql; "C:\Users\sladare\Documents\Downloads\Programs\New Folder (2)\Server\mysql\bin\mysqld-nt" "--defaults-file=C:\Users\sladare\Documents\Downloads\Programs\New Folder (2)\Server\mysql\bin\my.cnf" mysql
 
==================== Drivers (Whitelisted) ====================
 
S3 1394hub; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 apf001; C:\Windows\system32\apf001.sys [10872 2012-04-07] ()
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [97296 2010-11-17] (Advanced Micro Devices)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2013-03-21] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-11] (AVG Technologies)
R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [70984 2014-01-18] (Baidu)
R1 bd0004; C:\Windows\System32\DRIVERS\bd0004.sys [183624 2014-01-18] (Baidu)
R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [83272 2014-01-18] (Baidu Technology)
R2 BUFADPT; C:\Windows\system32\BUFADPT.SYS [9600 2005-03-10] (BUFFALO INC.)
S3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [98616 2007-03-05] (Creative Technology Ltd)
R3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [170808 2007-03-05] (Creative Technology Ltd.)
S3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [552248 2007-03-05] (Creative Technology Ltd)
S3 ctdvda2k; C:\Windows\System32\drivers\ctdvda2k.sys [347144 2007-03-05] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [174392 2007-03-05] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [286520 2007-03-05] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [134968 2007-03-05] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [329528 2007-03-05] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [101176 2007-03-05] (Creative Technology Ltd)
R3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1323832 2007-03-05] (Creative Technology Ltd.)
R3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [73016 2007-03-05] (Creative Technology Ltd.)
S3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [566584 2007-03-05] (Creative Technology Ltd)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2008-12-13] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV32.sys [105984 2009-10-27] (QUALCOMM Incorporated)
R4 InCDfs; C:\Windows\System32\drivers\InCDFs.sys [118576 2007-05-15] (Nero AG)
R1 InCDPass; C:\Windows\System32\drivers\InCDPass.sys [37040 2007-05-15] (Nero AG)
U1 InCDrec; C:\Windows\system32\Drivers\InCDrec.sys [16304 2007-05-15] (Nero AG)
R1 incdrm; C:\Windows\System32\drivers\InCDRm.sys [38576 2007-05-15] (Nero AG)
S3 Mkd2kfNt; C:\Windows\System32\drivers\Mkd2kfNt.sys [133632 2009-10-13] (AhnLab, Inc.)
S3 Mkd2Nadr; C:\Windows\System32\drivers\Mkd2Nadr.sys [79360 2009-07-13] (AhnLab, Inc.)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [95304 2012-03-25] (MotioninJoy)
S3 msloop; C:\Windows\System32\DRIVERS\loop.sys [6656 2008-01-21] (Microsoft Corporation)
S3 rak; C:\Windows\system32\rakion.sys [60928 2009-12-21] ()
S3 rt70x86; C:\Windows\System32\DRIVERS\netr70.sys [300544 2009-06-19] (Ralink Technology Corp.)
S3 s217bus; C:\Windows\System32\DRIVERS\s217bus.sys [83496 2007-11-02] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [722416 2009-09-17] ()
S3 u2kg54; C:\Windows\System32\DRIVERS\rt2500usb.sys [139904 2004-06-22] (Ralink Technology Inc.)
U3 aar6yjx4; C:\Windows\system32\Drivers\aar6yjx4.sys [0 ] (Microsoft Corporation)
S1 BDMWrench; system32\DRIVERS\BDMWrench.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files\Garena\safedrv.sys [X]
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-10 21:29 - 2014-02-10 21:29 - 00040931 _____ () C:\Users\sladare\Desktop\FRST.txt
2014-02-10 21:26 - 2014-02-10 21:29 - 00000000 ____D () C:\FRST
2014-02-10 21:23 - 2014-02-10 21:24 - 01138688 _____ (Farbar) C:\Users\sladare\Desktop\FRST.exe
2014-02-09 18:44 - 2014-02-09 18:44 - 264674335 _____ () C:\Windows\MEMORY.DMP
2014-02-09 18:44 - 2014-02-09 18:44 - 00143016 _____ () C:\Windows\Minidump\Mini020914-01.dmp
2014-02-08 22:51 - 2014-02-08 22:51 - 00602112 _____ (OldTimer Tools) C:\Users\sladare\Downloads\OTL.scr
2014-02-08 22:51 - 2014-02-08 22:51 - 00602112 _____ (OldTimer Tools) C:\Users\sladare\Downloads\OTL.com
2014-02-08 22:47 - 2014-02-08 22:47 - 00602112 _____ (OldTimer Tools) C:\Users\sladare\Desktop\OTL.exe
2014-02-08 22:06 - 2014-02-08 22:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sladare\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-08 21:52 - 2014-02-08 21:52 - 00000492 _____ () C:\Users\sladare\Downloads\Enable_Folder_Options (1).reg
2014-02-08 21:51 - 2014-02-08 21:52 - 00000492 _____ () C:\Users\sladare\Desktop\Enable_Folder_Options.reg
2014-02-08 21:40 - 2014-02-08 21:40 - 00000297 _____ () C:\Users\sladare\Documents\sladare - Shortcut.lnk
2014-02-08 20:24 - 2014-02-09 10:21 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-02-08 20:24 - 2014-02-08 20:24 - 00001754 _____ () C:\Users\sladare\Desktop\Sync Folder.lnk
2014-02-08 20:24 - 2014-02-08 20:24 - 00000884 _____ () C:\Users\sladare\Desktop\MyPC Backup.lnk
2014-02-08 20:24 - 2014-02-08 20:24 - 00000000 ____D () C:\Users\sladare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-02-08 20:23 - 2014-02-08 20:23 - 00742880 _____ () C:\Users\sladare\Downloads\AS_MAPLE_downloader.exe
2014-02-08 20:23 - 2014-02-08 20:23 - 00000000 ____D () C:\Users\sladare\AppData\Roaming\systweak
2014-02-08 20:23 - 2014-02-08 20:23 - 00000000 ____D () C:\Program Files\RegClean Pro
2014-02-08 20:23 - 2013-12-27 18:10 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot.exe
2014-02-08 20:19 - 2014-02-08 20:19 - 00015816 _____ () C:\Users\sladare\Downloads\Chronicle_2012_SYNCFIXED_DVDRip_XviD-SPARKS_[NO_RAR][Seedpeer].torrent
2014-02-07 21:37 - 2014-02-07 21:37 - 00054977 _____ () C:\Users\sladare\Downloads\identity-thief_english-735167.zip
2014-02-07 17:46 - 2014-02-07 17:46 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-02-07 00:10 - 2014-02-07 00:10 - 00019737 _____ () C:\Users\sladare\Downloads\Identity_Thief_(2013)_[1080p].torrent
2014-02-05 16:05 - 2014-02-05 16:05 - 00035984 _____ () C:\Users\sladare\Downloads\ripd-rest-in-peace-department_english-805635.zip
2014-02-05 16:05 - 2014-02-05 16:05 - 00035984 _____ () C:\Users\sladare\Downloads\ripd-rest-in-peace-department_english-805635 (1).zip
2014-02-05 15:32 - 2014-02-05 15:32 - 00008264 _____ () C:\Users\sladare\Downloads\R_I_P_D__(2013)_720p_BrRip_x264_-_YIFY.torrent
2014-02-04 00:16 - 2014-02-04 00:16 - 00102907 _____ () C:\Users\sladare\Desktop\sub.txt
2014-02-02 20:56 - 2014-02-02 20:56 - 00145117 _____ () C:\Users\sladare\Downloads\Ender's_Game_2013_BRRip_720p_x264_AAC_-_KiNGDOM.torrent
2014-02-01 01:11 - 2014-02-01 01:11 - 00051056 _____ () C:\Users\sladare\Downloads\the-worlds-end_english-827145.zip
2014-01-26 18:27 - 2014-01-26 18:27 - 00000000 _____ () C:\sres.daw
2014-01-26 12:07 - 2014-01-26 12:08 - 10949787 _____ () C:\Users\sladare\Downloads\Outlook (32).zip
2014-01-26 12:07 - 2014-01-26 12:07 - 06513416 _____ () C:\Users\sladare\Downloads\Outlook (31).zip
2014-01-25 22:34 - 2014-01-25 22:34 - 00017572 _____ () C:\Users\sladare\Downloads\The_World's_End_(2013)_[1080p].torrent
2014-01-25 22:34 - 2014-01-25 22:34 - 00017572 _____ () C:\Users\sladare\Downloads\The_World's_End_(2013)_[1080p] (1).torrent
2014-01-24 20:05 - 2014-01-18 03:28 - 00083272 _____ (Baidu Technology) C:\Windows\system32\Drivers\BDArKit.sys
2014-01-20 18:19 - 2014-01-20 18:20 - 00000000 __SHD () C:\1d3
2014-01-20 18:19 - 2014-01-20 18:19 - 00000000 __SHD () C:\Users\sladare\AppData\Roaming\1cc91
2014-01-20 18:19 - 2014-01-20 18:19 - 00000000 __SHD () C:\Program Files\03c
2014-01-20 13:06 - 2014-01-20 13:06 - 03988191 _____ () C:\Users\sladare\Downloads\Outlook (30).zip
2014-01-19 15:35 - 2014-01-19 15:36 - 00000000 ____D () C:\Users\sladare\Desktop\-CBBE-+feet 2_Female_Body_Mod_BBE_v0_2
 
==================== One Month Modified Files and Folders =======
 
2014-02-10 21:29 - 2014-02-10 21:29 - 00040931 _____ () C:\Users\sladare\Desktop\FRST.txt
2014-02-10 21:29 - 2014-02-10 21:26 - 00000000 ____D () C:\FRST
2014-02-10 21:29 - 2013-11-07 19:24 - 00000000 ____D () C:\Users\sladare\Desktop\New Folder (15)
2014-02-10 21:29 - 2009-09-17 19:34 - 00000000 ____D () C:\Users\sladare\AppData\Roaming\uTorrent
2014-02-10 21:28 - 2013-03-23 02:12 - 00001680 _____ () C:\Users\sladare\Desktop\MapleStory.lnk
2014-02-10 21:28 - 2012-07-26 23:13 - 00000000 ____D () C:\Program Files\Steam
2014-02-10 21:24 - 2014-02-10 21:23 - 01138688 _____ (Farbar) C:\Users\sladare\Desktop\FRST.exe
2014-02-10 21:23 - 2009-09-21 01:39 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-10 21:18 - 2012-09-18 01:20 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-10 21:12 - 2013-04-28 20:41 - 00000000 ____D () C:\Users\sladare\AppData\Roaming\Skype
2014-02-10 20:58 - 2008-01-21 09:35 - 01081700 _____ () C:\Windows\WindowsUpdate.log
2014-02-10 20:08 - 2006-11-02 20:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-10 20:08 - 2006-11-02 20:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-10 19:13 - 2012-12-25 17:05 - 00002845 _____ () C:\Users\sladare\funshion.ini
2014-02-10 16:12 - 2012-12-18 22:44 - 00000305 _____ () C:\bdsecushr.dat
2014-02-10 16:11 - 2012-07-06 21:27 - 00000000 ____D () C:\Users\sladare\AppData\Local\LogMeIn Hamachi
2014-02-10 16:11 - 2009-09-17 16:07 - 00000366 _____ () C:\Windows\lgfwup.ini
2014-02-10 16:11 - 2009-09-17 16:07 - 00000000 ____D () C:\Program Files\lg_fwupdate
2014-02-10 16:10 - 2013-11-03 20:48 - 00000000 ____D () C:\Users\sladare\AppData\Local\HTC MediaHub
2014-02-10 16:10 - 2013-06-07 21:36 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-02-10 16:10 - 2009-09-21 01:39 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-10 16:10 - 2009-09-17 16:04 - 00000000 ____D () C:\Users\sladare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-02-10 16:08 - 2006-11-02 21:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-10 14:58 - 2006-11-02 21:01 - 00032642 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-10 13:01 - 2010-11-27 12:01 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-09 23:02 - 2009-12-31 18:30 - 00000000 ___HD () C:\Users\sladare\Desktop\Bleach
2014-02-09 23:02 - 2009-10-02 23:14 - 00032768 _____ () C:\Users\sladare\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-09 18:45 - 2009-12-26 01:42 - 00000000 ____D () C:\Windows\Minidump
2014-02-09 18:44 - 2014-02-09 18:44 - 264674335 _____ () C:\Windows\MEMORY.DMP
2014-02-09 18:44 - 2014-02-09 18:44 - 00143016 _____ () C:\Windows\Minidump\Mini020914-01.dmp
2014-02-09 10:21 - 2014-02-08 20:24 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-02-08 22:51 - 2014-02-08 22:51 - 00602112 _____ (OldTimer Tools) C:\Users\sladare\Downloads\OTL.scr
2014-02-08 22:51 - 2014-02-08 22:51 - 00602112 _____ (OldTimer Tools) C:\Users\sladare\Downloads\OTL.com
2014-02-08 22:47 - 2014-02-08 22:47 - 00602112 _____ (OldTimer Tools) C:\Users\sladare\Desktop\OTL.exe
2014-02-08 22:06 - 2014-02-08 22:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sladare\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-08 21:52 - 2014-02-08 21:52 - 00000492 _____ () C:\Users\sladare\Downloads\Enable_Folder_Options (1).reg
2014-02-08 21:52 - 2014-02-08 21:51 - 00000492 _____ () C:\Users\sladare\Desktop\Enable_Folder_Options.reg
2014-02-08 21:40 - 2014-02-08 21:40 - 00000297 _____ () C:\Users\sladare\Documents\sladare - Shortcut.lnk
2014-02-08 21:26 - 2008-01-21 10:47 - 01072828 _____ () C:\Windows\PFRO.log
2014-02-08 20:41 - 2011-09-03 23:58 - 00000000 ____D () C:\Users\sladare\Downloads\Atom »
2014-02-08 20:28 - 2013-10-02 12:35 - 00000608 _____ () C:\Users\sladare\Desktop\Assassin's Creed Revelations (SP).lnk
2014-02-08 20:28 - 2013-10-02 12:35 - 00000608 _____ () C:\Users\sladare\Desktop\Assassin's Creed Revelations (PR).lnk
2014-02-08 20:28 - 2013-10-02 12:35 - 00000608 _____ () C:\Users\sladare\Desktop\Assassin's Creed Revelations (MP).lnk
2014-02-08 20:28 - 2013-01-11 22:23 - 00001678 _____ () C:\Users\Public\Desktop\Dishonored.lnk
2014-02-08 20:28 - 2012-07-14 18:25 - 00000722 _____ () C:\Users\sladare\Desktop\PLAY_PoRTaL - Shortcut.lnk
2014-02-08 20:28 - 2012-07-01 00:34 - 00001624 _____ () C:\Users\sladare\Desktop\Amnesia.lnk
2014-02-08 20:28 - 2009-11-14 12:22 - 00000691 _____ () C:\Users\sladare\Desktop\daorigins - Shortcut.lnk
2014-02-08 20:24 - 2014-02-08 20:24 - 00001754 _____ () C:\Users\sladare\Desktop\Sync Folder.lnk
2014-02-08 20:24 - 2014-02-08 20:24 - 00000884 _____ () C:\Users\sladare\Desktop\MyPC Backup.lnk
2014-02-08 20:24 - 2014-02-08 20:24 - 00000000 ____D () C:\Users\sladare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-02-08 20:23 - 2014-02-08 20:23 - 00742880 _____ () C:\Users\sladare\Downloads\AS_MAPLE_downloader.exe
2014-02-08 20:23 - 2014-02-08 20:23 - 00000000 ____D () C:\Users\sladare\AppData\Roaming\systweak
2014-02-08 20:23 - 2014-02-08 20:23 - 00000000 ____D () C:\Program Files\RegClean Pro
2014-02-08 20:19 - 2014-02-08 20:19 - 00015816 _____ () C:\Users\sladare\Downloads\Chronicle_2012_SYNCFIXED_DVDRip_XviD-SPARKS_[NO_RAR][Seedpeer].torrent
2014-02-07 21:37 - 2014-02-07 21:37 - 00054977 _____ () C:\Users\sladare\Downloads\identity-thief_english-735167.zip
2014-02-07 17:46 - 2014-02-07 17:46 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-02-07 17:46 - 2013-11-06 18:51 - 00000807 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-02-07 00:10 - 2014-02-07 00:10 - 00019737 _____ () C:\Users\sladare\Downloads\Identity_Thief_(2013)_[1080p].torrent
2014-02-05 16:05 - 2014-02-05 16:05 - 00035984 _____ () C:\Users\sladare\Downloads\ripd-rest-in-peace-department_english-805635.zip
2014-02-05 16:05 - 2014-02-05 16:05 - 00035984 _____ () C:\Users\sladare\Downloads\ripd-rest-in-peace-department_english-805635 (1).zip
2014-02-05 15:32 - 2014-02-05 15:32 - 00008264 _____ () C:\Users\sladare\Downloads\R_I_P_D__(2013)_720p_BrRip_x264_-_YIFY.torrent
2014-02-05 14:18 - 2012-09-18 01:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-05 14:18 - 2011-09-03 23:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 00:05 - 2012-10-13 20:34 - 00000000 ____D () C:\Program Files\AVG Secure Search
2014-02-04 00:16 - 2014-02-04 00:16 - 00102907 _____ () C:\Users\sladare\Desktop\sub.txt
2014-02-04 00:16 - 2013-10-01 20:56 - 00000000 ____D () C:\Users\sladare\Desktop\Intern Reports
2014-02-02 20:56 - 2014-02-02 20:56 - 00145117 _____ () C:\Users\sladare\Downloads\Ender's_Game_2013_BRRip_720p_x264_AAC_-_KiNGDOM.torrent
2014-02-01 18:08 - 2009-10-02 23:14 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-02-01 02:26 - 2012-07-20 23:31 - 00000000 ____D () C:\Users\sladare\Desktop\Mass_effect_2_agb_rip
2014-02-01 01:14 - 2013-06-21 17:06 - 00000000 ____D () C:\Users\sladare\Desktop\WISP
2014-02-01 01:11 - 2014-02-01 01:11 - 00051056 _____ () C:\Users\sladare\Downloads\the-worlds-end_english-827145.zip
2014-01-30 22:06 - 2006-11-02 18:33 - 00817398 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-27 19:28 - 2010-03-03 22:48 - 00000000 ____D () C:\Users\sladare\funshion
2014-01-26 18:30 - 2013-10-17 09:29 - 00000000 ____D () C:\Users\Public\Fundata
2014-01-26 18:27 - 2014-01-26 18:27 - 00000000 _____ () C:\sres.daw
2014-01-26 18:27 - 2013-10-17 09:29 - 00001009 _____ () C:\Users\Public\Desktop\风行.lnk
2014-01-26 18:27 - 2012-12-25 17:05 - 00000647 _____ () C:\Windows\system32\funshion.ini
2014-01-26 18:27 - 2010-03-03 22:48 - 00000000 ____D () C:\Program Files\Funshion Online
2014-01-26 12:08 - 2014-01-26 12:07 - 10949787 _____ () C:\Users\sladare\Downloads\Outlook (32).zip
2014-01-26 12:07 - 2014-01-26 12:07 - 06513416 _____ () C:\Users\sladare\Downloads\Outlook (31).zip
2014-01-25 22:34 - 2014-01-25 22:34 - 00017572 _____ () C:\Users\sladare\Downloads\The_World's_End_(2013)_[1080p].torrent
2014-01-25 22:34 - 2014-01-25 22:34 - 00017572 _____ () C:\Users\sladare\Downloads\The_World's_End_(2013)_[1080p] (1).torrent
2014-01-20 18:20 - 2014-01-20 18:19 - 00000000 __SHD () C:\1d3
2014-01-20 18:19 - 2014-01-20 18:19 - 00000000 __SHD () C:\Users\sladare\AppData\Roaming\1cc91
2014-01-20 18:19 - 2014-01-20 18:19 - 00000000 __SHD () C:\Program Files\03c
2014-01-20 13:06 - 2014-01-20 13:06 - 03988191 _____ () C:\Users\sladare\Downloads\Outlook (30).zip
2014-01-19 15:36 - 2014-01-19 15:35 - 00000000 ____D () C:\Users\sladare\Desktop\-CBBE-+feet 2_Female_Body_Mod_BBE_v0_2
2014-01-19 15:35 - 2013-09-27 21:52 - 00000000 ____D () C:\Users\sladare\Desktop\cardhunter2
2014-01-18 03:28 - 2014-01-24 20:05 - 00083272 _____ (Baidu Technology) C:\Windows\system32\Drivers\BDArKit.sys
2014-01-18 03:28 - 2013-12-17 20:20 - 00183624 _____ (Baidu) C:\Windows\system32\Drivers\bd0004.sys
2014-01-18 03:28 - 2013-12-17 20:20 - 00070984 _____ (Baidu) C:\Windows\system32\Drivers\bd0001.sys
2014-01-16 19:44 - 2009-09-17 18:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-16 19:42 - 2013-08-14 19:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 19:30 - 2006-11-02 18:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
 
Files to move or delete:
====================
C:\Users\sladare\jagex_cl_runescape_LIVE.dat
C:\Users\sladare\jagex_runescape_preferences.dat
C:\Users\sladare\jagex_runescape_preferences2.dat
 
 
Some content of TEMP:
====================
C:\Users\Rina\AppData\Local\Temp\install_flashplayer10x32_mssd_aih.exe
C:\Users\Rina\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Rina\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe
C:\Users\Rina\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Rina\AppData\Local\Temp\wlsetup-cvr.exe
C:\Users\sladare\AppData\Local\Temp\AutoUI.exe
C:\Users\sladare\AppData\Local\Temp\BackupSetup.exe
C:\Users\sladare\AppData\Local\Temp\CTPBSeq.exe
C:\Users\sladare\AppData\Local\Temp\dump.dll
C:\Users\sladare\AppData\Local\Temp\EAD132B.exe
C:\Users\sladare\AppData\Local\Temp\EAD16BA.exe
C:\Users\sladare\AppData\Local\Temp\EAD19C3.exe
C:\Users\sladare\AppData\Local\Temp\EAD1A6F.exe
C:\Users\sladare\AppData\Local\Temp\EAD1C93.exe
C:\Users\sladare\AppData\Local\Temp\EAD1CE9.exe
C:\Users\sladare\AppData\Local\Temp\EAD266A.exe
C:\Users\sladare\AppData\Local\Temp\EAD27AD.exe
C:\Users\sladare\AppData\Local\Temp\EAD28E0.exe
C:\Users\sladare\AppData\Local\Temp\EAD2C84.exe
C:\Users\sladare\AppData\Local\Temp\EAD3658.exe
C:\Users\sladare\AppData\Local\Temp\EAD375.exe
C:\Users\sladare\AppData\Local\Temp\EAD391B.exe
C:\Users\sladare\AppData\Local\Temp\EAD3BEB.exe
C:\Users\sladare\AppData\Local\Temp\EAD41A7.exe
C:\Users\sladare\AppData\Local\Temp\EAD43B1.exe
C:\Users\sladare\AppData\Local\Temp\EAD47CD.exe
C:\Users\sladare\AppData\Local\Temp\EAD48C2.exe
C:\Users\sladare\AppData\Local\Temp\EAD4B62.exe
C:\Users\sladare\AppData\Local\Temp\EAD4DE2.exe
C:\Users\sladare\AppData\Local\Temp\EAD4EC2.exe
C:\Users\sladare\AppData\Local\Temp\EAD5176.exe
C:\Users\sladare\AppData\Local\Temp\EAD51AB.exe
C:\Users\sladare\AppData\Local\Temp\EAD5337.exe
C:\Users\sladare\AppData\Local\Temp\EAD546F.exe
C:\Users\sladare\AppData\Local\Temp\EAD5673.exe
C:\Users\sladare\AppData\Local\Temp\EAD56C6.exe
C:\Users\sladare\AppData\Local\Temp\EAD57EA.exe
C:\Users\sladare\AppData\Local\Temp\EAD5E4.exe
C:\Users\sladare\AppData\Local\Temp\EAD623E.exe
C:\Users\sladare\AppData\Local\Temp\EAD67E.exe
C:\Users\sladare\AppData\Local\Temp\EAD6B5D.exe
C:\Users\sladare\AppData\Local\Temp\EAD71F6.exe
C:\Users\sladare\AppData\Local\Temp\EAD7620.exe
C:\Users\sladare\AppData\Local\Temp\EAD7E62.exe
C:\Users\sladare\AppData\Local\Temp\EAD84BB.exe
C:\Users\sladare\AppData\Local\Temp\EAD8E9B.exe
C:\Users\sladare\AppData\Local\Temp\EAD8EED.exe
C:\Users\sladare\AppData\Local\Temp\EAD9319.exe
C:\Users\sladare\AppData\Local\Temp\EAD9443.exe
C:\Users\sladare\AppData\Local\Temp\EAD9466.exe
C:\Users\sladare\AppData\Local\Temp\EAD982A.exe
C:\Users\sladare\AppData\Local\Temp\EAD98E1.exe
C:\Users\sladare\AppData\Local\Temp\EADA4B2.exe
C:\Users\sladare\AppData\Local\Temp\EADA7A0.exe
C:\Users\sladare\AppData\Local\Temp\EADACEF.exe
C:\Users\sladare\AppData\Local\Temp\EADB0C2.exe
C:\Users\sladare\AppData\Local\Temp\EADB62D.exe
C:\Users\sladare\AppData\Local\Temp\EADB799.exe
C:\Users\sladare\AppData\Local\Temp\EADB8B.exe
C:\Users\sladare\AppData\Local\Temp\EADC30.exe
C:\Users\sladare\AppData\Local\Temp\EADC828.exe
C:\Users\sladare\AppData\Local\Temp\EADCA7A.exe
C:\Users\sladare\AppData\Local\Temp\EADCF1D.exe
C:\Users\sladare\AppData\Local\Temp\EADD462.exe
C:\Users\sladare\AppData\Local\Temp\EADD476.exe
C:\Users\sladare\AppData\Local\Temp\EADD5D9.exe
C:\Users\sladare\AppData\Local\Temp\EADD5EF.exe
C:\Users\sladare\AppData\Local\Temp\EADD7CE.exe
C:\Users\sladare\AppData\Local\Temp\EADDD8B.exe
C:\Users\sladare\AppData\Local\Temp\EADDE84.exe
C:\Users\sladare\AppData\Local\Temp\EADE058.exe
C:\Users\sladare\AppData\Local\Temp\EADE0D5.exe
C:\Users\sladare\AppData\Local\Temp\EADE64.exe
C:\Users\sladare\AppData\Local\Temp\EADE64F.exe
C:\Users\sladare\AppData\Local\Temp\EADE668.exe
C:\Users\sladare\AppData\Local\Temp\EADE9F8.exe
C:\Users\sladare\AppData\Local\Temp\EADEA5C.exe
C:\Users\sladare\AppData\Local\Temp\EADEA9F.exe
C:\Users\sladare\AppData\Local\Temp\EADEBA8.exe
C:\Users\sladare\AppData\Local\Temp\EADEBB7.exe
C:\Users\sladare\AppData\Local\Temp\EADF0D8.exe
C:\Users\sladare\AppData\Local\Temp\EADF3B9.exe
C:\Users\sladare\AppData\Local\Temp\EADF3ED.exe
C:\Users\sladare\AppData\Local\Temp\First15.exe
C:\Users\sladare\AppData\Local\Temp\FunshionURLGetFileSize.dll
C:\Users\sladare\AppData\Local\Temp\gma.dll
C:\Users\sladare\AppData\Local\Temp\htmlayout.dll
C:\Users\sladare\AppData\Local\Temp\ICReinstall_AS_MAPLE_downloader.exe
C:\Users\sladare\AppData\Local\Temp\lowproc.exe
C:\Users\sladare\AppData\Local\Temp\Nexus%20Mod%20Manager-0.45.6.exe
C:\Users\sladare\AppData\Local\Temp\NGMDll.dll
C:\Users\sladare\AppData\Local\Temp\OptChrome.exe
C:\Users\sladare\AppData\Local\Temp\SimPack.exe
C:\Users\sladare\AppData\Local\Temp\SkypeSetup.exe
C:\Users\sladare\AppData\Local\Temp\sqlite3.exe
C:\Users\sladare\AppData\Local\Temp\stubhelper.dll
C:\Users\sladare\AppData\Local\Temp\Tsu3EDC4019.dll
C:\Users\sladare\AppData\Local\Temp\ubi4771.tmp.exe
C:\Users\sladare\AppData\Local\Temp\ubi7933.tmp.exe
C:\Users\sladare\AppData\Local\Temp\update.exe
C:\Users\sladare\AppData\Local\Temp\update_2_147.exe
C:\Users\sladare\AppData\Local\Temp\update_2_148.exe
C:\Users\sladare\AppData\Local\Temp\VersionModule.dll
C:\Users\sladare\AppData\Local\Temp\VP6Install.exe
C:\Users\sladare\AppData\Local\Temp\VP6VFW.dll
C:\Users\sladare\AppData\Local\Temp\zlib1.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-10 16:17
 
==================== End Of Log ============================



Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-02-2014 03
Ran by sladare at 2014-02-10 21:30:53
Running from C:\Users\sladare\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
 Update for Microsoft Office 2007 (KB2508958) (Version:  - Microsoft)
¿á¹·ÒôÀÖ2010(Õýʽ°æ) (Version: 6.2.01 - ¿á¹·ÒôÀÖ)
¿áÎÒÒôÀÖ 2012 (Version: 6.2.0.8 - ¿áÎҿƼ¼)
µTorrent (Version: 1.8.4 - )
1ClickDownloader (Version: 2.7 Build 26473 - 1ClickDownload) <==== ATTENTION
7-Zip 4.65 (Version:  - )
Acrobat.com (Version: 1.7.186 - Adobe Systems Incorporated)
Acrobat.com (Version: 1.7.186 - Adobe Systems Incorporated) Hidden
Adobe AIR (Version: 1.5.2.8900 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.2.8900 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader 9.4.5 (Version: 9.4.5 - Adobe Systems Incorporated)
Aeria Ignite (Version: 1.10.1721 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.10.1721 - Aeria Games & Entertainment) Hidden
Age of Empires III (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (Version: 1.00.0000 - Microsoft Game Studios) Hidden
AhnLab Online Security (Version:  - AhnLab, Inc)
Aion (HKCU Version:  - NCsoft)
Amnesia - The Dark Descent  (Version: 1.0.0 - Frictional Games)
Apple Application Support (Version: 1.2.1 - Apple Inc.)
Apple Mobile Device Support (Version: 3.0.0.102 - Apple Inc.)
Apple Software Update (Version: 2.1.2.120 - Apple Inc.)
Assassin's Creed Brotherhood (Version: 1.00 - Ubisoft)
Assassin's Creed II (Version: 1.01 - Ubisoft)
Assassin's Creed Revelations (Version:  - R.G. Mechanics, spider91)
Assassin's Creed Revelations (Version: 1.01 - Ubisoft)
ATI AVIVO Codecs (Version: 11.6.0.51125 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (Version: 3.0.804.0 - ATI Technologies, Inc.)
ATI Problem Report Wizard (Version: 3.0.804.0 - ATI Technologies) Hidden
AVG 2013 (Version: 13.0.3462 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.3697 - AVG Technologies) Hidden
AVG 2013 (Version: 2013.0.3462 - AVG Technologies)
AVG Security Toolbar (Version: 17.3.0.49 - AVG Technologies)
BaiduPlayer1.19.0.78 (Version: 1.19.0 - Baidu Online Network Technology (Beijing) Co., Ltd.)
Battle For Troy (Version:  - )
Bigasoft MKV Converter 3.7.50.5067 (Version:  - Bigasoft Corporation)
Bonjour (Version: 2.0.0.34 - Apple Inc.)
Borderlands (Version:  - Gearbox Software)
Borderlands 2 (Version:  - Gearbox Software)
Burnout™ Paradise The Ultimate Box (Version: 1.0.0.0 - Electronic Arts)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2010.1125.2148.39102 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2010.1125.2148.39102 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2010.1125.2148.39102 - ATI) Hidden
Catalyst Control Center Profiles Desktop (Version: 2010.1125.2148.39102 - ATI) Hidden
CCC Help Chinese Standard (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Czech (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Danish (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Dutch (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help English (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Finnish (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help French (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help German (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Greek (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Hungarian (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Italian (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Japanese (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Korean (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Norwegian (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Polish (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Portuguese (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Russian (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Spanish (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Swedish (Version: 2010.1125.2147.39102 - ATI) Hidden
CCC Help Thai (Version: 2010.1125.2147.39102 - ATI) Hidden
ccc-core-static (Version: 2010.1125.2148.39102 - ATI) Hidden
ccc-utility (Version: 2010.1125.2148.39102 - ATI) Hidden
Cheat Engine 6.1 (Version:  - Dark Byte)
Combined Community Codec Pack 2010-10-10 (Version: 2010.10.10.0 - CCCP Project)
ComicRack v0.9.156 (Version: v0.9.156 - cYo Soft)
Counter-Strike 1.6 (Version:  - )
Creative MediaSource 5 (Version: 5.00 - )
Creative Software AutoUpdate (Version:  - )
Creative System Information (Version:  - )
Cucusoft Ultimate Video Converter 7.18 (Version:  - Cucusoft, Inc.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Toolbar (Version: 1.0.8.0552 - DT Soft Ltd) <==== ATTENTION
Dawn of War - Soulstorm (Version: 1.00.0000 - THQ)
Dawn of War - Soulstorm (Version: 1.00.0000 - THQ) Hidden
Dishonored (Version:  - )
DivX Codec (Version: 6.8.5 - DivX, Inc.)
DivX Player (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (Version:  - DivX, Inc.)
DivX Subtitle Displayer 5.00 (Version:  - CooolSoft, Inc.)
DivX Web Player (Version: 1.5.0 - DivX,Inc.)
Dota 2 (Version:  - )
Dragon Age: Origins (Version: 1.03 - Electronic Arts, Inc.)
Dragon Nest SEA (Version: 1.33.0000 - Shanda Games International)
DVD Suite (Version: 5.0.1319 - CyberLink Corporation)
EA Download Manager (Version: 4.0.0.462 - Electronic Arts)
EA Download Manager (Version: 4.0.0.462 - Electronic Arts) Hidden
Eden Eternal (Version:  - )
Enemy Territory - QUAKE Wars™ (Version: 1.0 - Activision)
Enemy Territory - QUAKE Wars™ (Version: 1.0 - Activision) Hidden
Enemy Territory - QUAKE Wars™ Demo 2 (Version: 2.0 - Activision)
Enemy Territory - QUAKE Wars™ Demo 2 (Version: 2.0 - Activision) Hidden
Epson Easy Photo Print 2 (Version: 2.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (Version: 2.01.00 - SEIKO EPSON Corporation)
EPSON Stylus Office BX600FW_Office TX600FW_SX600FW Manual (Version:  - )
EPSON TX600FW Series Printer Uninstall (Version:  - SEIKO EPSON Corporation)
EpsonNet Config V3 (Version: 3.1a - SEIKO EPSON CORPORATION)
EpsonNet Print (Version: 2.4h - SEIKO EPSON CORPORATION)
Fable - The Lost Chapters (Version: 1.00.0000 - Microsoft Game Studios)
Fable - The Lost Chapters (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Fable III (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fallout Mod Manager 0.13.21 (Version:  - Q, Timeslip)
Fraps (Version:  - )
Free Mouse Auto Clicker 3.0 (Version:  - Advanced Mouse Auto Clicker ltd.)
Free YouTube to iPod Converter version 3.8 (Version:  - DVDVideoSoft Limited.)
FrostWire 4.18.5 (Version: 4.18.5.0 - FrostWire, LLC)
Full Tilt Poker (Version: 4.48.3.WIN.FullTilt.COM - )
Funshion (Version: 2.8.9.7 - 北京风行在线技术有限公司)
Game Booster (Version: 1.2.2.0 - IObit)
Garena - BlackShot (Version: update_2_143 - Garena Online Pte Ltd.)
Garena 2010 (Version: 2010 - Garena Online Pte Ltd.)
Garena Plus (Version: 2011 - Garena Online Pte Ltd.)
GifToFlashConverter 1.6 (Version:  - 789soft, Inc.)
Google Chrome (Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Grand Theft Auto IV (Version: 1.00.0000 - Rockstar Games)
Halo 2 (Version: 1.00.0000 - Microsoft Games)
HTC Driver Installer (Version: 4.8.0.002 - HTC Corporation)
HTC Sync Manager (Version: 2.3.32.0 - HTC)
HydraVision (Version: 4.2.184.0 - ATI Technologies Inc.) Hidden
Internet Explorer Toolbar 4.6 by SweetPacks (Version: 4.6.0003 - SweetIM Technologies Ltd.) <==== ATTENTION
IPTInstaller (Version: 4.0.8 - HTC)
iTunes (Version: 9.1.0.79 - Apple Inc.)
Java 7 Update 7 (Version: 7.0.70 - Oracle)
Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 17 (Version: 6.0.170 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (Version: 2.1.1 - Oracle Corporation)
League of Legends (Version: 1.25.000 - Riot Games) Hidden
LG ODD Auto Firmware Update (Version: 10.01.0712.01 - )
LogMeIn Hamachi (Version: 2.2.0.130 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.130 - LogMeIn, Inc.) Hidden
Lords of the Realm III (Version: 1.00.000 - )
Magic ISO Maker v5.5 (build 0276) (Version:  - )
MagicDisc 2.7.106 (Version:  - )
MapleStory (Version:  - )
MapleStorySEA (Version:  - )
Mass Effect 2 (Version:  - )
Max Payne 3 (Version: 1.0.0.0 - Rockstar Games)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Messenger Plus! Live (Version: 4.84.0.382 - Yuna Software)
Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
mkv2vob (Version: 2.4.9 - 3r1c)
Monkey's Audio (Version:  - )
MotioninJoy Gamepad tool 0.7.0000 (Version: 0.7.0000 - www.motioninjoy.com)
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPC Backup  (Version:  - JDi Backup Ltd) <==== ATTENTION
NCsoft Launcher (Version: 1.5.19002 - NCsoft)
Nero 7 Essentials (Version: 7.03.0546 - Nero AG)
Nexus Mod Manager (Version: 0.45.6 - Black Tree Gaming)
NVIDIA PhysX (Version: 9.11.1111 - NVIDIA Corporation)
OF Dragon Rising (Version: 1.00.0000 - Codemasters)
OpenAL (Version:  - )
Pando Media Booster (Version: 2.6.0.8 - Pando Networks Inc.)
PokerStars (Version:  - PokerStars)
PowerDVD (Version: 7.0.2414.0 - CyberLink Corporation)
PowerProducer (Version:  - )
PPStream V2.7.0.1080 Final (Version: 2.7.0.1080 - PPStream, Inc.)
PunkBuster Services (Version: 0.990 - Even Balance, Inc.)
QuickTime (Version: 7.66.71.0 - Apple Inc.)
QvodPlayer(QVOD) v3.5 (Version: 3.5 - Shenzhen Qvod Technology Co.,Ltd)
RealPlayer (Version:  - RealNetworks)
RealUpgrade 1.0 (Version: 1.0.0 - RealNetworks, Inc.) Hidden
RebirthRO (Version: 1.00.0000 - Rebirth BV)
RegClean Pro (Version: 6.21 - Systweak Inc) <==== ATTENTION
Rockstar Games Social Club (Version: 1.00.0000 - Rockstar Games)
SAMSUNG Mobile Modem Driver Set (Version:  - )
Samsung Mobile phone USB driver Software (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (Version:  - )
SAMSUNG Mobile USB Modem Software (Version:  - )
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SanDiskSecureAccess_Manager.exe (HKCU Version: 1.1.19755 - Gemalto N.V.)
Scribblenauts Unlimited (Version:  - )
Seagate Dashboard 2.0 (Version: 2.2.15.0 - Seagate)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Serious Sam 3: BFE (Version:  - Croteam)
Shaiya(US) (Version: 1.0 - AeriaGames)
Skype™ 6.7 (Version: 6.7.102 - Skype Technologies S.A.)
Sound Blaster X-Fi (Version: 1.0 - )
StarCraft II (Version: 1.0.3.16291 - Blizzard Entertainment)
Steam (Version: 1.0.0.0 - Valve Corporation)
SweetIM for Messenger 3.7 (Version: 3.7.0005 - SweetIM Technologies Ltd.) <==== ATTENTION
The Sims 2 (Version:  - )
Torchlight (Version: 1.0.69.23 - )
Total Video Converter 3.10 (Version:  - EffectMatrix Inc.)
TVUPlayer 2.5.3.1 (Version: 2.5.3.1 - TVU networks)
Ubisoft Game Launcher (Version: 1.0.0.0 - UBISOFT)
Uninstall 1.0.0.1 (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (Version:  - Microsoft)
Update Manager for SweetPacks 1.0 (Version: 1.0.0005 - SweetIM Technologies Ltd.) <==== ATTENTION
Update Service (Version: 2.10.7.15 - Sony Ericsson Mobile Communications AB)
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0 - DivX, Inc) Hidden
VLC media player 2.0.1 (Version: 2.0.1 - VideoLAN)
Warcraft III (Version:  - )
Warcraft III: All Products (HKCU Version:  - )
Winamp (Version: 5.572  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - MobileTop (sshpmdm) Modem  (02/23/2007 2.5.0.0) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows Driver Package - MobileTop (sshpusb) USB  (02/23/2007 2.5.0.0) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR archiver (Version:  - )
World in Conflict (Version: 1.0.0.0 - Massive Entertainment AB)
World of Warcraft (Version: 3.2.2.10505 - Blizzard Entertainment)
Yontoo 1.10.02 (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION
百度浏览器 (Version: 2.70 预览版 - 百度在线网络技术北京有限公司)
 
==================== Restore Points  =========================
 
09-02-2014 11:23:36 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
2006-11-02 18:23 - 2010-11-02 22:29 - 00002625 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 gosredirector.ea.com
127.0.0.1 blazeserver.blazeemu.org
127.0.0.1 gosgvaprod-qos01.ea.com
127.0.0.1 gosiadprod-qos01.ea.com
127.0.0.1 gossjcprod-qos01.ea.com
127.0.0.1 demangler.ea.com
127.0.0.1 vmp.tools.gos.ea.com
127.0.0.1 gosredirector.ea.com
127.0.0.1 blazeserver.blazeemu.org
127.0.0.1 gosgvaprod-qos01.ea.com
127.0.0.1 gosiadprod-qos01.ea.com
127.0.0.1 gossjcprod-qos01.ea.com
127.0.0.1 demangler.ea.com
127.0.0.1 vmp.tools.gos.ea.com
127.0.0.1 gosredirector.ea.com
127.0.0.1 blazeserver.blazeemu.org
127.0.0.1 gosgvaprod-qos01.ea.com
127.0.0.1 gosiadprod-qos01.ea.com
127.0.0.1 gossjcprod-qos01.ea.com
127.0.0.1 demangler.ea.com
127.0.0.1 vmp.tools.gos.ea.com
127.0.0.1 gosredirector.ea.com
127.0.0.1 blazeserver.blazeemu.org
127.0.0.1 gosgvaprod-qos01.ea.com
127.0.0.1 gosiadprod-qos01.ea.com
127.0.0.1 gossjcprod-qos01.ea.com
127.0.0.1 demangler.ea.com
127.0.0.1 vmp.tools.gos.ea.com
 
There are 27 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {107B392D-815C-40F6-8E65-667BD407E042} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {18D4175F-5D4B-47C9-B605-ED0DB0D90F21} - System32\Tasks\Funshion\FSPlatform => C:\Users\sladare\funshion\funshiontools\FSPAP.exe
Task: {1952D607-367A-4CE1-A535-137A260C0B60} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{514B8C69-BEA7-43A9-BBED-FDA540DABFCF}.exe
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1DF3E820-5DF5-46CE-B910-F96B87C55B11} - System32\Tasks\RealCreateProcessScheduledTask2543500S-1-5-21-1694180103-1537940920-2146257652-1000 => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-14] (RealNetworks, Inc.)
Task: {2DC05C81-C4FC-4781-8BB7-8CAFF02D3A0F} - System32\Tasks\RealCreateProcessScheduledTask18014890S-1-5-21-1694180103-1537940920-2146257652-1000 => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-14] (RealNetworks, Inc.)
Task: {2FE2C63F-39C4-4B74-BF40-1B6E50A36E59} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1694180103-1537940920-2146257652-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {315CF7DF-9DA7-4C1F-90BC-85E0466A1F4D} - System32\Tasks\sladare => C:\Program Files\Seagate\Seagate Dashboard 2.0\NBCore.exe [2012-11-08] (Seagate Technology LLC)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3B4D4042-83F4-41EA-A99C-71DFA9172208} - System32\Tasks\InstallShield Software update service => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-08-09] (InstallShield Software Corporation)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {4D4CA77F-2484-4B4A-9FE5-7B57C130F23D} - System32\Tasks\RealCreateProcessScheduledTask20095312S-1-5-21-1694180103-1537940920-2146257652-1000 => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-14] (RealNetworks, Inc.)
Task: {59A692FD-F76B-4A04-8A7C-29F3848455B0} - System32\Tasks\BaiduBrowserUpdater => C:\Program Files\Baidu\BaiduBrowser\bdupdate.exe [2014-01-02] (Baidu.com, Inc.)
Task: {600629F1-A004-4870-B301-C5C6DFE46D7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-21] (Google Inc.)
Task: {66325913-950E-4C24-B891-995801D28B2F} - System32\Tasks\Real Player online update program => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-14] (RealNetworks, Inc.)
Task: {748631E7-3D26-4B98-A1BD-E2EF2058C11E} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1694180103-1537940920-2146257652-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {8A9173BF-D7CC-46C0-A839-87AADAD8BFDD} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1694180103-1537940920-2146257652-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {93F22517-3863-4672-A2E0-61C82E8D397F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-21] (Google Inc.)
Task: {963FF781-103D-4A06-82A6-912D92479FB1} - System32\Tasks\RealCreateProcessScheduledTask1570906S-1-5-21-1694180103-1537940920-2146257652-1000 => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-14] (RealNetworks, Inc.)
Task: {998ADC5B-912B-478C-83C7-4FAF6FD456CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {9AE96CA9-5F00-42B9-A310-41E434F6DF27} - System32\Tasks\{8F122196-F189-4DE1-AA80-4CC76BA99FD7} => Chrome.exe http://ui.skype.com/ui/0/6.10.0.104/en/abandoninstall?page=tsMain
Task: {A610590C-D46D-4674-A02D-37E6F6D02FDE} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-05] (Adobe Systems Incorporated)
Task: {AD21D350-AE59-46E1-B99C-E0BCD2D4379C} - System32\Tasks\RealCreateProcessScheduledTask22785140S-1-5-21-1694180103-1537940920-2146257652-1000 => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-14] (RealNetworks, Inc.)
Task: {ADC4DDE6-B3F2-41F5-B8D6-4307AB303B30} - System32\Tasks\InstallShield Software online update program => C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2004-08-09] (InstallShield Software Corporation)
Task: {B457CA10-ABD8-4D74-B5B7-BAB512F0CC8E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2009-10-22] (Apple Inc.)
Task: {B7737640-D30B-4A8D-9DEA-39BC7FE24FD8} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1694180103-1537940920-2146257652-1002 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {BB934EF0-304A-48E2-96E0-F6E19EA10C23} - System32\Tasks\sladare Merge => C:\Program Files\Seagate\Seagate Dashboard 2.0\NBCore.exe [2012-11-08] (Seagate Technology LLC)
Task: {C9C2B673-4477-478D-9AF5-99B7626D0204} - System32\Tasks\RealCreateProcessScheduledTask89500S-1-5-21-1694180103-1537940920-2146257652-1000 => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-14] (RealNetworks, Inc.)
Task: {CF696ACA-1D5F-43BC-BFA7-9EAA8584F0C7} - System32\Tasks\{4F09B035-47C0-4294-8E50-5AED3B711CCF} => Chrome.exe http://ui.skype.com/ui/0/6.11.0.102/en/abandoninstall?page=tsMain
Task: {E1727A2F-E930-4DED-BFD5-28DC46BEE56D} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {E4E0E591-A24B-4EB9-BCAA-7CC284475EF9} - System32\Tasks\RealCreateProcessScheduledTask426781S-1-5-21-1694180103-1537940920-2146257652-1000 => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-14] (RealNetworks, Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EB275674-0849-4AA5-BD83-30C287BD590D} - System32\Tasks\RealCreateProcessScheduledTask1572843S-1-5-21-1694180103-1537940920-2146257652-1000 => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-14] (RealNetworks, Inc.)
Task: {F26FD26F-C529-478D-A9FD-A54D6DCCC18B} - System32\Tasks\RealCreateProcessScheduledTask153234S-1-5-21-1694180103-1537940920-2146257652-1000 => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-14] (RealNetworks, Inc.)
Task: {FA171B7D-79AA-49F6-B653-1B5434F104AC} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1694180103-1537940920-2146257652-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {FF4AFCED-2FEA-4CEF-9E6B-745C8EE774A7} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1694180103-1537940920-2146257652-1002 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{514B8C69-BEA7-43A9-BBED-FDA540DABFCF}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2010-11-26 10:15 - 2010-11-26 10:15 - 00023040 _____ () C:\Windows\system32\atitmpxx.dll
2009-09-17 18:04 - 2009-08-16 17:06 - 00141312 _____ () C:\Program Files\WinRAR\rarext.dll
2013-10-17 17:09 - 2013-10-17 17:09 - 00821600 _____ () C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
2009-09-17 17:09 - 2007-01-09 17:05 - 00067072 ____N () C:\Windows\system32\CmdRtr.dll
2009-09-17 17:09 - 2007-02-12 09:22 - 00105472 ____N () C:\Windows\system32\APOMngr.dll
2012-10-13 20:34 - 2014-02-05 00:05 - 02552856 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2014-01-09 21:36 - 2014-01-09 21:35 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
2009-09-17 17:10 - 2007-03-05 15:09 - 00003072 _____ () C:\Windows\CTXFIRES.DLL
2012-02-15 07:05 - 2012-02-15 07:37 - 11796096 _____ () C:\Users\sladare\AppData\Roaming\SanDisk\My Vaults\dmBackup.dll
2012-12-18 17:23 - 2012-12-18 17:23 - 01328592 _____ () C:\Program Files\Baidu\BaiduPlayer\1.19.0.78\BaiduPlayer.exe
2012-12-18 17:23 - 2012-12-18 17:23 - 00750216 _____ () C:\Program Files\Baidu\BaiduPlayer\1.19.0.78\XDownloader.dll
2012-12-18 17:23 - 2012-12-18 17:23 - 01594832 _____ () C:\Program Files\Baidu\BaiduPlayer\1.19.0.78\bdplayer.dll
2012-12-18 17:23 - 2012-12-18 17:23 - 00394704 _____ () C:\Program Files\Baidu\BaiduPlayer\1.19.0.78\statistics.dll
2012-09-13 14:37 - 2012-09-13 14:37 - 00602544 _____ () C:\Program Files\KuWo\KWMUSIC\bin\kwmusic.exe
2012-09-13 14:38 - 2012-09-13 14:38 - 00056752 _____ () C:\Program Files\KuWo\KWMUSIC\bin\Zlib.dll
2012-09-13 14:35 - 2012-09-13 14:35 - 00726448 _____ () C:\Program Files\KuWo\KWMUSIC\bin\DuiLib.dll
2012-09-13 14:35 - 2012-09-13 14:35 - 00031664 _____ () C:\Program Files\KuWo\KWMUSIC\bin\KwHttp.dll
2012-09-13 14:35 - 2012-09-13 14:35 - 00038832 _____ () C:\Program Files\KuWo\KWMUSIC\bin\IEProxy.dll
2012-09-13 14:37 - 2012-09-13 14:37 - 00063408 _____ () C:\Program Files\KuWo\KWMUSIC\bin\KwServiceProxy.dll
2012-09-13 14:37 - 2012-09-13 14:37 - 00256944 _____ () C:\Program Files\KuWo\KWMUSIC\bin\KwModUser.dll
2012-09-13 14:38 - 2012-09-13 14:38 - 00204720 _____ () C:\Program Files\KuWo\KWMUSIC\bin\UINowPlaying.dll
2012-09-13 14:38 - 2012-09-13 14:38 - 00558512 _____ () C:\Program Files\KuWo\KWMUSIC\bin\UIPlaylist.dll
2012-09-13 14:38 - 2012-09-13 14:38 - 00311728 _____ () C:\Program Files\KuWo\KWMUSIC\bin\UIPlayControl.dll
2012-09-13 14:37 - 2012-09-13 14:37 - 00063408 _____ () C:\Program Files\KuWo\KWMUSIC\bin\KwSongCache.dll
2012-09-13 14:38 - 2012-09-13 14:38 - 00311216 _____ () C:\Program Files\KuWo\KWMUSIC\bin\UIDownload.dll
2012-09-13 14:36 - 2012-09-13 14:36 - 00222128 _____ () C:\Program Files\KuWo\KWMUSIC\bin\KwModSkinManage.dll
2012-09-13 14:38 - 2012-09-13 14:38 - 00581552 _____ () C:\Program Files\KuWo\KWMUSIC\bin\UINetSong.dll
2012-09-13 14:35 - 2012-09-13 14:35 - 00035248 _____ () C:\Program Files\KuWo\KWMUSIC\bin\KuwoSyncMobile.dll
2012-09-13 14:38 - 2012-09-13 14:38 - 00243632 _____ () C:\Program Files\KuWo\KWMUSIC\bin\UIMiniPanel.dll
2012-09-13 14:38 - 2012-09-13 14:38 - 00102320 _____ () C:\Program Files\KuWo\KWMUSIC\bin\UIDeskLyric.dll
2012-09-13 14:36 - 2012-09-13 14:36 - 00035760 _____ () C:\Program Files\KuWo\KWMUSIC\bin\KwModUpdateWeb.dll
2012-09-13 14:35 - 2012-09-13 14:35 - 00398256 _____ () C:\Program Files\KuWo\KWMUSIC\bin\IESandBox.exe
2012-12-18 17:23 - 2012-12-18 17:23 - 00516744 _____ () C:\Program Files\Baidu\BaiduPlayer\1.19.0.78\BaiduP2PService.exe
2012-12-18 17:23 - 2012-12-18 17:23 - 00211880 _____ () C:\Program Files\Baidu\BaiduPlayer\1.19.0.78\XLog.dll
2014-02-06 23:19 - 2014-02-06 23:19 - 00012288 _____ () C:\Program Files\MyPC Backup\GetText.dll
2014-02-06 23:13 - 2014-02-06 23:13 - 00904704 _____ () C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
2014-02-04 12:28 - 2014-02-02 07:42 - 04055368 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-04 12:28 - 2014-02-02 07:42 - 00399688 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-04 12:28 - 2014-02-02 07:41 - 01634632 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2014-02-04 12:28 - 2014-02-02 07:42 - 13616456 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
2014-01-26 18:27 - 2014-01-26 18:27 - 00989832 _____ () C:\Program Files\Funshion Online\2.8.9.7\InnerWeb.exe
2014-01-19 13:47 - 2014-01-19 13:47 - 04591616 _____ () C:\Users\sladare\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libglesv2.dll
2014-01-19 13:47 - 2014-01-19 13:47 - 00112128 _____ () C:\Users\sladare\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libegl.dll
2012-09-13 14:37 - 2012-09-13 14:37 - 00037808 _____ () C:\Program Files\KuWo\KWMUSIC\bin\KwService.exe
2012-09-13 14:40 - 2012-09-13 14:40 - 00246704 _____ () C:\Program Files\KuWo\KWMUSIC\bin\plugin\IN_MP4.DLL
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Windows\System32:PI.EXE
AlternateDataStreams: C:\Users\sladare\Desktop\17072010004.MP4:TOC.WMV
AlternateDataStreams: C:\Users\sladare\Downloads\Explosiv - DAS MAGAZIN - RTL.de.flv:TOC.WMV
AlternateDataStreams: C:\Users\sladare\Downloads\[HorribleSubs]_Kateikyoushi_Hitman_Reborn_-_172_[480p].mkv:TOC.WMV
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft 6to4 Adapter #2
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Microsoft 6to4 Adapter #4
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Microsoft 6to4 Adapter #5
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Microsoft ISATAP Adapter #6
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Microsoft ISATAP Adapter #7
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Microsoft Loopback Adapter
Description: Microsoft Loopback Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: msloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/10/2014 01:03:48 PM) (Source: Application Error) (User: )
Description: Faulting application rundll32.exe, version 6.0.6000.16386, time stamp 0x4549b0e1, faulting module Zhongshan.dll, version 1.0.0.5, time stamp 0x52aaa301, exception code 0xc0000005, fault offset 0x0000da50,
process id 0x1a24, application start time 0xrundll32.exe0.
 
Error: (02/09/2014 06:51:47 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SLADARE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK DVD SUITE\POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (02/09/2014 06:51:47 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SLADARE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK DVD SUITE\POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (02/09/2014 06:51:47 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SLADARE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK DVD SUITE\POWERDVD\READ ME.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (02/09/2014 06:51:47 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SLADARE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK DVD SUITE\POWERDVD\READ ME.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (02/09/2014 06:51:47 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SLADARE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK DVD SUITE\POWERDVD\POWERDVD HELP FILE.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (02/09/2014 06:51:47 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SLADARE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK DVD SUITE\POWERDVD\POWERDVD HELP FILE.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (02/09/2014 06:51:47 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SLADARE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK DVD SUITE\POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (02/09/2014 06:51:47 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SLADARE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK DVD SUITE\POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (02/09/2014 10:55:28 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SLADARE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK DVD SUITE\POWERDVD\READ ME.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
 
System errors:
=============
Error: (02/10/2014 04:14:42 PM) (Source: Service Control Manager) (User: )
Description: HTCMonitorService1
 
Error: (02/10/2014 04:09:10 PM) (Source: Service Control Manager) (User: )
Description: mysql%%3
 
Error: (02/10/2014 04:09:10 PM) (Source: Service Control Manager) (User: )
Description: FSServicePlatform%%126
 
Error: (02/10/2014 04:09:10 PM) (Source: Service Control Manager) (User: )
Description: Computer Backup (MyPC Backup)%%1053
 
Error: (02/10/2014 04:09:10 PM) (Source: Service Control Manager) (User: )
Description: 30000Computer Backup (MyPC Backup)
 
Error: (02/10/2014 04:09:10 PM) (Source: Service Control Manager) (User: )
Description: EpsonBidirectionalService%%1053
 
Error: (02/10/2014 04:09:10 PM) (Source: Service Control Manager) (User: )
Description: 30000EpsonBidirectionalService
 
Error: (02/10/2014 04:09:10 PM) (Source: Service Control Manager) (User: )
Description: Windows Firewall13 (0xD)
 
Error: (02/10/2014 02:57:54 PM) (Source: Service Control Manager) (User: )
Description: ScRegSetValueExWFailureActions%%5
 
Error: (02/10/2014 01:02:06 PM) (Source: Service Control Manager) (User: )
Description: HTCMonitorService1
 
 
Microsoft Office Sessions:
=========================
Error: (08/19/2013 05:50:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1477 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error: (05/10/2012 00:09:45 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 313 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error: (01/24/2012 11:34:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2425 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error: (01/24/2012 11:34:01 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 2368 seconds with 60 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-02-10 21:29:47.565
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-10 21:29:47.337
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-10 21:29:47.162
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-10 21:29:47.001
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-10 21:29:46.786
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-10 21:29:46.575
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-10 21:29:46.359
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-10 21:29:46.182
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-09 18:47:24.367
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys.do because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-09 18:47:24.227
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys.do because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 65%
Total physical RAM: 3326.58 MB
Available physical RAM: 1146.26 MB
Total Pagefile: 6848.29 MB
Available Pagefile: 4235.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1904.01 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:298.09 GB) (Free:1.75 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive i: (Seagate Backup Plus Drive) (Fixed) (Total:931.51 GB) (Free:550.73 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: E01F59AE)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 932 GB) (Disk ID: F64C8A7D)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:35 AM

Posted 10 February 2014 - 12:54 PM



Hello Sladare

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Sladare

Sladare
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 14 February 2014 - 10:19 AM

Hey sorry , i would need more time ! i have a presentation to rush for on next wednesday ! , i would do it this on next wednesday , okay? Thanks for your time (: !



#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:35 AM

Posted 14 February 2014 - 10:37 AM

No problem and I will be here when you are ready


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:35 AM

Posted 21 February 2014 - 08:17 AM



Hello

48 Hour bump

It has been more than 48 hours since my last post.
  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:35 AM

Posted 27 February 2014 - 08:46 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users