Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to remove really stubborn Malware


  • This topic is locked This topic is locked
1 reply to this topic

#1 korovjov

korovjov

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:22 AM

Posted 11 October 2014 - 05:04 AM

Hello, I have the same problem as another person (fespin5) who started a thread (Malware C:\ProgramData\Microsoft\Secure\Icons\temp), but there is no more activity in that thread, and I cannot treply in that thread.
 
The root problem seems to be connected with the path "C:\ProgramData\Microsoft\Secure\Icons\temp\"
 
Exe files keep getting detected with names like:
 
tmpAEA1.exe
tmpA660.exe
tmp1716.exe
tmp845E.exe
 
Also, a fake adobe flash player updater popup appeared asking for an adobe flashplayer update.
 
On system reboot, tha problem seems to be solved, Malwarebytes, AVG, Avast show that the system is clean, but then, the problem reoccurs. Recently, I cannot run my PC properly in safe mode (desktop icons do not show anymore). I've been trying a lot of things (Avast boot time scan, and several suggested programs) and I'm really desperate..
 
Any help would be highly appreciated. I ran the Farbar scan, with following results:
 
FRST.txt:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-10-2014 01
Ran by korovjov (administrator) on KOROVJOV-PC on 11-10-2014 11:42:47
Running from C:\Users\korovjov\Downloads
Loaded Profile: korovjov (Available profiles: korovjov)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: magyar (Magyarország)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-
 
tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files (x86)\D-Link\DWA-123\ALPBCSVC.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
(Adobe Systems Inc.) D:\Program Files\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\avastui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology
 
\IAStorDataMgrSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Malwarebytes Corporation) D:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware
 
\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or 
 
removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9642528 2009-12-08] 
 
(Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-
 
11-05] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard
 
\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_TRAY] => C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-
 
19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [StartCCC] => D:\Program Files\ATI Technologies\ATI.ACE\Core-Static
 
\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files\Adobe\Acrobat 11.0\Acrobat
 
\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 
 
2014-10-05] (AVAST Software)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1772277445-4011010567-3041638281-1000\...\Run: [Olrdics] => regsvr32.exe C:\Users
 
\korovjov\AppData\Local\Olrdics\webapp-uninstaller.dll <===== ATTENTION
HKU\S-1-5-21-1772277445-4011010567-3041638281-1000\...\MountPoints2: {4bdde1c0-6a93-11e0-9a2d-
 
6cf0497de6ed} - F:\Setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-
 
03-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[S0].txt
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program 
 
Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => 
 
C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:
 
\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:
 
\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:
 
\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:
 
\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restartsdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored 
 
to default.)
 
URLSearchHook: HKCU - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG
 
\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files
 
\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST 
 
Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program 
 
Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program 
 
Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems 
 
Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files
 
\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:
 
\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe 
 
Systems Incorporated)
BHO-x32: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files 
 
(x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files 
 
(x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program 
 
Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files
 
\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID bejelentkezési segítség -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:
 
\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft 
 
Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:
 
\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files 
 
(x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program 
 
Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program 
 
Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:
 
\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe 
 
Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - 
 
C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} 
 
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG
 
\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG
 
\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files 
 
(x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 
 
Skype Recorder\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 84.2.46.1 84.2.44.1
Tcpip\..\Interfaces\{479859E5-A3B4-47C4-9FF9-74642A9BBC4D}: [NameServer] 
 
8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{6C2C7714-871C-4A61-B44C-A05E8FF0A7B5}: [NameServer] 
 
8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8
 
.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{9C23154A-ABD7-41AB-AAEF-A6E714616AD0}: [NameServer] 
 
8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8
 
.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{A6D15746-4853-429B-811F-88F20005E462}: [NameServer] 
 
8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8
 
.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{E4C2E3F5-CECC-409A-AB8C-AC3E9C3AC6ED}: [NameServer] 
 
8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
 
FireFox:
========
FF ProfilePath: C:\Users\korovjov\AppData\Roaming\Mozilla\Firefox\Profiles\p5m7w0sb.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
 
&mid=07e53b2b54194e2992aac86854fa5551-
 
61eadd4d372409aca854c37bfd877771a0cf5a49&lang=hu&ds=AVG&coid=avgtbavg&pr=fr&d=2014-09-09 
 
11:53:30&v=3.2.0.15&pid=wtu&sg=&sap=hp
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight
 
\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL 
 
(Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM
 
\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash
 
\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files\iTunes\Mozilla Plugins
 
\npitunes.dll ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll 
 
(GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_37 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun 
 
Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll 
 
(Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight
 
\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:
 
\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:
 
\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live
 
\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live
 
\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update
 
\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update
 
\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll 
 
(Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll 
 
(Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp
 
\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\korovjov\AppData
 
\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF SearchPlugin: C:\Users\korovjov\AppData\Roaming\Mozilla\Firefox\Profiles\p5m7w0sb.default
 
\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-hu.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sztaki-en-hu.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vatera.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-
 
search.xml
FF Extension: AVG Web TuneUp - C:\Users\korovjov\AppData\Roaming\Mozilla\Firefox\Profiles
 
\p5m7w0sb.default\Extensions\avg@toolbar [2014-09-09]
FF Extension: German Dictionary - C:\Users\korovjov\AppData\Roaming\Mozilla\Firefox\Profiles
 
\p5m7w0sb.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-11]
FF Extension: British English Dictionary - C:\Users\korovjov\AppData\Roaming\Mozilla\Firefox
 
\Profiles\p5m7w0sb.default\Extensions\en-GB@dictionaries.addons.mozilla.org [2012-01-26]
FF Extension: Conduit Engine  - C:\Users\korovjov\AppData\Roaming\Mozilla\Firefox\Profiles
 
\p5m7w0sb.default\Extensions\engine@conduit.com [2011-05-02]
FF Extension: FoxLingo - C:\Users\korovjov\AppData\Roaming\Mozilla\Firefox\Profiles
 
\p5m7w0sb.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2012-11-11]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\korovjov\AppData\Roaming
 
\Mozilla\Firefox\Profiles\p5m7w0sb.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi 
 
[2012-11-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-
 
0000-0037-ABCDEFFEDCBA} [2014-10-07]
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files 
 
(x86)\AVG\AVG2012\Firefox4
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4 [2012-02-18]
FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files 
 
(x86)\AVG\AVG2012\Firefox\DoNotTrack
FF Extension: AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack [2012-05-
 
31]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\Program Files
 
\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser
 
\WCFirefoxExtn [2014-06-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast
 
\WebRep\FF
FF Extension: avast! Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-
 
05]
 
Chrome: 
=======
CHR HomePage: Default -> 93D53730E36B5CEF5836D1519F9AE4F1D796D43CA02A499695B49A3216C6DC92
CHR Profile: C:\Users\korovjov\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Dokumentumok) - C:\Users\korovjov\AppData\Local\Google\Chrome\User Data
 
\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-03]
CHR Extension: (Google Drive) - C:\Users\korovjov\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-03]
CHR Extension: (YouTube) - C:\Users\korovjov\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-03]
CHR Extension: (OpenSubtitles Utilities) - C:\Users\korovjov\AppData\Local\Google\Chrome\User 
 
Data\Default\Extensions\bokkhpcjhfanbnpfgkjdcjfdfohdlbpf [2014-08-12]
CHR Extension: (Google-keresés) - C:\Users\korovjov\AppData\Local\Google\Chrome\User Data
 
\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-03]
CHR Extension: (BitTorrentBar) - C:\Users\korovjov\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\mhfdcmehmjcclgopdodkjdicohagipid [2013-08-03]
CHR Extension: (Google Pénztárca) - C:\Users\korovjov\AppData\Local\Google\Chrome\User Data
 
\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Gmail) - C:\Users\korovjov\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-03]
CHR HKCU\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\korovjov\AppData
 
\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx [2012-06-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - D:\Program Files\Adobe
 
\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST 
 
Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-05]
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\korovjov
 
\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx [2012-06-07]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file 
 
will not be moved unless listed separately.)
 
R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-05] (AVAST 
 
Software)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [5175856 2013-10-16] (AVG 
 
Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies 
 
CZ, s.r.o.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] 
 
(BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-
 
12-20] (BlueStack Systems, Inc.)
R2 DWA-123_PBC_WPS; C:\Program Files (x86)\D-Link\DWA-123\ALPBCSVC.exe [61440 2010-08-16] () 
 
[File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 
 
[73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus
 
\11.3.6321.0\AdAwareService.exe [706864 2014-08-27] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 
 
2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 
 
2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04
 
-25] (Safer-Networking Ltd.)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 
 
2014-01-09] (Enigma Software Group USA, LLC.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 
 
2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [X]
S2 vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater
 
\3.2.0\ToolbarUpdater.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file 
 
will not be moved unless listed separately.)
 
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2013-10-30] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-10-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-05] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-10-05] ()
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG 
 
Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG 
 
Technologies CZ, s.r.o. )
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, 
 
s.r.o. )
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, 
 
s.r.o.)
R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, 
 
s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, 
 
s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2013-04-11] (AVG Technologies CZ, 
 
s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-09] (AVG Technologies)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] 
 
(BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-17] (DT Soft Ltd)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [28672 2007-03-20] (http://libusb-
 
win32.sourceforge.net) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-10-05] ()
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-11] (Malwarebytes 
 
Corporation)
R3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1534304 2010-11-09] (Ralink Technology 
 
Corp.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)
S2 zntport; C:\Windows\SysWOW64\zntport.sys [6080 2001-01-22] (Zeal SoftStudio) [File not signed]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file 
 
could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-11 11:42 - 2014-10-11 11:43 - 00024947 _____ () C:\Users\korovjov\Downloads\FRST.txt
2014-10-11 11:42 - 2014-10-11 11:42 - 00000000 ____D () C:\FRST
2014-10-11 11:41 - 2014-10-11 11:41 - 02109952 _____ (Farbar) C:\Users\korovjov\Downloads
 
\FRST64.exe
2014-10-07 09:19 - 2014-10-07 09:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-05 19:02 - 2014-10-05 19:02 - 00001174 _____ () C:\Users\korovjov\Desktop\nothreats.txt
2014-10-05 16:14 - 2014-10-05 16:14 - 00000000 ____D () C:\Users\korovjov\AppData\Roaming\AVAST 
 
Software
2014-10-05 16:10 - 2014-10-05 16:10 - 00001026 _____ () C:\Users\Public\Desktop\avast! Free 
 
Antivirus.lnk
2014-10-05 16:10 - 2014-10-05 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start 
 
Menu\Programs\Avast
2014-10-05 16:09 - 2014-10-11 10:21 - 00004182 _____ () C:\Windows\System32\Tasks\avast! 
 
Emergency Update
2014-10-05 16:08 - 2014-10-05 16:09 - 00427360 _____ (AVAST Software) C:\Windows
 
\system32\Drivers\aswsp.sys
2014-10-05 16:08 - 2014-10-05 16:08 - 01041168 _____ (AVAST Software) C:\Windows
 
\system32\Drivers\aswSnx.sys
2014-10-05 16:08 - 2014-10-05 16:08 - 00307344 _____ (AVAST Software) C:\Windows
 
\system32\aswBoot.exe
2014-10-05 16:08 - 2014-10-05 16:08 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-05 16:08 - 2014-10-05 16:08 - 00093568 _____ (AVAST Software) C:\Windows
 
\system32\Drivers\aswRdr2.sys
2014-10-05 16:08 - 2014-10-05 16:08 - 00092008 _____ (AVAST Software) C:\Windows
 
\system32\Drivers\aswStm.sys
2014-10-05 16:08 - 2014-10-05 16:08 - 00079184 _____ (AVAST Software) C:\Windows
 
\system32\Drivers\aswMonFlt.sys
2014-10-05 16:08 - 2014-10-05 16:08 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-05 16:08 - 2014-10-05 16:08 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-05 16:08 - 2014-10-05 16:08 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-05 16:05 - 2014-10-05 16:06 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-05 16:04 - 2014-10-05 16:04 - 04862664 _____ (AVAST Software) C:\Users\korovjov
 
\Downloads\avast_free_antivirus_setup_online.exe
2014-10-05 15:59 - 2014-10-05 15:59 - 00854436 _____ () C:\Users\korovjov\Downloads
 
\SecurityCheck.exe
2014-10-05 14:43 - 2014-10-05 14:43 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-10-05 13:28 - 2014-10-05 13:28 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\korovjov
 
\Desktop\tdsskiller.exe
2014-10-05 00:57 - 2014-10-05 00:57 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\korovjov
 
\Downloads\rkill.exe
2014-10-05 00:57 - 2014-10-05 00:57 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\korovjov
 
\Downloads\rkill (1).exe
2014-10-04 10:53 - 2014-10-04 10:54 - 00000000 ____D () C:\Users\korovjov\AppData\Roaming
 
\Toyzamni
2014-10-02 10:23 - 2014-10-02 10:23 - 00053248 _____ () C:\Users\korovjov\Downloads
 
\Iskolapszihológusok volt eszközei.xls
2014-10-02 09:37 - 2014-10-02 09:37 - 00000359 _____ () C:\Users\korovjov\Desktop\Számítógép 
 
parancsikonja.lnk
2014-10-01 21:51 - 2013-04-01 23:12 - 00178176 _____ (Xerox Corporation) C:\Windows
 
\system32\xrhkbzil.dll
2014-10-01 21:36 - 2014-10-01 21:36 - 00038400 _____ () C:\Users\korovjov\Downloads
 
\Jelenléti_ív_Horváth_Julia_2014szeptember (1).xls
2014-10-01 21:28 - 2014-10-01 21:28 - 00038400 _____ () C:\Users\korovjov\Downloads
 
\Jelenléti_ív_Horváth_Julia_2014szeptember.xls
2014-10-01 14:28 - 2014-10-01 21:24 - 00000000 ____D () C:\Users\korovjov\AppData\Roaming
 
\Zaexdeel
2014-09-30 22:29 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows
 
\system32\qdvd.dll
2014-09-30 22:29 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\qdvd.dll
2014-09-29 21:00 - 2014-09-29 21:00 - 00038400 _____ () C:\Users\korovjov\Desktop
 
\munkaido_johnbalazs.xls
2014-09-29 15:23 - 2014-09-29 21:21 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-09-29 14:04 - 2014-09-29 14:04 - 00000000 ____D () C:\Users\korovjov\AppData\Roaming\Faritou
2014-09-25 11:53 - 2014-09-25 11:53 - 00000000 ____D () C:\Windows\ERUNT
2014-09-24 20:31 - 2014-09-25 09:38 - 00000000 ____D () C:\Users\korovjov\AppData\Roaming\Cilyyv
2014-09-23 23:44 - 2014-09-23 23:44 - 00274592 _____ () C:\Windows\Minidump\092314-38563-01.dmp
2014-09-23 22:40 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows
 
\system32\tzres.dll
2014-09-23 22:40 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\tzres.dll
2014-09-21 18:27 - 2014-09-21 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start 
 
Menu\Programs\Security Task Manager
2014-09-21 18:26 - 2014-09-21 18:26 - 02365840 _____ () C:\Users\korovjov\Downloads
 
\SecurityTaskManager_Setup.exe
2014-09-21 18:01 - 2014-10-07 21:19 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware 
 
(portable)
2014-09-21 18:00 - 2014-10-09 22:06 - 00000000 ____D () C:\Users\korovjov\Desktop\mbar
2014-09-21 18:00 - 2014-09-21 18:00 - 14349744 _____ (Malwarebytes Corp.) C:\Users\korovjov
 
\Downloads\mbar-1.07.0.1012 (1).exe
2014-09-21 17:58 - 2014-09-21 17:58 - 14349744 _____ (Malwarebytes Corp.) C:\Users\korovjov
 
\Downloads\mbar-1.07.0.1012.exe
2014-09-20 16:49 - 2014-09-20 16:49 - 00106716 _____ () C:\Users\korovjov\Downloads
 
\Attachments_2014920.zip
2014-09-20 15:23 - 2014-09-20 15:23 - 00000000 ____D () C:\Windows\pss
2014-09-20 12:25 - 2014-09-21 18:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-20 12:25 - 2014-09-20 12:28 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & 
 
Destroy 2
2014-09-20 12:25 - 2014-09-20 12:25 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start 
 
Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-20 12:25 - 2014-09-20 12:25 - 00000656 _____ () C:\Windows\Tasks\Check for updates 
 
(Spybot - Search & Destroy).job
2014-09-20 12:25 - 2014-09-20 12:25 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization 
 
(Spybot - Search & Destroy).job
2014-09-20 12:25 - 2014-09-20 12:25 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot 
 
- Search & Destroy).job
2014-09-20 12:25 - 2014-09-20 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start 
 
Menu\Programs\Spybot - Search & Destroy 2
2014-09-20 12:25 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows
 
\system32\sdnclean64.exe
2014-09-20 12:23 - 2014-09-20 12:23 - 00000000 ____D () C:\Users\korovjov\AppData\Roaming
 
\LavasoftStatistics
2014-09-20 12:23 - 2014-09-20 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start 
 
Menu\Programs\Lavasoft
2014-09-20 12:22 - 2014-09-20 12:22 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\korovjov
 
\Downloads\spybot-2.4.exe
2014-09-20 12:22 - 2014-09-20 12:22 - 00000000 ____D () C:\Program Files\Lavasoft
2014-09-20 12:20 - 2014-09-20 12:20 - 02806920 _____ () C:\Users\korovjov\Downloads
 
\Adaware_Installer.exe
2014-09-20 12:20 - 2014-09-20 12:20 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-09-20 12:20 - 2014-09-20 12:20 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-09-20 12:08 - 2014-09-20 12:17 - 00000000 ____D () C:\Users\korovjov\AppData\Roaming\Wise 
 
Registry Cleaner
2014-09-20 12:08 - 2014-09-20 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start 
 
Menu\Programs\Wise Registry Cleaner
2014-09-20 12:06 - 2014-09-20 12:06 - 02254336 _____ (WiseCleaner.com ) C:\Users\korovjov
 
\Downloads\WRCFree.exe
2014-09-20 10:51 - 2014-09-20 10:51 - 00000000 ____D () C:\Users\korovjov\AppData\Roaming
 
\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-09-20 10:51 - 2014-09-20 10:51 - 00000000 ____D () C:\sh4ldr
2014-09-20 10:51 - 2014-09-20 10:51 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-20 10:51 - 2012-06-22 11:01 - 00022704 _____ () C:\Windows\system32\Drivers
 
\EsgScanner.sys
2014-09-20 10:50 - 2014-09-20 10:50 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users
 
\korovjov\Downloads\SpyHunter-Installer (1).exe
2014-09-20 10:47 - 2014-09-20 10:47 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users
 
\korovjov\Downloads\SpyHunter-Installer.exe
2014-09-20 10:46 - 2014-09-20 10:47 - 06808688 _____ (ParetoLogic, Inc.) C:\Users\korovjov
 
\Downloads\RegCureProSetup.exe
2014-09-20 10:46 - 2014-09-20 10:46 - 00001205 _____ () C:\Users\korovjov\Downloads\FixNCR.reg
2014-09-20 09:41 - 2014-09-20 09:41 - 00270352 _____ () C:\Windows\Minidump\092014-21808-01.dmp
2014-09-20 09:31 - 2014-09-20 09:31 - 01805736 _____ (Symantec Corporation) C:\Users\korovjov
 
\Downloads\FixZeroAccess (1).exe
2014-09-20 09:25 - 2014-09-20 09:25 - 01805736 _____ (Symantec Corporation) C:\Users\korovjov
 
\Downloads\FixZeroAccess.exe
2014-09-20 09:25 - 2014-09-20 09:25 - 00027256 _____ (Symantec Corporation) C:\Windows
 
\system32\Drivers\FixZeroAccess.sys
2014-09-20 08:24 - 2014-09-20 08:40 - 00000000 ____D () C:\Users\korovjov\AppData\Roaming
 
\Ishaewga
2014-09-20 08:24 - 2014-09-20 08:24 - 00003840 _____ () C:\Windows\System32\Tasks\Security Center 
 
Update - 1760769643
2014-09-19 19:15 - 2014-09-19 21:34 - 00008867 _____ () C:\Windows\system32\avgrep.txt
2014-09-18 07:49 - 2014-10-04 11:00 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-09-17 13:14 - 2014-10-11 10:33 - 00000000 ____D () C:\Users\korovjov\Desktop\Virus
2014-09-15 11:39 - 2014-09-17 13:50 - 00000617 _____ () C:\Users\korovjov\Desktop\Új szöveges 
 
dokumentum.txt
2014-09-13 20:46 - 2014-09-13 20:46 - 00000000 ____D () C:\Users\korovjov\AppData\Roaming
 
\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-09-13 20:45 - 2014-09-13 20:45 - 01898640 _____ (Irfan Skiljan) C:\Users\korovjov\Downloads
 
\iview438_setup.exe
2014-09-13 11:22 - 2014-09-13 11:22 - 01290240 _____ () C:\Users\korovjov\Downloads
 
\Kovács_T_Szakdolgozat_1..ppt
2014-09-13 11:22 - 2014-09-13 11:22 - 01042432 _____ () C:\Users\korovjov\Downloads
 
\Kovács_T_Szakdolgozat_2..ppt
2014-09-13 03:02 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows
 
\system32\msmpeg2vdec.dll
2014-09-13 03:02 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\msmpeg2vdec.dll
2014-09-11 12:25 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows
 
\system32\iedkcs32.dll
2014-09-11 12:25 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\iedkcs32.dll
2014-09-11 12:25 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows
 
\system32\mshtml.dll
2014-09-11 12:25 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows
 
\system32\mshtml.tlb
2014-09-11 12:25 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows
 
\system32\ieetwcollectorres.dll
2014-09-11 12:25 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\mshtml.dll
2014-09-11 12:25 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows
 
\system32\iertutil.dll
2014-09-11 12:25 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows
 
\system32\jscript9.dll
2014-09-11 12:25 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows
 
\system32\vbscript.dll
2014-09-11 12:25 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows
 
\system32\iesetup.dll
2014-09-11 12:25 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows
 
\system32\MshtmlDac.dll
2014-09-11 12:25 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows
 
\system32\ieetwproxystub.dll
2014-09-11 12:25 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\jscript9.dll
2014-09-11 12:25 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows
 
\system32\jsproxy.dll
2014-09-11 12:25 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows
 
\system32\iernonce.dll
2014-09-11 12:25 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows
 
\system32\ieui.dll
2014-09-11 12:25 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows
 
\system32\jscript9diag.dll
2014-09-11 12:25 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows
 
\system32\ieUnatt.exe
2014-09-11 12:25 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows
 
\system32\ieetwcollector.exe
2014-09-11 12:25 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\mshtml.tlb
2014-09-11 12:25 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows
 
\system32\MsSpellCheckingFacility.exe
2014-09-11 12:25 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows
 
\system32\dxtmsft.dll
2014-09-11 12:25 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\vbscript.dll
2014-09-11 12:25 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows
 
\system32\JavaScriptCollectionAgent.dll
2014-09-11 12:25 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\iesetup.dll
2014-09-11 12:25 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\MshtmlDac.dll
2014-09-11 12:25 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\ieetwproxystub.dll
2014-09-11 12:25 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\iertutil.dll
2014-09-11 12:25 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows
 
\system32\msrating.dll
2014-09-11 12:25 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows
 
\system32\mshtmled.dll
2014-09-11 12:25 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\jsproxy.dll
2014-09-11 12:25 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\iernonce.dll
2014-09-11 12:25 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows
 
\system32\dxtrans.dll
2014-09-11 12:25 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\ieui.dll
2014-09-11 12:25 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\ieUnatt.exe
2014-09-11 12:25 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\jscript9diag.dll
2014-09-11 12:25 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\dxtmsft.dll
2014-09-11 12:25 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows
 
\system32\msfeeds.dll
2014-09-11 12:25 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows
 
\system32\ie4uinit.exe
2014-09-11 12:25 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows
 
\system32\inetcpl.cpl
2014-09-11 12:25 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows
 
\system32\mshtmlmedia.dll
2014-09-11 12:25 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 12:25 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\msrating.dll
2014-09-11 12:25 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\dxtrans.dll
2014-09-11 12:25 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\mshtmled.dll
2014-09-11 12:25 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows
 
\system32\ieframe.dll
2014-09-11 12:25 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\ieframe.dll
2014-09-11 12:25 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows
 
\system32\wininet.dll
2014-09-11 12:25 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\msfeeds.dll
2014-09-11 12:25 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\inetcpl.cpl
2014-09-11 12:25 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\mshtmlmedia.dll
2014-09-11 12:25 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows
 
\system32\urlmon.dll
2014-09-11 12:25 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\wininet.dll
2014-09-11 12:25 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\urlmon.dll
2014-09-11 12:25 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows
 
\system32\ieapfltr.dll
2014-09-11 12:25 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\ieapfltr.dll
2014-09-11 08:01 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows
 
\system32\TSWorkspace.dll
2014-09-11 08:01 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\TSWorkspace.dll
2014-09-11 08:01 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows
 
\system32\lsasrv.dll
2014-09-11 08:01 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows
 
\system32\kerberos.dll
2014-09-11 08:01 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\kerberos.dll
2014-09-11 08:01 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\secur32.dll
2014-09-11 08:01 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\sspicli.dll
2014-09-11 08:01 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows
 
\system32\d3d10warp.dll
2014-09-11 08:01 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\d3d10warp.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-11 11:41 - 2013-08-03 00:15 - 00001032 _____ () C:\Windows\Tasks
 
\GoogleUpdateTaskMachineUA.job
2014-10-11 11:41 - 2009-07-14 06:45 - 00014592 ____H () C:\Windows\system32\7B296FB0-376B-497e-
 
B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-11 11:41 - 2009-07-14 06:45 - 00014592 ____H () C:\Windows\system32\7B296FB0-376B-497e-
 
B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-11 11:09 - 2014-08-04 23:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows
 
\system32\Drivers\MBAMSwissArmy.sys
2014-10-11 11:07 - 2013-07-28 14:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player 
 
Updater.job
2014-10-11 10:52 - 2012-02-18 04:48 - 00000000 ____D () C:\ProgramData\AVG2012
2014-10-11 10:38 - 2012-01-01 02:35 - 00001090 _____ () C:\Windows\Tasks
 
\FacebookUpdateTaskUserS-1-5-21-1772277445-4011010567-3041638281-1000UA.job
2014-10-11 10:33 - 2014-09-09 11:43 - 00000000 ____D () C:\Users\korovjov\AppData\Local\YtjcPack
2014-10-11 10:29 - 2014-09-09 11:43 - 00000000 ____D () C:\Users\korovjov\AppData\Local\Olrdics
2014-10-11 10:29 - 2011-04-19 13:00 - 02069716 _____ () C:\Windows\WindowsUpdate.log
2014-10-11 10:23 - 2011-04-27 09:40 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2014-10-11 10:19 - 2013-08-03 00:15 - 00001028 _____ () C:\Windows\Tasks
 
\GoogleUpdateTaskMachineCore.job
2014-10-11 10:19 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-11 10:19 - 2009-07-14 06:51 - 00178310 _____ () C:\Windows\setupact.log
2014-10-10 07:32 - 2012-02-12 23:30 - 00000000 ____D () C:\Users\korovjov\AppData\Roaming\vlc
2014-10-08 23:01 - 2012-01-01 02:35 - 00001068 _____ () C:\Windows\Tasks
 
\FacebookUpdateTaskUserS-1-5-21-1772277445-4011010567-3041638281-1000Core.job
2014-10-08 01:21 - 2011-04-20 18:40 - 00529216 _____ () C:\Windows\PFRO.log
2014-10-07 20:31 - 2014-08-04 23:34 - 00092888 _____ (Malwarebytes Corporation) C:\Windows
 
\system32\Drivers\mbamchameleon.sys
2014-10-07 20:26 - 2012-05-06 00:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla 
 
Maintenance Service
2014-10-07 20:26 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-10-07 09:30 - 2012-02-12 23:30 - 00000000 ____D () C:\Users\korovjov\AppData\Roaming\dvdcss
2014-10-05 13:29 - 2009-07-14 14:46 - 04323810 _____ () C:\Windows\system32\perfh00E.dat
2014-10-05 13:29 - 2009-07-14 14:46 - 01409288 _____ () C:\Windows\system32\perfc00E.dat
2014-10-05 13:29 - 2009-07-14 07:13 - 00006658 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-01 12:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-29 16:22 - 2011-04-26 12:40 - 00001676 _____ () C:\ProgramData\Microsoft\Windows\Start 
 
Menu\Programs\William Hill Poker.lnk
2014-09-28 03:10 - 2013-07-28 14:04 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash 
 
Player Updater
2014-09-28 03:09 - 2013-03-21 11:37 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows
 
\SysWOW64\FlashPlayerApp.exe
2014-09-28 03:09 - 2011-11-30 23:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows
 
\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-28 03:07 - 2014-09-10 20:35 - 03675824 _____ (Adobe Systems Incorporated) C:\Windows
 
\SysWOW64\FlashPlayerInstaller.exe
2014-09-25 10:48 - 2014-07-29 15:47 - 00000000 ____D () C:\Users\korovjov\Desktop\APPZ
2014-09-25 10:48 - 2012-04-22 00:07 - 00000000 ___RD () C:\Users\korovjov\Dropbox
2014-09-25 10:43 - 2012-04-21 15:21 - 00000000 ____D () C:\Users\korovjov\AppData\Roaming\Dropbox
2014-09-25 09:46 - 2013-08-03 00:16 - 00002173 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-24 03:22 - 2012-04-21 15:22 - 00000000 ____D () C:\Users\korovjov\AppData\Roaming
 
\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-23 23:44 - 2011-05-03 11:25 - 00000000 ____D () C:\Windows\Minidump
2014-09-23 23:43 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-09-22 14:54 - 2009-07-14 15:13 - 00000000 ____D () C:\Windows\ShellNew
2014-09-22 13:59 - 2011-04-19 15:52 - 00000000 ____D () C:\Windows\RaidTool
2014-09-21 16:18 - 2009-07-14 07:08 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-21 11:11 - 2011-10-01 08:39 - 00000132 _____ () C:\Users\korovjov\AppData\Roaming\Adobe 
 
PNG Format CS5 Prefs
2014-09-21 04:23 - 2011-04-30 18:52 - 00000000 ____D () C:\Users\korovjov\AppData\Local
 
\CountAnything
2014-09-20 16:56 - 2011-04-19 20:42 - 00000000 ____D () C:\Users\korovjov\AppData\Local\Adobe
2014-09-19 22:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Cursors
2014-09-18 22:03 - 2011-09-24 13:20 - 00000000 ____D () C:\Users\korovjov\Documents\Outlook Files
2014-09-18 20:09 - 2011-04-20 19:46 - 00000000 ____D () C:\Users\korovjov\AppData\Roaming
 
\BitTorrent
2014-09-17 21:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-09-17 08:09 - 2014-06-28 17:28 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start 
 
Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-09-17 08:09 - 2014-06-28 17:28 - 00001883 _____ () C:\ProgramData\Microsoft\Windows\Start 
 
Menu\Programs\Adobe FormsCentral.lnk
2014-09-17 08:09 - 2014-06-28 17:28 - 00001760 _____ () C:\ProgramData\Microsoft\Windows\Start 
 
Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-09-16 20:23 - 2013-01-14 11:19 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start 
 
Menu\Programs\Adobe Reader XI.lnk
2014-09-14 09:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Branding
2014-09-13 21:05 - 2012-03-05 22:54 - 00000132 _____ () C:\Users\korovjov\AppData\Roaming\Adobe 
 
GIF Format CS5 Prefs
2014-09-13 14:19 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Performance
2014-09-11 12:25 - 2011-04-21 09:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
 
Some content of TEMP:
====================
C:\Users\korovjov\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-
 
3e3e7ecf0d81}.tmp63k6n9.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-06 03:08
 
==================== End Of Log ============================
 
 
ADDITION:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-10-2014 01
Ran by korovjov at 2014-10-11 11:43:52
Running from C:\Users\korovjov\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Ad-Aware Antivirus (HKLM\...\{E39A80AE-0CC0-43EE-AB6B-BE11DC4F969F}_AdAwareUpdater) (Version: 11.3.6321.0 - Lavasoft)
AdAwareInstaller (Version: 11.3.6321.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.3.6321.0 - Lavasoft) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.8 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.8 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Cégnév) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{853A4763-6643-4604-8D64-28BDD8925F4C}) (Version: 1.5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{8F473675-D702-45F9-8EBC-342B40C17BF5}) (Version: 3.4.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C41300B9-185D-475E-BFEC-39EF732F19B1}) (Version: 2.1.2.120 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2247 - AVG Technologies)
AVG 2012 (Version: 12.0.4031 - AVG Technologies) Hidden
AVG 2012 (Version: 12.1.2247 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.2.0.15 - AVG Technologies)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{0E543634-7E25-4B8F-8D5B-97880E5E5088}) (Version: 2.0.5.0 - Apple Inc.)
Botanicula (HKLM-x32\...\Botanicula_is1) (Version:  - GOG.com)
Broken Sword 2.5 (HKLM-x32\...\Broken Sword 2.5_is1) (Version:  - mindFactory)
Broken Sword 5 (HKLM-x32\...\Steam App 262940) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CountAnything (HKLM-x32\...\CountAnything_is1) (Version: 2.1 - Ginstrom IT Solutions (GITS))
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Dear Esther (HKLM-x32\...\Dear Esther_is1) (Version:  - )
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version:  - Microsoft)
DivX Pro 6.8.0 VFW (HKLM-x32\...\divx650vfw_is1) (Version: 6.8.0.14 - )
D-Link DWA-123 (HKLM-x32\...\{987A57F4-1190-4E40-ACDC-6FE2648EAF15}) (Version: 1.00.0000 - D-Link Corporation)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DVD Architect Studio 5.0 (HKLM-x32\...\{42C509F1-C451-11E1-AEC9-F04DA23A5C58}) (Version: 5.0.161 - Sony)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Free PDF To Word Converter 1.6 (HKLM-x32\...\Free PDF To Word Converter_is1) (Version: 1.6 - )
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.0.320 - DVDVideoSoft Ltd.)
Garmin Communicator Plugin (HKLM-x32\...\{B1EE1CC5-6CED-4801-BFFF-8454F21A245A}) (Version: 2.9.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
GenoPro 2.5.3.9 (HKLM-x32\...\GenoPro) (Version:  - GenoPro Inc.)
Gigabyte Raid Cinfigurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{18155797-EF2E-4699-9A16-FE787C4C10DB}) (Version: 10.2.2.14 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.7.2 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216037FF}) (Version: 6.0.370 - Oracle)
Kentucky Route Zero (HKLM-x32\...\Steam App 231200) (Version:  - Cardboard Computer)
Kentucky Route Zero Act I (HKLM-x32\...\Kentucky Act I) (Version: 3.5.6.44817 - Cardboard Computer)
Kentucky Route Zero Act III (HKLM-x32\...\{9A99DB29-F374-4D7C-99B6-D77877031667}_is1) (Version: 4.3.1 - Cardboard Computer)
K-Lite Codec Pack 7.1.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.1.0 - )
Malwarebytes Anti-Malware 2.0.2.1012 verzió (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Messenger kísérő (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HUN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET-keretrendszer 4.5.1 (magyar) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1038) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 32.0.3 (x86 hu) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 hu)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP3 Skype Recorder (HKLM-x32\...\{CB606F47-7D0E-40DF-95BB-0E5413A1295F}) (Version: 3.1.3 - Alexander Nikiforov)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nihilumbra (HKLM-x32\...\Nihilumbra_is1) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
R for Windows 2.15.2 (HKLM\...\R for Windows 2.15.2_is1) (Version: 2.15.2 - R Core Team)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5998 - Realtek Semiconductor Corp.)
Rocket French v2.0 (HKLM-x32\...\Rocket French_is1) (Version:  - Libros Media Ltd)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SopCast 3.4.0 (HKLM-x32\...\SopCast) (Version: 3.4.0 - www.sopcast.com)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SPSS Statistics 17.0 (HKLM-x32\...\{46B65150-F8AA-42F2-94FB-2729A8AE5F7E}) (Version: 17.0.0 - SPSS Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stop Motion Pro v4 (HKLM-x32\...\Stop Motion Pro v4_is1) (Version:  - Stop Motion Pro)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.81.101301 - SugarSync, Inc.)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{AC36E3B7-5095-43B9-9A74-928420F88714}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{860EE8B1-0B9F-4A8A-91FE-649CD3C6754C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version:  - Microsoft)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version:  - NCH Software)
William Hill Poker (HKLM-x32\...\William Hill Poker) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.621  - Nullsoft, Inc)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Wise Registry Cleaner 7.54 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version:  - WiseCleaner.com, Inc.)
Xvid 1.1.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))
Youtube Downloader HD v. 2.9.2 (HKLM-x32\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1772277445-4011010567-3041638281-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\korovjov\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1772277445-4011010567-3041638281-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\korovjov\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1772277445-4011010567-3041638281-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\korovjov\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1772277445-4011010567-3041638281-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\korovjov\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1772277445-4011010567-3041638281-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\korovjov\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1772277445-4011010567-3041638281-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\korovjov\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1772277445-4011010567-3041638281-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\korovjov\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1772277445-4011010567-3041638281-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\korovjov\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1772277445-4011010567-3041638281-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\korovjov\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2011-04-20 20:49 - 2014-10-04 11:00 - 00001397 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
158.58.173.195 www.google-analytics.com.
158.58.173.195 google-analytics.com.
158.58.173.195 connect.facebook.net.
212.47.195.163 www.google-analytics.com.
212.47.195.163 google-analytics.com.
212.47.195.163 connect.facebook.net.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0A005059-9970-4BFC-946E-8AD72EB2BFBD} - System32\Tasks\{56A85283-B476-4CA7-BDAE-2B90910F3CCE} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.3.0.111&amp;LastError=2
Task: {19DD06E0-E779-4D80-B07A-B47D58E7A709} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1772277445-4011010567-3041638281-1000Core => C:\Users\korovjov\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {2C6E8114-D282-4093-8AF7-329A18F73AB5} - System32\Tasks\{D79D32E0-17AF-4691-8D22-E514FAE7C6A4} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {422A8789-F3B1-44F4-8D96-342845DE451E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-03] (Google Inc.)
Task: {5B619890-EB2C-4144-95B1-2730A3DBBDBE} - System32\Tasks\Security Center Update - 1760769643 => C:\Users\korovjov\AppData\Roaming\Ishaewga\riell.exe <==== ATTENTION
Task: {80C5DC83-9113-4266-A78F-BFC47920E1FB} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {A06A8162-4222-4610-AE66-8C328ECA0121} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-28] (Adobe Systems Incorporated)
Task: {B1B7F990-6C71-42F3-96E1-35585C1E9701} - System32\Tasks\avast! Emergency Update => D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-05] (AVAST Software)
Task: {B9370A37-DBDD-493E-84B3-8715D9880E2D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1772277445-4011010567-3041638281-1000UA => C:\Users\korovjov\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {E1C146DF-C799-4EA7-B7E5-7797C1D44E45} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-03] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1772277445-4011010567-3041638281-1000Core.job => C:\Users\korovjov\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1772277445-4011010567-3041638281-1000UA.job => C:\Users\korovjov\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-09-09 11:43 - 2014-09-09 11:43 - 03140096 _____ () C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-09 11:43 - 2014-09-09 11:43 - 02498560 _____ () C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 02745168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareShellExtension.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\RCF.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_filesystem-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_system-vc100-mt-1_55.dll
2011-04-27 09:40 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-10-30 23:31 - 2010-08-16 00:51 - 00061440 _____ () C:\Program Files (x86)\D-Link\DWA-123\ALPBCSVC.exe
2014-08-27 12:32 - 2014-08-27 12:32 - 00706864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
2014-08-27 12:53 - 2014-08-27 12:53 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_thread-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_chrono-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_date_time-vc100-mt-1_55.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 11947856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareServiceKernel.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_regex-vc100-mt-1_55.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareActivation.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 02167640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareApplicationUpdater.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareGamingMode.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareReset.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTime.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00943960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdater.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01105224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIgnoreList.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00247624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareQuarantine.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00988504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiMalwareEngine.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiRootkitEngine.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerHistory.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01277248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScanner.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_timer-vc100-mt-1_55.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00975192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerScheduler.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01109336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareRealTimeProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIncompatibles.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00891720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiSpam.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00843088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiPhishing.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 03090768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareParentalControl.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 02624848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareWebProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareEmailProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNetworkProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePromo.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareFeedback.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareThreatWorkAlliance.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01238848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePinCode.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNotice.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00928072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAvcEngine.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\SecurityCenter.dll
2014-10-05 16:08 - 2014-10-05 16:08 - 00301152 _____ () D:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-10-09 20:48 - 2014-10-09 20:48 - 02859008 _____ () D:\Program Files\AVAST Software\Avast\defs\14100901\algo.dll
2014-10-11 10:23 - 2014-10-11 10:23 - 02873856 _____ () D:\Program Files\AVAST Software\Avast\defs\14101100\algo.dll
2013-10-30 23:33 - 2013-10-30 23:33 - 00073728 _____ () C:\Program Files (x86)\D-Link\DWA-123\ANPDApi.dll
2012-09-23 20:44 - 2012-09-23 20:44 - 00010240 _____ () D:\Program Files\Adobe\Acrobat 11.0\Acrobat\locale\hu_hu\acrotray.hun
2014-10-05 16:08 - 2014-10-05 16:08 - 19329904 _____ () D:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-20 12:25 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-20 12:25 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-09-20 12:25 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2011-04-19 15:52 - 2009-10-02 13:18 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-09-20 12:25 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-20 12:25 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-25 09:46 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 09:46 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 09:46 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 09:46 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 09:46 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-25 09:46 - 2014-09-23 06:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:689AB7E9
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\79809006.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\84502521.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\79809006.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\84502521.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^korovjov^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^at.lnk => C:\Windows\pss\at.lnk.Startup
MSCONFIG\startupfolder: C:^Users^korovjov^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^label.lnk => C:\Windows\pss\label.lnk.Startup
MSCONFIG\startupfolder: C:^Users^korovjov^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupfolder: C:^Users^korovjov^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^poqexec.lnk => C:\Windows\pss\poqexec.lnk.Startup
MSCONFIG\startupfolder: C:^Users^korovjov^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^rasdial.lnk => C:\Windows\pss\rasdial.lnk.Startup
MSCONFIG\startupfolder: C:^Users^korovjov^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^regini.lnk => C:\Windows\pss\regini.lnk.Startup
MSCONFIG\startupreg: AdAwareTray => "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\korovjov\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GoldWord => D:\Program Files\GoldWord\gw.exe s
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 
========================= Accounts: ==========================
 
ASPNET (S-1-5-21-1772277445-4011010567-3041638281-1002 - Limited - Enabled)
korovjov (S-1-5-21-1772277445-4011010567-3041638281-1000 - Administrator - Enabled) => C:\Users\korovjov
Rendszergazda (S-1-5-21-1772277445-4011010567-3041638281-500 - Administrator - Disabled)
Vendég (S-1-5-21-1772277445-4011010567-3041638281-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/11/2014 10:20:24 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (10/10/2014 07:01:05 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (10/10/2014 04:48:03 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (10/09/2014 08:45:28 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (10/09/2014 09:20:03 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (10/09/2014 05:35:57 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (10/08/2014 01:53:44 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Aktiválási környezet létrehozása sikertelen a következőhöz: "assemblyIdentity1". Hiba a(z) "assemblyIdentity2" jegyzék- vagy házirendfájl assemblyIdentity3. sorában.
A(z) "x64" érték (attribútum: "processorArchitecture", elem: "assemblyIdentity") érvénytelen.
 
Error: (10/08/2014 01:22:31 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (10/07/2014 10:04:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: A(z) mbam.exe program (verzió: 1.0.0.532) kommunikációja a Windows rendszerrel megszakadt, ezért a program leállt. A hibával kapcsolatos további információkért ellenőrizze a probléma előzményeit a Műveletközpont vezérlőpulton.
 
Folyamatazonosító: 1148
 
Kezdés: 01cfe25c98fe36a0
 
Befejezés: 2
 
Alkalmazás elérési útja: D:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware\mbam.exe
 
Jelentés azonosítója: 129314a6-4e5d-11e4-a03f-6cf0497de6ed
 
Error: (10/07/2014 08:28:00 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
 
System errors:
=============
Error: (10/11/2014 10:20:24 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: A szolgáltatás (BlueStacks Android Service) leállt a következő hibával: 
%%1064
 
Error: (10/11/2014 10:20:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: A szolgáltatás (NTPort Library Driver) a következő hiba következtében leállt: 
%%2
 
Error: (10/11/2014 10:20:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: A szolgáltatás (vToolbarUpdater3.2.0) a következő hiba következtében leállt: 
%%2
 
Error: (10/11/2014 10:19:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: A szolgáltatás (Spybot-S&D 2 Scanner Service) a következő hiba következtében leállt: 
%%1053
 
Error: (10/11/2014 10:19:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Letelt egy időkorlát (30000 ms) a(z) Spybot-S&D 2 Scanner Service szolgáltatás kapcsolódására való várakozás közben.
 
Error: (10/11/2014 10:19:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: A szolgáltatás (JMB36X) a következő hiba következtében leállt: 
%%2
 
Error: (10/10/2014 07:01:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: A szolgáltatás (BlueStacks Android Service) leállt a következő hibával: 
%%1064
 
Error: (10/10/2014 07:01:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: A szolgáltatás (NTPort Library Driver) a következő hiba következtében leállt: 
%%2
 
Error: (10/10/2014 07:00:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: A szolgáltatás (vToolbarUpdater3.2.0) a következő hiba következtében leállt: 
%%2
 
Error: (10/10/2014 07:00:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: A szolgáltatás (Spybot-S&D 2 Scanner Service) a következő hiba következtében leállt: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (10/11/2014 10:20:24 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (10/10/2014 07:01:05 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (10/10/2014 04:48:03 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (10/09/2014 08:45:28 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (10/09/2014 09:20:03 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (10/09/2014 05:35:57 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (10/08/2014 01:53:44 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityprocessorArchitecturex64c:\program files\R\r-2.15.2\Tcl\bin64\tk85.dllc:\program files\R\r-2.15.2\Tcl\bin64\tk85.dll9
 
Error: (10/08/2014 01:22:31 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (10/07/2014 10:04:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.0.532114801cfe25c98fe36a02D:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware\mbam.exe129314a6-4e5d-11e4-a03f-6cf0497de6ed
 
Error: (10/07/2014 08:28:00 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: A szolgáltatás nem indítható el. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   a következő helyen: BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   a következő helyen: System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-10-05 11:06:24.100
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-05 11:06:23.999
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-05 11:06:23.887
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-05 11:06:23.787
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-05 11:06:06.219
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-05 11:06:06.119
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-05 11:06:06.004
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-05 11:06:05.904
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-05 11:05:39.800
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-05 11:05:39.699
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 77%
Total physical RAM: 4091.49 MB
Available physical RAM: 921.99 MB
Total Pagefile: 8181.16 MB
Available Pagefile: 3567.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:100 GB) (Free:4.4 GB) NTFS
Drive d: () (Fixed) (Total:1297.17 GB) (Free:551.67 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: E54A091F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1297.2 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 


BC AdBot (Login to Remove)

 


m

#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,606 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:22 PM

Posted 12 October 2014 - 05:27 PM

Since you are receiving help from seedy21 here I am closing this topic to avoid confusion.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users