Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No Programs Will Run


  • This topic is locked This topic is locked
10 replies to this topic

#1 Khellendros

Khellendros

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Clemente, California
  • Local time:08:31 PM

Posted 16 March 2014 - 02:36 PM

I had a thread in a different subforum on this here and was requested to make one in this subforum. Of course, I am unable to complete any of the DDS logmaking steps requested when making a thread here. Can anyone help?



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 AM

Posted 17 March 2014 - 07:21 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 Khellendros

Khellendros
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Clemente, California
  • Local time:08:31 PM

Posted 17 March 2014 - 02:58 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Jupiter (administrator) on JUPITER-PC on 17-03-2014 12:49:14
Running from C:\Users\Jupiter\Desktop
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [621440 2009-09-29] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Microsoft Pinyin IME Migration] - C:\Program Files\Common Files\Microsoft Shared\IME12\IMESC\IMSCMIG.EXE [60264 2008-10-25] (Microsoft Corporation)
HKLM\...\Run: [EeeStorageBackup] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe MySyncFolder
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2009-11-26] (IDT, Inc.)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1580368 2010-11-03] (Logitech, Inc.)
HKLM-x32\...\Run: [Microsoft Pinyin IME Migration] - C:\Program Files (x86)\Common Files\microsoft shared\IME12\IMESC\IMSCMIG.EXE [32112 2011-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6998656 2009-10-26] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [843776 2009-06-05] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SBAMTray] - C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe [1348944 2010-08-20] (Sunbelt Software)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [273528 2011-10-31] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-3534801429-2847424189-3587982134-1001\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3534801429-2847424189-3587982134-1001\...\Run: [Akamai NetSession Interface] - C:\Users\Jupiter\AppData\Local\Akamai\netsession_win.exe [3331872 2012-05-08] (Akamai Technologies, Inc)
HKU\S-1-5-21-3534801429-2847424189-3587982134-1001\...\MountPoints2: {c9abc81a-f90d-11e0-bd55-485b3905c5d2} - "F:\WD SmartWare.exe" autoplay=true
Startup: C:\Users\Jupiter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.77.116.3 192.77.116.72

FireFox:
========
FF ProfilePath: C:\Users\Jupiter\AppData\Roaming\Mozilla\Firefox\Profiles\5q8lw96a.default
FF user.js: detected! => C:\Users\Jupiter\AppData\Roaming\Mozilla\Firefox\Profiles\5q8lw96a.default\user.js
FF Homepage: google.com
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.669 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.669 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.669 - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\Jupiter\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-10-26]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-31]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Jupiter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-10-31]
CHR Extension: (Google Wallet) - C:\Users\Jupiter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-23]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-10-31]

==================== Services (Whitelisted) =================

S2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-12-22] (Akamai Technologies, Inc.)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2010-04-25] ()
S2 SBAMSvc; C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe [2763080 2010-08-20] (Sunbelt Software)
S2 SBPIMSvc; C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe [181584 2010-08-20] (Sunbelt Software)
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe [243712 2009-11-26] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-02] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [64600 2010-06-14] (Sunbelt Software)
R1 SBRE; C:\Windows\system32\drivers\SBREdrv.sys [49752 2010-03-22] (Sunbelt Software)
R1 SBRE; C:\Windows\SysWOW64\drivers\SBREdrv.sys [98392 2010-05-13] (Sunbelt Software)
R1 SbTis; C:\Windows\System32\drivers\sbtis.sys [94296 2010-07-27] (Sunbelt Software, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
U3 tmlwf; 
U3 tmwfp; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-17 12:49 - 2014-03-17 12:49 - 00016609 _____ () C:\Users\Jupiter\Desktop\FRST.txt
2014-03-17 12:48 - 2014-03-17 12:49 - 00000000 ____D () C:\FRST
2014-03-17 12:47 - 2014-03-17 12:47 - 02157056 _____ (Farbar) C:\Users\Jupiter\Desktop\FRST64.exe

==================== One Month Modified Files and Folders =======

2014-03-17 12:49 - 2014-03-17 12:49 - 00016609 _____ () C:\Users\Jupiter\Desktop\FRST.txt
2014-03-17 12:49 - 2014-03-17 12:48 - 00000000 ____D () C:\FRST
2014-03-17 12:48 - 2010-03-04 23:18 - 01920350 _____ () C:\Windows\WindowsUpdate.log
2014-03-17 12:47 - 2014-03-17 12:47 - 02157056 _____ (Farbar) C:\Users\Jupiter\Desktop\FRST64.exe
2014-03-17 12:46 - 2013-12-23 00:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-17 12:46 - 2009-07-13 21:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-17 12:46 - 2009-07-13 21:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-17 12:45 - 2010-04-20 21:28 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E581199A-3FC1-4587-96BF-8F277958E6CC}
2014-03-17 12:43 - 2009-07-13 22:13 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-17 12:42 - 2012-06-04 10:38 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-17 12:41 - 2011-10-31 08:47 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-17 12:41 - 2011-10-31 08:47 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

Some content of TEMP:
====================
C:\Users\Jupiter\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\Jupiter\AppData\Local\Temp\detectionui_r.exe
C:\Users\Jupiter\AppData\Local\Temp\directx10tests_rd.dll
C:\Users\Jupiter\AppData\Local\Temp\directx11tests_rd.dll
C:\Users\Jupiter\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\Jupiter\AppData\Local\Temp\local.dll
C:\Users\Jupiter\AppData\Local\Temp\lowproc.exe
C:\Users\Jupiter\AppData\Local\Temp\SCC.dll
C:\Users\Jupiter\AppData\Local\Temp\stubhelper.dll
C:\Users\Jupiter\AppData\Local\Temp\TmDbg64.dll
C:\Users\Jupiter\AppData\Local\Temp\uttBE42.tmp.exe
C:\Users\Jupiter\AppData\Local\Temp\uttE529.tmp.exe
C:\Users\Jupiter\AppData\Local\Temp\_is82D8.exe
C:\Users\Jupiter\AppData\Local\Temp\_isF70D.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-05 19:10

==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Jupiter at 2014-03-17 12:50:00
Running from C:\Users\Jupiter\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Sunbelt VIPRE (Disabled - Out of date) {BE5DD172-7F42-7948-1A60-E6A720288F81}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Sunbelt VIPRE (Disabled - Out of date) {053C3096-5978-76C6-20D0-DDD55BAFC53C}

==================== Installed Programs ======================

2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.4 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.4 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.10 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.0.1.152 - Adobe Systems Incorporated)
Adobe Illustrator CS5.1 (HKLM-x32\...\{23767F5D-A80C-4264-B8EA-ED4085FC332A}) (Version: 15.1 - Adobe Systems Incorporated)
Adobe Reader 9.2 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.2.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - )
Akamai NetSession Interface Service (HKLM-x32\...\Akamai) (Version:  - )
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.8 - ASUS)
ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS)
ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.27 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ATI Catalyst Install Manager (HKLM\...\{80AB4395-42E3-D0B3-A310-6F0A6BD9709B}) (Version: 3.0.750.0 - ATI Technologies, Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0001 - ASUS)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
BitTorrent (HKLM-x32\...\BitTorrent) (Version:  - BitTorrent, Inc)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1111.1543.28169 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help English (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help French (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help German (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
ccc-core-static (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
ccc-utility64 (Version: 2009.1111.1543.28169 - ATI) Hidden
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.5 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3509a - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3509a - CyberLink Corp.) Hidden
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.00.01 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON WorkForce 610 Series Printer Uninstall (HKLM\...\EPSON WorkForce 610 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4i - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
ETDWare PS/2-x64 7.0.5.9_WHQL (HKLM\...\Elantech) (Version:  - )
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS)
FileZilla Client 3.5.2 (HKLM-x32\...\FileZilla Client) (Version: 3.5.2 - FileZilla Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.111 - Google Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6259.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
K_Series_ScreenSaver_EN (HKLM-x32\...\K_Series_ScreenSaver_EN) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (Arabic) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Arabic) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95120000-0120-0409-0000-0000000FF1CE}) (Version: 12.0.6414.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (Arabic) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Arabic) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Basque) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Arabic) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Chinese (Simplified)) 2007 (x32 Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Chinese (Traditional)) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Chinese (Traditional)) 2007 (x32 Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2007 (x32 Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Portugal)) 2007 (x32 Version: 12.0.4518.1029 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Thai) 2007 (x32 Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Turkish) 2007 (x32 Version: 12.0.4518.1027 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (Arabic) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (French) 2007 (HKLM-x32\...\{90120000-0019-040C-0000-0000000FF1CE}) (Version:  - )
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Arabic) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Thai) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Turkish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Arabic) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Arabic) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 12.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 12.0 (x86 en-US)) (Version: 12.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 12.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NB Probe (HKLM-x32\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version:  - PokerStars.net)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 12.0) (Version:  - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version:  - )
VIPRE Antivirus (HKLM-x32\...\{F9D06C1D-EEB6-443A-B5BE-63CE1A5C1290}) (Version: 4.0.3904 - Sunbelt Software)
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
WebEx (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8052.1208 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM-x32\...\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.15 - ASUS)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

==================== Restore Points  =========================

23-12-2013 11:00:12 Windows Update
23-12-2013 11:27:05 Windows Modules Installer
06-01-2014 00:21:29 Windows Update
06-01-2014 00:51:34 Windows Update
19-01-2014 07:15:43 Windows Modules Installer
19-01-2014 07:23:51 Windows Update
17-03-2014 19:41:46 Windows Update

==================== Hosts content: ==========================

2009-07-13 19:34 - 2013-12-22 23:43 - 00450660 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {006450D5-AF3A-45E7-829D-E65634BEC2BD} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {1062E31B-E744-41E5-A49A-CA74BE05E8CD} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-18] (ASUS)
Task: {1C4C5FC5-2108-4A06-84BB-17A41B619816} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-31] (Google Inc.)
Task: {385A829B-6FA6-421C-BB24-A37AD1AF170F} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {5024F1D4-CEE9-423D-8F7B-E2E81E52AD57} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-31] (Google Inc.)
Task: {67216C71-1E40-4B39-826D-CD5E64B1F23A} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3534801429-2847424189-3587982134-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: {7A85526D-3B5E-450E-851E-7DF97C63A4BB} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-11-24] ()
Task: {8707B949-AA28-4EAE-8D19-E9105BCFBCA8} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3534801429-2847424189-3587982134-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: {AAB5FE46-B3A7-4FBF-935E-61E11A64F98A} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-01-04] ()
Task: {D197D777-01CD-42EC-8366-D0C9B09AFBFC} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-12-23] (ATK)
Task: {D974A655-F33F-4C30-865A-F57885B49BCF} - System32\Tasks\AdobeAAMUpdater-1.0-Jupiter-PC-Jupiter => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {EB3901D4-70F0-4E8E-8548-AC7CA356A486} - System32\Tasks\Net4Switch => C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2007-06-15 10:28 - 2007-06-15 10:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
2007-06-01 16:52 - 2007-06-01 16:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-01-02 07:42 - 2010-01-02 07:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-05-17 23:10 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2008-09-30 23:02 - 2008-09-30 23:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2009-12-23 14:12 - 2009-12-23 14:12 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2009-12-18 20:11 - 2009-12-18 20:11 - 00033280 _____ () C:\Program Files\P4G\OvrClk.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:15024E60

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBPIMSvc => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2014 00:24:31 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Shared MUI (Spanish) 2007 - Update 'Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition ' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (01/19/2014 00:24:31 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Producto: Microsoft Office Shared MUI (Spanish) 2007 -- Error 1719. No se tiene acceso al servicio de Windows Installer. Esto puede suceder si Windows Installer no está correctamente instalado. Póngase en contacto con el personal de soporte técnico para obtener ayuda.

Error: (01/19/2014 00:24:22 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Outlook MUI (French) 2007 - Update 'Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (01/19/2014 00:24:22 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Produit : Microsoft Office Outlook MUI (French) 2007 -- Erreur 1719. Impossible d’accéder au service Windows Installer. Ceci peut se produire si le programme d’installation de Windows n’est pas bien installé. Contactez votre support technique pour assistance.

Error: (01/05/2014 06:29:24 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/05/2014 06:28:59 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/05/2014 06:28:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/05/2014 06:28:56 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/05/2014 05:52:07 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Windows Installer proxy information not correctly registered

Error: (01/05/2014 05:32:43 PM) (Source: MsiInstaller) (User: Jupiter-PC)
Description: Windows Installer proxy information not correctly registered


System errors:
=============
Error: (03/17/2014 00:48:04 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (03/17/2014 00:48:03 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (03/17/2014 00:46:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.

Error: (03/17/2014 00:46:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft Office 2007 suites (KB2760415).

Error: (03/17/2014 00:46:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070663: Security Update for Microsoft Office 2007 suites (KB2687499).

Error: (03/17/2014 00:46:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 10 for Windows 7 for x64-based Systems.

Error: (03/17/2014 00:46:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2667402).

Error: (03/17/2014 00:46:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070663: Update for Microsoft Office 2007 suites (KB2767849).

Error: (03/17/2014 00:46:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Silverlight (KB2890788).

Error: (03/17/2014 00:46:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Microsoft Office Outlook 2007 (KB2687404).


Microsoft Office Sessions:
=========================
Error: (10/13/2011 02:43:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 20536 seconds with 3660 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 45%
Total physical RAM: 3948.55 MB
Available physical RAM: 2161.72 MB
Total Pagefile: 7895.27 MB
Available Pagefile: 5956.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:23.95 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:334.67 GB) (Free:325.74 GB) NTFS
Drive f: (PENDRIVE) (Removable) (Total:3.73 GB) (Free:2.02 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=15 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=335 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.

==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Jupiter (administrator) on JUPITER-PC on 17-03-2014 12:49:14
Running from C:\Users\Jupiter\Desktop
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [621440 2009-09-29] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Microsoft Pinyin IME Migration] - C:\Program Files\Common Files\Microsoft Shared\IME12\IMESC\IMSCMIG.EXE [60264 2008-10-25] (Microsoft Corporation)
HKLM\...\Run: [EeeStorageBackup] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe MySyncFolder
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2009-11-26] (IDT, Inc.)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1580368 2010-11-03] (Logitech, Inc.)
HKLM-x32\...\Run: [Microsoft Pinyin IME Migration] - C:\Program Files (x86)\Common Files\microsoft shared\IME12\IMESC\IMSCMIG.EXE [32112 2011-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6998656 2009-10-26] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [843776 2009-06-05] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SBAMTray] - C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe [1348944 2010-08-20] (Sunbelt Software)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [273528 2011-10-31] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-3534801429-2847424189-3587982134-1001\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-3534801429-2847424189-3587982134-1001\...\Run: [Akamai NetSession Interface] - C:\Users\Jupiter\AppData\Local\Akamai\netsession_win.exe [3331872 2012-05-08] (Akamai Technologies, Inc)
HKU\S-1-5-21-3534801429-2847424189-3587982134-1001\...\MountPoints2: {c9abc81a-f90d-11e0-bd55-485b3905c5d2} - "F:\WD SmartWare.exe" autoplay=true
Startup: C:\Users\Jupiter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.77.116.3 192.77.116.72

FireFox:
========
FF ProfilePath: C:\Users\Jupiter\AppData\Roaming\Mozilla\Firefox\Profiles\5q8lw96a.default
FF user.js: detected! => C:\Users\Jupiter\AppData\Roaming\Mozilla\Firefox\Profiles\5q8lw96a.default\user.js
FF Homepage: google.com
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.669 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.669 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.669 - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\Jupiter\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-10-26]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-31]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Jupiter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-10-31]
CHR Extension: (Google Wallet) - C:\Users\Jupiter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-23]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-10-31]

==================== Services (Whitelisted) =================

S2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-12-22] (Akamai Technologies, Inc.)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2010-04-25] ()
S2 SBAMSvc; C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe [2763080 2010-08-20] (Sunbelt Software)
S2 SBPIMSvc; C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe [181584 2010-08-20] (Sunbelt Software)
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe [243712 2009-11-26] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-02] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [64600 2010-06-14] (Sunbelt Software)
R1 SBRE; C:\Windows\system32\drivers\SBREdrv.sys [49752 2010-03-22] (Sunbelt Software)
R1 SBRE; C:\Windows\SysWOW64\drivers\SBREdrv.sys [98392 2010-05-13] (Sunbelt Software)
R1 SbTis; C:\Windows\System32\drivers\sbtis.sys [94296 2010-07-27] (Sunbelt Software, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
U3 tmlwf; 
U3 tmwfp; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-17 12:49 - 2014-03-17 12:49 - 00016609 _____ () C:\Users\Jupiter\Desktop\FRST.txt
2014-03-17 12:48 - 2014-03-17 12:49 - 00000000 ____D () C:\FRST
2014-03-17 12:47 - 2014-03-17 12:47 - 02157056 _____ (Farbar) C:\Users\Jupiter\Desktop\FRST64.exe

==================== One Month Modified Files and Folders =======

2014-03-17 12:49 - 2014-03-17 12:49 - 00016609 _____ () C:\Users\Jupiter\Desktop\FRST.txt
2014-03-17 12:49 - 2014-03-17 12:48 - 00000000 ____D () C:\FRST
2014-03-17 12:48 - 2010-03-04 23:18 - 01920350 _____ () C:\Windows\WindowsUpdate.log
2014-03-17 12:47 - 2014-03-17 12:47 - 02157056 _____ (Farbar) C:\Users\Jupiter\Desktop\FRST64.exe
2014-03-17 12:46 - 2013-12-23 00:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-17 12:46 - 2009-07-13 21:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-17 12:46 - 2009-07-13 21:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-17 12:45 - 2010-04-20 21:28 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E581199A-3FC1-4587-96BF-8F277958E6CC}
2014-03-17 12:43 - 2009-07-13 22:13 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-17 12:42 - 2012-06-04 10:38 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-17 12:41 - 2011-10-31 08:47 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-17 12:41 - 2011-10-31 08:47 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

Some content of TEMP:
====================
C:\Users\Jupiter\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\Jupiter\AppData\Local\Temp\detectionui_r.exe
C:\Users\Jupiter\AppData\Local\Temp\directx10tests_rd.dll
C:\Users\Jupiter\AppData\Local\Temp\directx11tests_rd.dll
C:\Users\Jupiter\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\Jupiter\AppData\Local\Temp\local.dll
C:\Users\Jupiter\AppData\Local\Temp\lowproc.exe
C:\Users\Jupiter\AppData\Local\Temp\SCC.dll
C:\Users\Jupiter\AppData\Local\Temp\stubhelper.dll
C:\Users\Jupiter\AppData\Local\Temp\TmDbg64.dll
C:\Users\Jupiter\AppData\Local\Temp\uttBE42.tmp.exe
C:\Users\Jupiter\AppData\Local\Temp\uttE529.tmp.exe
C:\Users\Jupiter\AppData\Local\Temp\_is82D8.exe
C:\Users\Jupiter\AppData\Local\Temp\_isF70D.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-05 19:10

==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Jupiter at 2014-03-17 12:50:00
Running from C:\Users\Jupiter\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Sunbelt VIPRE (Disabled - Out of date) {BE5DD172-7F42-7948-1A60-E6A720288F81}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Sunbelt VIPRE (Disabled - Out of date) {053C3096-5978-76C6-20D0-DDD55BAFC53C}

==================== Installed Programs ======================

2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.4 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.4 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.10 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.0.1.152 - Adobe Systems Incorporated)
Adobe Illustrator CS5.1 (HKLM-x32\...\{23767F5D-A80C-4264-B8EA-ED4085FC332A}) (Version: 15.1 - Adobe Systems Incorporated)
Adobe Reader 9.2 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.2.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - )
Akamai NetSession Interface Service (HKLM-x32\...\Akamai) (Version:  - )
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.8 - ASUS)
ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS)
ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.27 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ATI Catalyst Install Manager (HKLM\...\{80AB4395-42E3-D0B3-A310-6F0A6BD9709B}) (Version: 3.0.750.0 - ATI Technologies, Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0001 - ASUS)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
BitTorrent (HKLM-x32\...\BitTorrent) (Version:  - BitTorrent, Inc)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1111.1543.28169 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help English (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help French (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help German (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
ccc-core-static (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
ccc-utility64 (Version: 2009.1111.1543.28169 - ATI) Hidden
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.5 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3509a - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3509a - CyberLink Corp.) Hidden
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.00.01 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON WorkForce 610 Series Printer Uninstall (HKLM\...\EPSON WorkForce 610 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4i - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
ETDWare PS/2-x64 7.0.5.9_WHQL (HKLM\...\Elantech) (Version:  - )
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS)
FileZilla Client 3.5.2 (HKLM-x32\...\FileZilla Client) (Version: 3.5.2 - FileZilla Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.111 - Google Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6259.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
K_Series_ScreenSaver_EN (HKLM-x32\...\K_Series_ScreenSaver_EN) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (Arabic) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Arabic) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95120000-0120-0409-0000-0000000FF1CE}) (Version: 12.0.6414.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (Arabic) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Arabic) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Basque) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Arabic) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Chinese (Simplified)) 2007 (x32 Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Chinese (Traditional)) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Chinese (Traditional)) 2007 (x32 Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2007 (x32 Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Portugal)) 2007 (x32 Version: 12.0.4518.1029 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Thai) 2007 (x32 Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Turkish) 2007 (x32 Version: 12.0.4518.1027 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (Arabic) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (French) 2007 (HKLM-x32\...\{90120000-0019-040C-0000-0000000FF1CE}) (Version:  - )
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Arabic) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Thai) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Turkish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Arabic) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Arabic) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Chinese (Simplified)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Thai) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Turkish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 12.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 12.0 (x86 en-US)) (Version: 12.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 12.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NB Probe (HKLM-x32\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version:  - PokerStars.net)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 12.0) (Version:  - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version:  - )
VIPRE Antivirus (HKLM-x32\...\{F9D06C1D-EEB6-443A-B5BE-63CE1A5C1290}) (Version: 4.0.3904 - Sunbelt Software)
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
WebEx (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8052.1208 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM-x32\...\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.15 - ASUS)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

==================== Restore Points  =========================

23-12-2013 11:00:12 Windows Update
23-12-2013 11:27:05 Windows Modules Installer
06-01-2014 00:21:29 Windows Update
06-01-2014 00:51:34 Windows Update
19-01-2014 07:15:43 Windows Modules Installer
19-01-2014 07:23:51 Windows Update
17-03-2014 19:41:46 Windows Update

==================== Hosts content: ==========================

2009-07-13 19:34 - 2013-12-22 23:43 - 00450660 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {006450D5-AF3A-45E7-829D-E65634BEC2BD} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {1062E31B-E744-41E5-A49A-CA74BE05E8CD} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-18] (ASUS)
Task: {1C4C5FC5-2108-4A06-84BB-17A41B619816} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-31] (Google Inc.)
Task: {385A829B-6FA6-421C-BB24-A37AD1AF170F} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {5024F1D4-CEE9-423D-8F7B-E2E81E52AD57} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-31] (Google Inc.)
Task: {67216C71-1E40-4B39-826D-CD5E64B1F23A} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3534801429-2847424189-3587982134-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: {7A85526D-3B5E-450E-851E-7DF97C63A4BB} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-11-24] ()
Task: {8707B949-AA28-4EAE-8D19-E9105BCFBCA8} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3534801429-2847424189-3587982134-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: {AAB5FE46-B3A7-4FBF-935E-61E11A64F98A} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-01-04] ()
Task: {D197D777-01CD-42EC-8366-D0C9B09AFBFC} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-12-23] (ATK)
Task: {D974A655-F33F-4C30-865A-F57885B49BCF} - System32\Tasks\AdobeAAMUpdater-1.0-Jupiter-PC-Jupiter => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {EB3901D4-70F0-4E8E-8548-AC7CA356A486} - System32\Tasks\Net4Switch => C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2007-06-15 10:28 - 2007-06-15 10:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
2007-06-01 16:52 - 2007-06-01 16:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-01-02 07:42 - 2010-01-02 07:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-05-17 23:10 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2008-09-30 23:02 - 2008-09-30 23:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2009-12-23 14:12 - 2009-12-23 14:12 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2009-12-18 20:11 - 2009-12-18 20:11 - 00033280 _____ () C:\Program Files\P4G\OvrClk.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:15024E60

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBPIMSvc => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2014 00:24:31 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Shared MUI (Spanish) 2007 - Update 'Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition ' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (01/19/2014 00:24:31 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Producto: Microsoft Office Shared MUI (Spanish) 2007 -- Error 1719. No se tiene acceso al servicio de Windows Installer. Esto puede suceder si Windows Installer no está correctamente instalado. Póngase en contacto con el personal de soporte técnico para obtener ayuda.

Error: (01/19/2014 00:24:22 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Outlook MUI (French) 2007 - Update 'Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (01/19/2014 00:24:22 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Produit : Microsoft Office Outlook MUI (French) 2007 -- Erreur 1719. Impossible d’accéder au service Windows Installer. Ceci peut se produire si le programme d’installation de Windows n’est pas bien installé. Contactez votre support technique pour assistance.

Error: (01/05/2014 06:29:24 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/05/2014 06:28:59 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/05/2014 06:28:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/05/2014 06:28:56 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/05/2014 05:52:07 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Windows Installer proxy information not correctly registered

Error: (01/05/2014 05:32:43 PM) (Source: MsiInstaller) (User: Jupiter-PC)
Description: Windows Installer proxy information not correctly registered


System errors:
=============
Error: (03/17/2014 00:48:04 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (03/17/2014 00:48:03 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (03/17/2014 00:46:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.

Error: (03/17/2014 00:46:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft Office 2007 suites (KB2760415).

Error: (03/17/2014 00:46:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070663: Security Update for Microsoft Office 2007 suites (KB2687499).

Error: (03/17/2014 00:46:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 10 for Windows 7 for x64-based Systems.

Error: (03/17/2014 00:46:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2667402).

Error: (03/17/2014 00:46:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070663: Update for Microsoft Office 2007 suites (KB2767849).

Error: (03/17/2014 00:46:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Silverlight (KB2890788).

Error: (03/17/2014 00:46:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Microsoft Office Outlook 2007 (KB2687404).


Microsoft Office Sessions:
=========================
Error: (10/13/2011 02:43:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 20536 seconds with 3660 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 45%
Total physical RAM: 3948.55 MB
Available physical RAM: 2161.72 MB
Total Pagefile: 7895.27 MB
Available Pagefile: 5956.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:23.95 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:334.67 GB) (Free:325.74 GB) NTFS
Drive f: (PENDRIVE) (Removable) (Total:3.73 GB) (Free:2.02 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=15 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=335 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.

==================== End Of Log ============================


#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 AM

Posted 17 March 2014 - 03:03 PM

Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:

  • Click the "Windows Orb" Start button, then click Computer.
  • Right-click on the drive that you wish to check > Properties > Tools tab
  • In the "Error checking" section, click on Check now.
  • Place a checkmark in both boxes > Start.
  • If the disk you have chosen is the Windows system disk:
  • A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
  • Click Schedule disk check > OK and close all windows.
  • Re-start the computer. The disk will be checked when the system boots.
  • This will take some time to run and at times may appear stalled but just let it run.
  • When the disk check is complete, the system will re-start automatically and load Windows.


A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.
To open Event Viewer and view the log:

  • Click the "Windows Orb" Start button -> type "eventvwr" without the quotes -> press the key.
  • The Event Viewer window will open.
  • In the left pane, expand "Windows Logs" and then click on Application.
  • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
  • Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
  • Click on that Wininit entry to select it.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 Khellendros

Khellendros
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Clemente, California
  • Local time:08:31 PM

Posted 17 March 2014 - 04:11 PM

The disk check just finished. No change with the programs not running though.

Log Name:      Application
Source:        Microsoft-Windows-Wininit
Date:          3/17/2014 2:03:33 PM
Event ID:      1001
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Jupiter-PC
Description:


Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.

A disk check has been scheduled.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 5)...
  217856 file records processed.                                         

File verification completed.
  801 large file records processed.                                   

  0 bad file records processed.                                     

  0 EA records processed.                                           

  44 reparse records processed.                                      

CHKDSK is verifying indexes (stage 2 of 5)...
  287180 index entries processed.                                        

Index verification completed.
  0 unindexed files scanned.                                        

  0 unindexed files recovered.                                      

CHKDSK is verifying security descriptors (stage 3 of 5)...
  217856 file SDs/SIDs processed.                                        

Cleaning up 198 unused index entries from index $SII of file 0x9.
Cleaning up 198 unused index entries from index $SDH of file 0x9.
Cleaning up 198 unused security descriptors.
Security descriptor verification completed.
  34663 data files processed.                                           

CHKDSK is verifying Usn Journal...
  35717368 USN bytes processed.                                            

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
Read failure with status 0xc0000185 at offset 0x104009000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x104016000 for 0x1000 bytes.
Windows replaced bad clusters in file 28072
of name \Windows\INSTAL~1\3cb15.msp.
  217840 files processed.                                                

File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  6286485 free clusters processed.                                        

Free space verification is complete.
Adding 1 bad clusters to the Bad Clusters File.
Correcting errors in the Volume Bitmap.
Windows has made corrections to the file system.

 122093999 KB total disk space.
  96498180 KB in 147675 files.
    125140 KB in 34664 indexes.
         4 KB in bad sectors.
    324731 KB in use by the system.
     65536 KB occupied by the log file.
  25145944 KB available on disk.

      4096 bytes in each allocation unit.
  30523499 total allocation units on disk.
   6286486 allocation units available on disk.

Internal Info:
00 53 03 00 4e c8 02 00 23 13 05 00 00 00 00 00  .S..N...#.......
5d 05 00 00 2c 00 00 00 00 00 00 00 00 00 00 00  ]...,...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
    <EventID Qualifiers="16384">1001</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-03-17T21:03:33.000000000Z" />
    <EventRecordID>54853</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>Jupiter-PC</Computer>
    <Security />
  </System>
  <EventData>
    <Data>

Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.

A disk check has been scheduled.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 5)...
  217856 file records processed.                                         

File verification completed.
  801 large file records processed.                                   

  0 bad file records processed.                                     

  0 EA records processed.                                           

  44 reparse records processed.                                      

CHKDSK is verifying indexes (stage 2 of 5)...
  287180 index entries processed.                                        

Index verification completed.
  0 unindexed files scanned.                                        

  0 unindexed files recovered.                                      

CHKDSK is verifying security descriptors (stage 3 of 5)...
  217856 file SDs/SIDs processed.                                        

Cleaning up 198 unused index entries from index $SII of file 0x9.
Cleaning up 198 unused index entries from index $SDH of file 0x9.
Cleaning up 198 unused security descriptors.
Security descriptor verification completed.
  34663 data files processed.                                           

CHKDSK is verifying Usn Journal...
  35717368 USN bytes processed.                                            

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
Read failure with status 0xc0000185 at offset 0x104009000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x104016000 for 0x1000 bytes.
Windows replaced bad clusters in file 28072
of name \Windows\INSTAL~1\3cb15.msp.
  217840 files processed.                                                

File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  6286485 free clusters processed.                                        

Free space verification is complete.
Adding 1 bad clusters to the Bad Clusters File.
Correcting errors in the Volume Bitmap.
Windows has made corrections to the file system.

 122093999 KB total disk space.
  96498180 KB in 147675 files.
    125140 KB in 34664 indexes.
         4 KB in bad sectors.
    324731 KB in use by the system.
     65536 KB occupied by the log file.
  25145944 KB available on disk.

      4096 bytes in each allocation unit.
  30523499 total allocation units on disk.
   6286486 allocation units available on disk.

Internal Info:
00 53 03 00 4e c8 02 00 23 13 05 00 00 00 00 00  .S..N...#.......
5d 05 00 00 2c 00 00 00 00 00 00 00 00 00 00 00  ]...,...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.
</Data>
  </EventData>
</Event>

Edited by Khellendros, 17 March 2014 - 04:11 PM.


#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 AM

Posted 17 March 2014 - 04:26 PM


4 KB in bad sectors.

This hard disk has physical damage that may have corrupted system files.

I recommend to replace the hard disk immediately.


Edited by TB-Psychotic, 17 March 2014 - 04:27 PM.

Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 Khellendros

Khellendros
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Clemente, California
  • Local time:08:31 PM

Posted 18 March 2014 - 01:35 AM

I see. Well, we may do that later. For now, we mostly just want to get programs running again so we can export data and settings and that sort of thing to get it all off the laptop. Using the laptop much in the future isn't too much of a concern.



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 AM

Posted 18 March 2014 - 03:54 AM

I strongly recommend NOT to do anything else on this disk now.

I would use a Live CD like Knoppix to boot from outside windows. These disks give you the tools to backup your files.

 

When done, replace the hard disk and reinstall windows.

 

It doesn´t make any sense to try to recover this operating system. Any further tries may harm your personal data.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 Khellendros

Khellendros
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Clemente, California
  • Local time:08:31 PM

Posted 18 March 2014 - 12:22 PM

Oh, I already copied off everything that I could without the programs running of course. There's nothing more still on it to lose that is accessible.

 

My sister actually got a new computer as a gift that she has been using since. There's just some exportable settings from apps and games still on here she said it would be nice to have. I suppose she can live without them if it's really impossible to fix this though. I just wanted to do something nice and get them for her, but it's not too important.



#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 AM

Posted 18 March 2014 - 03:36 PM

You have to tell me which settings you want to back up exactly. :)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 AM

Posted 23 March 2014 - 01:07 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users