Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Check up.


  • This topic is locked This topic is locked
24 replies to this topic

#1 ComputerEngineer

ComputerEngineer

    Authentic Member

  • Authentic Member
  • PipPip
  • 35 posts

Posted 07 October 2014 - 09:11 PM

Hello,

 

I was directed here to check my laptop for malware.

 

 

OTL logfile created on: 10/8/2014 2:07:01 AM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\MAGMAM\Desktop
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 00000409 | Country: Australia | Language: EN | Date Format: dd/MM/yyyy
 
2.94 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 38.70% Memory free
7.32 Gb Paging File | 2.70 Gb Available in Paging File | 36.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 275.89 Gb Total Space | 13.57 Gb Free Space | 4.92% Space Free | Partition Type: NTFS
Drive D: | 16.90 Gb Total Space | 0.10 Gb Free Space | 0.61% Space Free | Partition Type: NTFS
Drive E: | 5.00 Gb Total Space | 0.18 Gb Free Space | 3.69% Space Free | Partition Type: NTFS
Drive G: | 1.33 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 0.33 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 300.00 Mb Total Space | 258.79 Mb Free Space | 86.27% Space Free | Partition Type: NTFS
Drive J: | 9.47 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive K: | 7.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive L: | 6.81 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive M: | 5.66 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: MAGMAM-PC | User Name: MAGMAM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\MAGMAM\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)
PRC - C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe (Ginger Software)
PRC - C:\Program Files\Ginger\GingerServices\GingerServices.exe (Ginger Software)
PRC - C:\Program Files\Notepad++\notepad++.exe (Don HO don.h@free.fr)
PRC - C:\Program Files\AVG\AVG2014\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - c:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe ()
PRC - C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe (RealNetworks, Inc.)
PRC - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
PRC - C:\Windows\System32\osk.exe (Microsoft Corporation)
PRC - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hotspot Shield\bin\HSSCP.exe (AnchorFree Inc.)
PRC - C:\Program Files\Hotspot Shield\bin\cmw_srv.exe (AnchorFree Inc.)
PRC - C:\Program Files\Hotspot Shield\bin\hsswd.exe ()
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe (AVG)
PRC - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe (AVG)
PRC - C:\Users\MAGMAM\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Software Informer\softinfo.exe (Informer Technologies, Inc.)
PRC - C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe (Disc Soft Ltd)
PRC - C:\ProgramData\MobileBrServ\mbbService.exe ()
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe (Nitro PDF Software)
PRC - C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
PRC - C:\Program Files\netcut\netcut.exe (Arcai.com)
PRC - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files\WebcamMax\wcmmon.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Google\Chrome\Application\38.0.2125.101\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files\Google\Chrome\Application\38.0.2125.101\pdf.dll ()
MOD - C:\Program Files\Google\Chrome\Application\38.0.2125.101\libglesv2.dll ()
MOD - C:\Program Files\Google\Chrome\Application\38.0.2125.101\ffmpegsumo.dll ()
MOD - C:\Program Files\Google\Chrome\Application\38.0.2125.101\libegl.dll ()
MOD - c:\Program Files\Real\RealPlayer\RPDS\Lib\r1api.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e8d9058b7f59f6d3d134b086916d8674\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0c9f47f2c82f0232a48a737193672197\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\349461c3a273efc2b4bd643c2645bd70\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2508b25b4d961a45659a8a8f128818a1\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3f2952ec748f60fbb5deacfc4db0a2a3\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8b7f86e5a6f0aa23f4b25dfeeaa6b318\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3fad44f7fd9f6c117eb02265ab63f80d\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5bf56d6064af88d8812a3f78e0dfd376\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4c4507612d22786d45594a65a0213c1f\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95854f4f1f37b8eab1b1e3d7103b48ef\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll ()
MOD - C:\Program Files\Hotspot Shield\bin\af_proxy.dll ()
MOD - C:\Program Files\Notepad++\NppShell_06.dll ()
MOD - C:\Program Files\Software Informer\cef\libcef.dll ()
MOD - C:\Program Files\Notepad++\plugins\NppFTP.dll ()
MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Windows\System32\IccLibDll.dll ()
MOD - C:\Program Files\Notepad++\plugins\NppExport.dll ()
MOD - C:\Program Files\WebcamMax\wcmmon.exe ()
MOD - C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (APNMCP) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)
SRV - (RealPlayer Cloud Service) -- c:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.)
SRV - (TeamViewer9) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (GingerUpdateService) -- C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe (Ginger Software)
SRV - (avgfws) -- C:\Program Files\AVG\AVG2014\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (RealPlayerUpdateSvc) -- C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe ()
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (c2cautoupdatesvc) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
SRV - (c2cpnrsvc) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
SRV - (HPSupportSolutionsFrameworkService) -- C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company)
SRV - (HssTrayService) -- C:\Program Files\Hotspot Shield\bin\HSSTrayService.exe ()
SRV - (hshld) -- C:\Program Files\Hotspot Shield\bin\cmw_srv.exe (AnchorFree Inc.)
SRV - (HssWd) -- C:\Program Files\Hotspot Shield\bin\hsswd.exe ()
SRV - (MBAMService) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe (AVG)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (AVG)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (wxpSvc) -- C:\Program Files\webcamXP5\wService.exe (Moonware Studios)
SRV - (cphs) -- C:\Windows\System32\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (Disc Soft Bus Service) -- C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe (Disc Soft Ltd)
SRV - (Mobile Broadband HL Service) -- C:\ProgramData\MobileBrServ\mbbService.exe ()
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (NitroReaderDriverReadSpool3) -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe (Nitro PDF Software)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (Riverbed Technology, Inc.)
SRV - (ICCS) -- C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (AIPS) -- C:\Program Files\netcut\services\aips.exe (Arcai.com)
SRV - (VmbService) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (catchme) -- C:\Users\MAGMAM\AppData\Local\Temp\catchme.sys File not found
DRV - (BprotectEx) -- C:\Windows\System32\drivers\BprotectEx.sys File not found
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgdiskx) -- C:\Windows\System32\drivers\avgdiskx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)
DRV - (HssDRV6) -- C:\Windows\System32\drivers\hssdrv6.sys (AnchorFree Inc.)
DRV - (taphss6) -- C:\Windows\System32\drivers\taphss6.sys (Anchorfree Inc.)
DRV - (MBAMWebAccessControl) -- C:\Windows\System32\drivers\mwac.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (TBIMount) -- C:\Windows\System32\drivers\TBIMount.sys (TeraByte, Inc.)
DRV - (dtscsibus) -- C:\Windows\System32\drivers\dtscsibus.sys (Disc Soft Ltd)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (Avgfwfd) -- C:\Windows\System32\drivers\avgfwd6x.sys (AVG Technologies CZ, s.r.o.)
DRV - (Bhbase) -- C:\Windows\System32\drivers\Bhbase.sys (Baidu, Inc.)
DRV - (phylock) -- C:\Windows\System32\drivers\phylock.sys (TeraByte, Inc.)
DRV - (Apowersoft_AudioDevice) -- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys (Wondershare)
DRV - (IntcDAud) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel® Corporation)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (Riverbed Technology, Inc.)
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (terminpt) -- C:\Windows\System32\drivers\terminpt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corporation)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Qualcomm Atheros Communications, Inc.)
DRV - (WCMVCAM) -- C:\Windows\System32\drivers\wcmvcam.sys (Windows ® Win 7 DDK provider)
DRV - (WinDriver6) -- C:\Windows\System32\drivers\windrvr6.sys (Jungo)
DRV - (XilinxPC4Driver) -- C:\Windows\System32\drivers\xpc4drvr.sys (Xilinx, Inc.)
DRV - (hpdskflt) -- C:\Windows\System32\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_usbenumfilter) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys (Huawei Technologies Co., Ltd.)
DRV - (nusb3xhc) -- C:\Windows\System32\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV - (nusb3hub) -- C:\Windows\System32\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (tsusbhub) -- C:\Windows\System32\drivers\tsusbhub.sys (Microsoft Corporation)
DRV - (Synth3dVsc) -- C:\Windows\System32\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\drivers\dmvsc.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (MEI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {77AA745B-F4F8-45DA-9B14-61D2D95054C8}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}: "URL" = http://www.arabyonli...q={searchTerms}
IE - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://start.mysearc...=1029031320&ir=
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mefeedia.com/mena?v=3.42
IE - HKCU\..\SearchScopes,DefaultScope = {0001612C-7A4C-413E-AE24-A0533160057F}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}: "URL" = http://www.arabyonli...q={searchTerms}
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://start.mysearc...=1029031320&ir=
IE - HKCU\..\SearchScopes\{7BF28D31-16C0-443C-8DF8-B8A6ABDBD87D}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg.com/search?cid={D9444AAD-89CD-4199-B024-73EC10916BD1}&mid=6bce5ce22d7947d39831b9ea824161c4-df9ce6dce916111b504e34f7134076bab6351bc4&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-21 14:56:29&v=18.0.5.292&pid=safeguard&sg=&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}: "URL" = http://search.hotspo...q={searchTerms}
IE - HKCU\..\SearchScopes\5055E17DDD094F28BDB7DB89B6D45BC5: "URL" = http://search.qvo6.c...X&ts=1376413680
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8555;https=127.0.0.1:8555
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Mysearchdial"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://www.arabyonline.com/?src=117"
FF - prefs.js..extensions.enabledAddons: ffxtlbra%40softonic.com:1.6.0
FF - prefs.js..extensions.enabledAddons: %7B285ACFBB-8E53-4feb-90E6-F02A128927F3%7D:1.2.6
FF - prefs.js..extensions.enabledAddons: %7Bf9d03c26-0575-497e-821d-f7956d23e0ca%7D:3.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - prefs.js..keyword.URL: ""
FF - prefs.js..network.proxy.type: 
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.13.2: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.13: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.13.2: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\gingersoftware.com/gingerPlugin: C:\Program Files\Ginger\GingerServices\GingerServicesProxy.dll (Ginger Software)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014/09/17 20:13:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\chknq@jrkbwgoi.org: C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\extensions\chknq@jrkbwgoi.org
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\adapter@gingersoftware.com: C:\Program Files\Ginger\Mozilla\adapter@gingersoftware.com [2014/09/16 18:01:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\firefox@gingersoftware.2.0.0.74.com: C:\Program Files\Ginger\Mozilla\firefox@gingersoftware.2.0.0.74.com [2014/05/18 03:47:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{9D2AA73B-6049-4799-B8AC-925723370070}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/09/17 20:13:37 | 000,000,000 | ---D | M]
 
[2013/08/04 12:37:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Extensions
[2014/10/06 02:48:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions
[2014/10/06 02:48:18 | 000,000,000 | ---D | M] (Hotspot Shield) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
[2014/02/14 00:57:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profilesop84hkh5.default\extensions
[2014/02/14 00:57:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profilesop84hkh5.default\extensions\staged
[2013/12/24 06:40:42 | 000,065,077 | ---- | M] () (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\ffxtlbra@softonic.com.xpi
[2014/02/10 18:44:27 | 000,490,422 | ---- | M] () (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi
[2012/05/25 17:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi
[2013/12/29 21:25:31 | 000,002,842 | ---- | M] () (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi
[2014/02/15 10:14:35 | 000,004,000 | ---- | M] () -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\searchplugins\ZenSearch.xml
[2013/08/02 16:05:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.101\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg\8.10_0\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_28\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2014/02/22 15:48:54 | 000,000,221 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1 anchorfree.net
O1 - Hosts: 127.0.0.1 rss2search.com
O1 - Hosts: 127.0.0.1 techbrowsing.com
O1 - Hosts: 127.0.0.1 box.anchorfree.net
O1 - Hosts: 127.0.0.1 www.mefeedia.com
O1 - Hosts: 127.0.0.3 www.anchorfree.net
O1 - Hosts: 127.0.0.2 www.mefeedia.com
O2 - BHO: (Ginger Grammar & Spell Checker) - {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} - C:\Program Files\Ginger\GingerIEAddin\adxloader.dll File not found
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (FoxPro Class) - {598AC71E-BE58-3981-B78A-5C138F423AD6} - C:\Users\MAGMAM\AppData\Roaming\VolIE\FoxPro_32.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Ultra Agent] C:\Program Files\DAEMON Tools Ultra\DTAgent.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_6116CBA5655B8B1266EAB4041CDFAAA1] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [Software Informer] C:\Program Files\Software Informer\softinfo.exe (Informer Technologies, Inc.)
O4 - HKCU..\Run: [SpeedConnectStartUp] C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe (CBS Software)
O4 - HKCU..\Run: [uTorrent] C:\Users\MAGMAM\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [WebcamMaxAutoRun] C:\Program Files\WebcamMax\wcmmon.exe ()
O4 - Startup: C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O9 - Extra Button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.136.58.190 62.209.25.155
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D02B2D8-4A6D-423F-9874-ECF283BB2542}: DhcpNameServer = 83.136.58.190 62.209.25.155
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [1999/12/12 00:00:00 | 000,000,041 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2013/09/03 11:39:13 | 000,000,043 | R--- | M] () - J:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2008/11/15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - K:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008/10/11 19:03:48 | 000,000,054 | R--- | M] () - K:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008/11/09 03:32:49 | 000,000,041 | R--- | M] () - L:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2013/05/07 16:57:07 | 000,000,000 | ---D | M] - M:\Autorun -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (AVG)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
Drivers32: msacm.bdmpeg - C:\Windows\System32\bdmpega.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\System32\lagarith.dll ( )
Drivers32: vidc.mjpg - C:\Windows\System32\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\Windows\System32\bdmpegv.dll ()
Drivers32: vidc.xtor - C:\Windows\System32\DxtoryCodec.dll (Dxtory Software)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/06 04:34:45 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\Desktop\GMT.KZ_FIFA_15_Ultimate_Team_Edition
[2014/10/06 02:36:06 | 000,039,624 | ---- | C] (AnchorFree Inc.) -- C:\Windows\System32\drivers\hssdrv6.sys
[2014/10/06 02:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
[2014/10/06 02:35:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Hotspot Shield
[2014/10/06 02:34:49 | 000,000,000 | ---D | C] -- C:\Program Files\Hotspot Shield
[2014/10/06 02:11:53 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\AppData\Roaming\Hotspot Shield
[2014/10/03 08:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReMouse Micro
[2014/10/03 08:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\ReMouse Micro
[2014/10/03 08:32:40 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\Documents\AutomaticSolution Software
[2014/10/03 08:28:57 | 001,006,592 | ---- | C] (AutomaticSolution Software                                  ) -- C:\Users\MAGMAM\Desktop\ReMouseMicro-Setup.exe
[2014/09/30 21:28:26 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2014/09/24 04:47:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2014/09/20 03:46:34 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\Documents\New folder
[2014/09/20 00:47:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/09/20 00:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014/09/17 20:15:20 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\AppData\Roaming\RealNetworks
[2014/09/17 20:15:05 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\AppData\Local\AskPartnerNetwork
[2014/09/17 20:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2014/09/17 20:14:59 | 000,000,000 | ---D | C] -- C:\Program Files\AskPartnerNetwork
[2014/09/17 20:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2014/09/17 20:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2014/09/17 20:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2014/09/17 20:12:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2014/09/14 23:28:34 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\Documents\My Received Files
[2014/09/14 01:51:12 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
[2014/09/14 01:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\Paltalk Messenger
[2014/09/14 01:41:29 | 001,758,592 | ---- | C] (AVM Software Inc.) -- C:\Users\MAGMAM\Desktop\pal_install_ar_r109860_a3000.exe
[2014/09/12 21:17:21 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\AppData\Roaming\VolIE
[2014/09/12 21:17:05 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\AppData\Roaming\ARHome
[2014/09/12 02:35:13 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/09/12 02:35:12 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/09/12 02:35:11 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/09/12 02:35:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014/09/12 02:35:10 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/09/12 02:35:10 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/09/12 02:35:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/09/12 02:35:09 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/09/12 02:35:09 | 000,365,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/09/12 02:35:09 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/09/12 02:35:09 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/09/12 02:35:08 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/09/12 02:35:08 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/09/12 02:35:07 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/09/12 02:35:07 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/09/12 02:35:07 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/09/12 02:35:07 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/09/12 02:35:06 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/09/12 02:35:06 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/09/12 02:35:05 | 000,673,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/09/12 02:35:05 | 000,327,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/09/12 02:34:59 | 004,232,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/09/12 02:34:58 | 002,014,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/09/12 02:32:21 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2014/09/11 15:54:38 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hotspot Shield v2.88 Elite Final Full
[2014/09/11 15:54:12 | 000,000,000 | ---D | C] -- C:\Program Files\S.P.D
[2014/09/11 04:01:30 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014/09/11 04:01:28 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2014/09/11 04:01:25 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/09/11 04:01:25 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2 C:\Users\MAGMAM\Desktop\*.tmp files -> C:\Users\MAGMAM\Desktop\*.tmp -> ]
[18 C:\Users\MAGMAM\Documents\*.tmp files -> C:\Users\MAGMAM\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/08 02:16:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/10/08 01:44:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/07 22:22:28 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/10/07 21:58:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/10/07 21:12:00 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2014/10/07 13:44:01 | 000,000,826 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/07 09:19:09 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2014/10/07 09:18:47 | 2370,592,768 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/06 04:15:20 | 000,355,328 | ---- | M] () -- C:\Users\MAGMAM\Desktop\FIFA15Downloader__7934_il2533458.exe
[2014/10/06 02:46:17 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2014/10/06 02:45:38 | 000,000,009 | ---- | M] () -- C:\END
[2014/10/06 02:20:25 | 000,028,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/10/06 02:20:25 | 000,028,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/10/06 02:10:17 | 008,052,240 | ---- | M] () -- C:\Users\MAGMAM\Desktop\HSS-3.42-install-hss.exe
[2014/10/05 20:01:36 | 009,083,136 | ---- | M] () -- C:\Users\MAGMAM\Documents\DJ Sharaz - Shake It, Bake It, Booty Quake It _ Facebook.mp4
[2014/10/03 08:32:49 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\ReMouse Micro.lnk
[2014/10/03 08:29:04 | 001,006,592 | ---- | M] (AutomaticSolution Software                                  ) -- C:\Users\MAGMAM\Desktop\ReMouseMicro-Setup.exe
[2014/10/01 22:52:22 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/10/01 22:30:45 | 000,723,764 | ---- | M] () -- C:\Windows\System32\prfh0816.dat
[2014/10/01 22:30:45 | 000,719,346 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2014/10/01 22:30:45 | 000,708,626 | ---- | M] () -- C:\Windows\System32\prfh0416.dat
[2014/10/01 22:30:45 | 000,651,428 | ---- | M] () -- C:\Windows\System32\perfh01F.dat
[2014/10/01 22:30:45 | 000,153,656 | ---- | M] () -- C:\Windows\System32\prfc0816.dat
[2014/10/01 22:30:45 | 000,148,406 | ---- | M] () -- C:\Windows\System32\prfc0416.dat
[2014/10/01 22:30:45 | 000,140,750 | ---- | M] () -- C:\Windows\System32\perfc01F.dat
[2014/10/01 22:30:44 | 000,735,104 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014/10/01 22:30:44 | 000,685,370 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2014/10/01 22:30:44 | 000,657,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/10/01 22:30:44 | 000,504,160 | ---- | M] () -- C:\Windows\System32\perfh006.dat
[2014/10/01 22:30:44 | 000,481,930 | ---- | M] () -- C:\Windows\System32\perfh001.dat
[2014/10/01 22:30:44 | 000,156,622 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014/10/01 22:30:44 | 000,151,592 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2014/10/01 22:30:44 | 000,130,982 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2014/10/01 22:30:44 | 000,122,894 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/10/01 22:30:44 | 000,099,408 | ---- | M] () -- C:\Windows\System32\perfc006.dat
[2014/10/01 22:30:44 | 000,095,656 | ---- | M] () -- C:\Windows\System32\perfc001.dat
[2014/10/01 22:25:16 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\WinZipDriverUpdater_UPDATES.job
[2014/10/01 02:22:14 | 009,303,162 | ---- | M] () -- C:\Users\MAGMAM\Documents\Benjo Tabora _ Facebook.mp4
[2014/09/30 17:22:24 | 000,011,644 | ---- | M] () -- C:\Users\MAGMAM\Desktop\10704003_1471577439796538_4006392485479956584_n.jpg
[2014/09/30 04:02:07 | 000,009,532 | ---- | M] () -- C:\Users\MAGMAM\Desktop\10629573_814350365252447_3153925028573009385_n.jpg
[2014/09/30 04:01:01 | 000,010,940 | ---- | M] () -- C:\Users\MAGMAM\Desktop\10303294_814333115254172_3127307523454080139_n.jpg
[2014/09/30 03:47:32 | 000,020,954 | ---- | M] () -- C:\Users\MAGMAM\Desktop\10653821_678308628957196_1338467909795394739_n.jpg
[2014/09/24 10:29:37 | 000,045,550 | ---- | M] () -- C:\Users\MAGMAM\Desktop\10653767_889632104447233_5108268957931399378_n.jpg
[2014/09/24 05:16:53 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/09/24 05:16:53 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/09/23 06:20:17 | 012,443,664 | ---- | M] () -- C:\Users\MAGMAM\Documents\Nova 106.9 _ Facebook.mp4
[2014/09/20 00:53:27 | 000,001,012 | ---- | M] () -- C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/09/20 00:53:04 | 000,000,982 | ---- | M] () -- C:\Users\MAGMAM\Desktop\Dropbox.lnk
[2014/09/20 00:47:15 | 000,002,509 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/09/20 00:05:10 | 000,443,504 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/09/19 01:52:01 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014/09/18 02:04:36 | 000,423,971 | ---- | M] () -- C:\Users\MAGMAM\Documents\Capturec.PNG
[2014/09/17 20:13:51 | 000,001,012 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer Cloud.lnk
[2014/09/17 20:12:13 | 000,201,800 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2014/09/17 20:11:56 | 000,001,206 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
[2014/09/17 20:11:34 | 000,278,600 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2014/09/16 18:01:41 | 000,002,983 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ginger.lnk
[2014/09/16 18:01:41 | 000,002,949 | ---- | M] () -- C:\Users\Public\Desktop\Ginger.lnk
[2014/09/15 00:21:31 | 000,048,399 | ---- | M] () -- C:\Users\MAGMAM\Documents\Captureb.PNG
[2014/09/14 01:51:13 | 000,001,985 | ---- | M] () -- C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
[2014/09/14 01:51:12 | 000,001,965 | ---- | M] () -- C:\Users\MAGMAM\Application Data\Microsoft\Internet Explorer\Quick Launch\Paltalk Messenger.lnk
[2014/09/14 01:51:12 | 000,001,941 | ---- | M] () -- C:\Users\MAGMAM\Desktop\Paltalk Messenger.lnk
[2014/09/14 01:51:12 | 000,001,216 | ---- | M] () -- C:\Users\MAGMAM\Desktop\Upgrade to Paltalk Extreme.lnk
[2014/09/14 01:51:11 | 000,001,216 | ---- | M] () -- C:\Users\MAGMAM\Application Data\Microsoft\Internet Explorer\Quick Launch\Upgrade to Paltalk Extreme.lnk
[2014/09/14 01:42:20 | 001,758,592 | ---- | M] (AVM Software Inc.) -- C:\Users\MAGMAM\Desktop\pal_install_ar_r109860_a3000.exe
[2014/09/14 01:34:46 | 000,090,481 | ---- | M] () -- C:\Users\MAGMAM\Documents\Capturea.PNG
[2014/09/12 21:17:45 | 000,001,085 | ---- | M] () -- C:\Users\MAGMAM\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
[2014/09/12 21:17:45 | 000,001,061 | ---- | M] () -- C:\Users\MAGMAM\Desktop\FinalMediaPlayer.lnk
[2014/09/12 21:17:17 | 000,004,772 | ---- | M] () -- C:\Users\MAGMAM\AppData\Roaming\ext.crx
[2014/09/12 21:17:13 | 000,003,072 | ---- | M] () -- C:\Users\MAGMAM\AppData\Roaming\chrome-extension.localstorage
[2014/09/11 15:54:39 | 000,002,292 | ---- | M] () -- C:\Users\MAGMAM\Application Data\Microsoft\Internet Explorer\Quick Launch\Best VPN Soft Special Offer.lnk
[2014/09/11 15:54:39 | 000,002,268 | ---- | M] () -- C:\Users\MAGMAM\Desktop\Best VPN Soft Special Offer.lnk
[2014/09/11 04:11:11 | 000,070,424 | ---- | M] () -- C:\Users\MAGMAM\Desktop\10511200_769102246518214_3902462020799876321_n.jpg
[2014/09/09 23:47:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2 C:\Users\MAGMAM\Desktop\*.tmp files -> C:\Users\MAGMAM\Desktop\*.tmp -> ]
[18 C:\Users\MAGMAM\Documents\*.tmp files -> C:\Users\MAGMAM\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/10/06 04:15:18 | 000,355,328 | ---- | C] () -- C:\Users\MAGMAM\Desktop\FIFA15Downloader__7934_il2533458.exe
[2014/10/06 02:46:17 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2014/10/06 02:45:37 | 000,000,009 | ---- | C] () -- C:\END
[2014/10/06 02:09:04 | 008,052,240 | ---- | C] () -- C:\Users\MAGMAM\Desktop\HSS-3.42-install-hss.exe
[2014/10/05 20:00:18 | 009,083,136 | ---- | C] () -- C:\Users\MAGMAM\Documents\DJ Sharaz - Shake It, Bake It, Booty Quake It _ Facebook.mp4
[2014/10/03 08:32:49 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\ReMouse Micro.lnk
[2014/10/01 02:20:56 | 009,303,162 | ---- | C] () -- C:\Users\MAGMAM\Documents\Benjo Tabora _ Facebook.mp4
[2014/09/30 17:22:23 | 000,011,644 | ---- | C] () -- C:\Users\MAGMAM\Desktop\10704003_1471577439796538_4006392485479956584_n.jpg
[2014/09/30 04:02:07 | 000,009,532 | ---- | C] () -- C:\Users\MAGMAM\Desktop\10629573_814350365252447_3153925028573009385_n.jpg
[2014/09/30 04:01:00 | 000,010,940 | ---- | C] () -- C:\Users\MAGMAM\Desktop\10303294_814333115254172_3127307523454080139_n.jpg
[2014/09/30 03:46:55 | 000,020,954 | ---- | C] () -- C:\Users\MAGMAM\Desktop\10653821_678308628957196_1338467909795394739_n.jpg
[2014/09/24 10:27:26 | 000,045,550 | ---- | C] () -- C:\Users\MAGMAM\Desktop\10653767_889632104447233_5108268957931399378_n.jpg
[2014/09/23 06:18:37 | 012,443,664 | ---- | C] () -- C:\Users\MAGMAM\Documents\Nova 106.9 _ Facebook.mp4
[2014/09/20 00:47:15 | 000,002,509 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/09/19 01:52:01 | 000,001,060 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014/09/19 01:52:01 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014/09/18 02:04:35 | 000,423,971 | ---- | C] () -- C:\Users\MAGMAM\Documents\Capturec.PNG
[2014/09/17 20:13:51 | 000,001,012 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer Cloud.lnk
[2014/09/15 00:21:30 | 000,048,399 | ---- | C] () -- C:\Users\MAGMAM\Documents\Captureb.PNG
[2014/09/14 01:51:13 | 000,001,985 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
[2014/09/14 01:51:12 | 000,001,965 | ---- | C] () -- C:\Users\MAGMAM\Application Data\Microsoft\Internet Explorer\Quick Launch\Paltalk Messenger.lnk
[2014/09/14 01:51:12 | 000,001,941 | ---- | C] () -- C:\Users\MAGMAM\Desktop\Paltalk Messenger.lnk
[2014/09/14 01:51:12 | 000,001,216 | ---- | C] () -- C:\Users\MAGMAM\Desktop\Upgrade to Paltalk Extreme.lnk
[2014/09/14 01:51:11 | 000,001,216 | ---- | C] () -- C:\Users\MAGMAM\Application Data\Microsoft\Internet Explorer\Quick Launch\Upgrade to Paltalk Extreme.lnk
[2014/09/14 01:34:46 | 000,090,481 | ---- | C] () -- C:\Users\MAGMAM\Documents\Capturea.PNG
[2014/09/12 21:17:17 | 000,004,772 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\ext.crx
[2014/09/12 21:17:13 | 000,003,072 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\chrome-extension.localstorage
[2014/09/11 15:54:39 | 000,002,292 | ---- | C] () -- C:\Users\MAGMAM\Application Data\Microsoft\Internet Explorer\Quick Launch\Best VPN Soft Special Offer.lnk
[2014/09/11 15:54:39 | 000,002,268 | ---- | C] () -- C:\Users\MAGMAM\Desktop\Best VPN Soft Special Offer.lnk
[2014/09/11 04:10:57 | 000,070,424 | ---- | C] () -- C:\Users\MAGMAM\Desktop\10511200_769102246518214_3902462020799876321_n.jpg
[2014/05/29 01:05:15 | 000,000,017 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\brite
[2014/05/19 23:17:31 | 000,000,408 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\CamShapes.ini
[2014/05/19 23:17:31 | 000,000,408 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\CamLayout.ini
[2014/05/19 23:17:31 | 000,000,054 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\Camdata.ini
[2014/05/19 23:13:39 | 000,004,535 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\CamStudio.cfg
[2014/05/19 23:09:10 | 000,000,096 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\version2.xml
[2014/05/06 18:23:16 | 000,723,802 | ---- | C] () -- C:\Windows\System32\unins000.exe
[2014/05/06 18:23:16 | 000,398,136 | ---- | C] () -- C:\Windows\System32\H264Decoder.dll
[2014/05/06 18:23:15 | 000,000,988 | ---- | C] () -- C:\Windows\System32\unins000.dat
[2014/02/20 18:14:02 | 000,179,377 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2014/01/25 18:53:27 | 000,000,043 | ---- | C] () -- C:\Windows\gswin32.ini
[2014/01/25 15:06:16 | 000,000,252 | ---- | C] () -- C:\Windows\System32\msdllhlp.dll
[2014/01/23 12:57:59 | 000,091,224 | ---- | C] () -- C:\Windows\tbicd2hd.exe
[2014/01/21 21:50:56 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/01/21 21:50:56 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/01/21 21:50:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/01/21 21:50:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/01/21 21:50:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/01/20 13:19:33 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2014/01/19 08:01:14 | 000,010,729 | ---- | C] () -- C:\Users\MAGMAM\gsview32.ini
[2014/01/14 13:29:02 | 000,000,040 | ---- | C] () -- C:\Windows\gsview32.ini
[2014/01/07 01:40:34 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2014/01/07 01:40:33 | 000,685,370 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2014/01/07 01:40:33 | 000,130,982 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2014/01/07 01:40:33 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2014/01/07 01:40:32 | 000,289,060 | ---- | C] () -- C:\Windows\System32\perfi001.dat
[2014/01/07 01:40:29 | 000,481,930 | ---- | C] () -- C:\Windows\System32\perfh001.dat
[2014/01/07 01:40:29 | 000,095,656 | ---- | C] () -- C:\Windows\System32\perfc001.dat
[2014/01/07 01:40:29 | 000,042,056 | ---- | C] () -- C:\Windows\System32\perfd001.dat
[2013/12/19 00:19:06 | 000,000,027 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\WB.CFG
[2013/11/27 18:41:18 | 000,361,984 | ---- | C] () -- C:\Windows\System32\LiveWrapRTSP.dll
[2013/11/07 02:02:16 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2013/11/07 02:02:12 | 000,077,312 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2013/10/30 03:52:54 | 000,161,880 | ---- | C] () -- C:\Windows\System32\pca-manta.bin
[2013/10/30 03:52:54 | 000,000,092 | ---- | C] () -- C:\Windows\System32\calibration.bin
[2013/10/11 09:18:55 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2013/10/11 09:18:55 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2013/10/11 09:18:54 | 000,001,786 | ---- | C] () -- C:\Windows\unins000.dat
[2013/09/29 00:06:42 | 000,015,585 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\winboard47.ini
[2013/09/29 00:03:48 | 000,015,246 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\winboard_cct.ini
[2013/09/28 22:12:15 | 000,014,654 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\winboard-XQ.ini
[2013/09/28 22:06:53 | 000,015,178 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\winboard_ics.ini
[2013/09/24 02:24:01 | 000,000,588 | ---- | C] () -- C:\Users\MAGMAM\Xilinx_Connect_Later.html
[2013/08/15 20:26:19 | 000,735,104 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2013/08/15 20:26:19 | 000,723,764 | ---- | C] () -- C:\Windows\System32\prfh0816.dat
[2013/08/15 20:26:19 | 000,719,346 | ---- | C] () -- C:\Windows\System32\perfh019.dat
[2013/08/15 20:26:19 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2013/08/15 20:26:19 | 000,336,704 | ---- | C] () -- C:\Windows\System32\perfi019.dat
[2013/08/15 20:26:19 | 000,336,656 | ---- | C] () -- C:\Windows\System32\prfi0816.dat
[2013/08/15 20:26:19 | 000,156,622 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2013/08/15 20:26:19 | 000,153,656 | ---- | C] () -- C:\Windows\System32\prfc0816.dat
[2013/08/15 20:26:19 | 000,151,592 | ---- | C] () -- C:\Windows\System32\perfc019.dat
[2013/08/15 20:26:19 | 000,040,548 | ---- | C] () -- C:\Windows\System32\prfd0816.dat
[2013/08/15 20:26:19 | 000,039,446 | ---- | C] () -- C:\Windows\System32\perfd019.dat
[2013/08/15 20:26:19 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2013/08/15 20:26:18 | 000,708,626 | ---- | C] () -- C:\Windows\System32\prfh0416.dat
[2013/08/15 20:26:18 | 000,504,160 | ---- | C] () -- C:\Windows\System32\perfh006.dat
[2013/08/15 20:26:18 | 000,323,154 | ---- | C] () -- C:\Windows\System32\prfi0416.dat
[2013/08/15 20:26:18 | 000,306,636 | ---- | C] () -- C:\Windows\System32\perfi006.dat
[2013/08/15 20:26:18 | 000,148,406 | ---- | C] () -- C:\Windows\System32\prfc0416.dat
[2013/08/15 20:26:18 | 000,099,408 | ---- | C] () -- C:\Windows\System32\perfc006.dat
[2013/08/15 20:26:18 | 000,039,236 | ---- | C] () -- C:\Windows\System32\perfd006.dat
[2013/08/15 20:26:18 | 000,038,536 | ---- | C] () -- C:\Windows\System32\prfd0416.dat
[2013/08/14 19:44:58 | 000,285,034 | ---- | C] () -- C:\Windows\System32\perfi01F.dat
[2013/08/14 19:44:57 | 000,651,428 | ---- | C] () -- C:\Windows\System32\perfh01F.dat
[2013/08/14 19:44:57 | 000,037,160 | ---- | C] () -- C:\Windows\System32\perfd01F.dat
[2013/08/14 19:44:56 | 000,140,750 | ---- | C] () -- C:\Windows\System32\perfc01F.dat
[2013/08/07 17:16:18 | 000,007,595 | ---- | C] () -- C:\Users\MAGMAM\AppData\Local\Resmon.ResmonCfg
[2013/08/07 03:45:09 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2013/08/05 08:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2013/08/05 08:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2013/08/02 17:48:08 | 000,001,246 | RHS- | C] () -- C:\Users\MAGMAM\ntuser.pol
[2013/08/02 17:25:27 | 000,000,170 | ---- | C] () -- C:\Users\MAGMAM\.packettracer
[2013/03/09 01:32:48 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin
[2013/03/01 03:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2012/12/14 02:02:20 | 000,963,452 | ---- | C] () -- C:\Windows\System32\igcodeckrng600.bin
[2012/12/14 02:02:20 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2012/12/14 02:02:20 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012/12/14 02:02:16 | 000,272,928 | ---- | C] () -- C:\Windows\System32\igvpkrng600.bin
[2012/11/28 09:42:06 | 001,826,784 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2012/11/28 09:42:06 | 000,026,464 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012/11/28 09:42:06 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2011/03/24 08:50:52 | 000,226,366 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
 
========== ZeroAccess Check ==========
 
[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/01/23 10:52:09 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\1O1L1I1PtF1F1C1N
[2014/05/18 03:50:36 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Acapela Group
[2014/05/19 22:41:32 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Apowersoft
[2014/02/20 04:05:12 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Arduino
[2014/09/12 22:21:11 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\ARHome
[2014/04/28 09:27:16 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\AVG
[2014/04/28 08:52:45 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\AVG2014
[2013/08/31 01:10:23 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Baidu Security
[2013/10/11 09:52:46 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\BANDISOFT
[2013/12/29 21:25:57 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Bonanza
[2013/09/28 14:17:12 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\C-Free
[2013/10/15 09:09:33 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\DAEMON Tools Ult
[2013/11/14 16:29:40 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\DAEMON Tools Ultra
[2014/05/20 10:34:40 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\DefaultTab
[2014/01/21 07:29:45 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Design Science
[2013/08/13 14:13:30 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Downloaded Installations
[2014/10/07 09:21:39 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Dropbox
[2014/01/22 08:28:08 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\FileOpen
[2013/12/16 00:04:39 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\FileZilla
[2014/08/18 15:33:56 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\FinalMediaPlayer
[2014/01/23 13:47:53 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\GenuineRegistryDoctor
[2014/10/06 02:11:53 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Hotspot Shield
[2014/01/20 12:58:49 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Joyvy
[2013/10/15 02:49:27 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\MetalPlayer
[2014/02/14 01:00:33 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\MiniGet
[2014/04/12 16:04:39 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Nitro
[2014/06/13 11:44:34 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Nitro PDF
[2014/10/07 22:52:30 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Notepad++
[2014/09/14 03:50:48 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Paltalk
[2013/09/22 01:34:54 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\ShredderChess
[2014/10/08 02:43:47 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Software Informer
[2013/08/07 12:20:22 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Synaptics
[2014/05/17 03:34:40 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\TeamViewer
[2014/01/27 00:38:08 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\texstudio
[2014/02/26 12:44:09 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\The Creative Assembly
[2014/04/03 01:08:24 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Thinstall
[2013/11/14 16:29:50 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\TuneUp Software
[2014/10/08 02:07:22 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\uTorrent
[2014/06/25 04:43:18 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Vodafone
[2014/09/12 21:17:22 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\VolIE
[2014/02/17 16:17:09 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\WebcamMax
[2014/01/31 03:16:48 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\WinZip
[2014/04/30 03:52:03 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Wireshark
[2014/05/26 15:52:37 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Wise Game Booster
[2013/09/24 04:08:01 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Xilinx
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %USERPROFILE%\..|smtmp;true;true;true /FP >
 
< %temp%\smtmp\*.* /s > >
 
< MD5 for: EXPLORER.ADML  >
[2009/07/13 18:51:38 | 000,004,127 | ---- | M] () MD5=11D428A7E849CB86FC03D5CCCBB49BAB -- C:\Windows\PolicyDefinitions\pt-BR\Explorer.adml
[2009/07/13 18:51:38 | 000,004,127 | ---- | M] () MD5=11D428A7E849CB86FC03D5CCCBB49BAB -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_24730c3a385d056d\Explorer.adml
[2009/07/13 18:48:32 | 000,005,858 | ---- | M] () MD5=18E3D562E7E80B329AE5309E368FD567 -- C:\Windows\PolicyDefinitions\ru-RU\Explorer.adml
[2009/07/13 18:48:32 | 000,005,858 | ---- | M] () MD5=18E3D562E7E80B329AE5309E368FD567 -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_6bf7ed6a1cae0375\Explorer.adml
[2010/11/21 02:38:36 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\PolicyDefinitions\en-US\Explorer.adml
[2010/11/21 02:38:36 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_22d6d5b5cba907ce\Explorer.adml
[2009/07/13 18:48:48 | 000,004,323 | ---- | M] () MD5=8B464AD7793D75D23C8A4EAAA337133D -- C:\Windows\PolicyDefinitions\pt-PT\Explorer.adml
[2009/07/13 18:48:48 | 000,004,323 | ---- | M] () MD5=8B464AD7793D75D23C8A4EAAA337133D -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_2554dba637cc7549\Explorer.adml
[2009/07/13 18:43:52 | 000,004,222 | ---- | M] () MD5=8C8B21F6E582CE8E6A903BF78A8F30A4 -- C:\Windows\PolicyDefinitions\pl-PL\Explorer.adml
[2009/07/13 18:43:52 | 000,004,222 | ---- | M] () MD5=8C8B21F6E582CE8E6A903BF78A8F30A4 -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_221f219639d37189\Explorer.adml
[2009/07/13 18:45:34 | 000,005,115 | ---- | M] () MD5=91DBE271E48163962985E79F116E9EBA -- C:\Windows\PolicyDefinitions\ar-SA\Explorer.adml
[2009/07/13 18:45:34 | 000,005,115 | ---- | M] () MD5=91DBE271E48163962985E79F116E9EBA -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_8e37323606a67dee\Explorer.adml
[2009/07/13 18:46:34 | 000,003,899 | ---- | M] () MD5=CCBB9E6634BFB875E7EEC651EE423C7D -- C:\Windows\PolicyDefinitions\da-DK\Explorer.adml
[2009/07/13 18:46:34 | 000,003,899 | ---- | M] () MD5=CCBB9E6634BFB875E7EEC651EE423C7D -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_7cba6a80daf4a76f\Explorer.adml
[2009/07/13 18:51:38 | 000,004,042 | ---- | M] () MD5=D27774F906BAD75420F5C0AC0A31911A -- C:\Windows\PolicyDefinitions\tr-TR\Explorer.adml
[2009/07/13 18:51:38 | 000,004,042 | ---- | M] () MD5=D27774F906BAD75420F5C0AC0A31911A -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_b100222602930fc1\Explorer.adml
 
< MD5 for: EXPLORER.ADMX  >
[2009/06/10 23:34:46 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\PolicyDefinitions\Explorer.admx
[2009/06/10 23:34:46 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\x86_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_1590ffd752297581\Explorer.admx
 
< MD5 for: EXPLORER.BH3  >
[2003/04/19 01:57:40 | 000,014,023 | ---- | M] () MD5=7A8BC9CC3B897C66F90F94952EE1F40E -- C:\Program Files (x86)\Microsoft Games\Rise of Nations\art\explorer.bh3
[2003/04/19 01:57:40 | 000,014,023 | ---- | M] () MD5=7A8BC9CC3B897C66F90F94952EE1F40E -- C:\Program Files\Microsoft Games\Rise of Nations\art\explorer.bh3
 
< MD5 for: EXPLORER.BMP  >
[2001/08/03 10:44:58 | 000,000,886 | ---- | M] () MD5=A69B77C6B94CB3F0AE2077FDEEC2A6CD -- C:\Program Files\WinEdt Team\WinEdt\Bitmaps\Images\Explorer.bmp
[2001/08/03 10:44:58 | 000,001,398 | ---- | M] () MD5=F7347D709D614D76A51526BD430FE961 -- C:\Program Files\WinEdt Team\WinEdt\Bitmaps\Buttons\Explorer.bmp
 
< MD5 for: EXPLORER.EXE  >
[2011/05/13 01:00:16 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010/11/20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/05/13 01:00:16 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\erdnt\cache\explorer.exe
[2011/05/13 01:00:16 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/05/13 01:00:16 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
 
< MD5 for: EXPLORER.EXE.5344.DMP  >
[2014/10/08 01:43:08 | 001,408,513 | ---- | M] () MD5=52A9274C34C81CE607A6252C05B17C22 -- C:\Users\MAGMAM\AppData\Local\CrashDumps\explorer.exe.5344.dmp
 
< MD5 for: EXPLORER.EXE.MUI  >
[2009/07/13 18:43:20 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=3F17C383DA8DB4A20F404BB1F506EC88 -- C:\Windows\tr-TR\explorer.exe.mui
[2009/07/13 18:43:20 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=3F17C383DA8DB4A20F404BB1F506EC88 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_93f229b10bdf6858\explorer.exe.mui
[2009/07/13 18:42:18 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4435076659C5283C7C8019B8F840AF66 -- C:\Windows\th-TH\explorer.exe.mui
[2009/07/13 18:42:18 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4435076659C5283C7C8019B8F840AF66 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_th-th_8fef011d0e6823a8\explorer.exe.mui
[2009/07/13 18:29:40 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=5C2E519A4194C91460DB9550F1EE0ED9 -- C:\Windows\bg-BG\explorer.exe.mui
[2009/07/13 18:29:40 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=5C2E519A4194C91460DB9550F1EE0ED9 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_bg-bg_17691b4a007327dc\explorer.exe.mui
[2009/07/13 18:43:18 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=6934C2A4C47AF9F13639699A09EE2D82 -- C:\Windows\pl-PL\explorer.exe.mui
[2009/07/13 18:43:18 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=6934C2A4C47AF9F13639699A09EE2D82 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_05112921431fca20\explorer.exe.mui
[2009/07/13 18:43:32 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=6FDFAFAAD57AD782AA22E5B68B2A01B7 -- C:\Windows\pt-BR\explorer.exe.mui
[2009/07/13 18:43:32 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=6FDFAFAAD57AD782AA22E5B68B2A01B7 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_076513c541a95e04\explorer.exe.mui
[2009/07/13 18:48:22 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=9FCCBA67F24566B16CD8163FD9256B50 -- C:\Windows\pt-PT\explorer.exe.mui
[2009/07/13 18:48:22 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=9FCCBA67F24566B16CD8163FD9256B50 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_0846e3314118cde0\explorer.exe.mui
[2010/11/21 02:38:27 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\en-US\explorer.exe.mui
[2010/11/21 02:38:27 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_05c8dd40d4f56065\explorer.exe.mui
[2009/07/13 18:42:30 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=C615E52F17720AE29F027EF1E6A31EBA -- C:\Windows\ro-RO\explorer.exe.mui
[2009/07/13 18:42:30 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=C615E52F17720AE29F027EF1E6A31EBA -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_ro-ro_4c81a969277f993c\explorer.exe.mui
[2009/07/13 18:48:08 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=C8A97DC216E7986AF093FB639118D404 -- C:\Windows\ru-RU\explorer.exe.mui
[2009/07/13 18:48:08 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=C8A97DC216E7986AF093FB639118D404 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_4ee9f4f525fa5c0c\explorer.exe.mui
[2009/07/13 18:45:02 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=D237C6B971800772656BD65BD6DCF096 -- C:\Windows\ar-SA\explorer.exe.mui
[2009/07/13 18:45:02 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=D237C6B971800772656BD65BD6DCF096 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_712939c10ff2d685\explorer.exe.mui
[2009/07/13 18:46:10 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=D51032E556CC1CE31308EAA666F23D07 -- C:\Windows\da-DK\explorer.exe.mui
[2009/07/13 18:46:10 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=D51032E556CC1CE31308EAA666F23D07 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_5fac720be4410006\explorer.exe.mui
 
< MD5 for: EXPLORER.EXE-A80E4F97.PF  >
[2014/10/07 23:27:16 | 000,049,488 | ---- | M] () MD5=A3BCBC89228E9E1BEF7A23D2709A87AA -- C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
 
< MD5 for: EXPLORER.TGA  >
[2003/04/19 01:57:40 | 000,016,115 | ---- | M] () MD5=7257E1D90C422A75F20E1FFEFB959889 -- C:\Program Files (x86)\Microsoft Games\Rise of Nations\art\explorer.tga
[2003/04/19 01:57:40 | 000,016,115 | ---- | M] () MD5=7257E1D90C422A75F20E1FFEFB959889 -- C:\Program Files\Microsoft Games\Rise of Nations\art\explorer.tga
 
< MD5 for: EXPLORER.ZIP  >
[2009/06/04 05:15:06 | 000,020,394 | ---- | M] () MD5=B469409C2B2A33C542190B720E11BD79 -- C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip
[2009/06/03 19:15:06 | 000,020,394 | ---- | M] () MD5=B469409C2B2A33C542190B720E11BD79 -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip
 
< MD5 for: IEXPLORE.EXE  >
[2014/03/08 03:59:00 | 000,811,728 | ---- | M] (Microsoft Corporation) MD5=0667ED9F8E905E1F73DB60ACCEDCBCA7 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17041_none_1f1cb5860a5394ee\iexplore.exe
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\iexplore.exe
[2013/06/12 02:23:57 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2013/08/03 10:37:20 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16635_none_ba672fa865e3902d\iexplore.exe
[2013/05/29 05:32:47 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=33E62E4EFC2ACA8EC63A8926F26D3889 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20606_none_b1da3f12e114fd0b\iexplore.exe
[2013/08/10 06:18:11 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=37287D98A1BF5D56AA729CEB9B27C6B1 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_ba6c1a5265df2881\iexplore.exe
[2014/03/02 00:02:17 | 000,808,152 | ---- | M] (Microsoft Corporation) MD5=3A3BEA53F039CE2E997A918E26E30B1D -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16521_none_1ee4a3700a7df0ce\iexplore.exe
[2014/02/07 00:24:01 | 000,808,152 | ---- | M] (Microsoft Corporation) MD5=4263F6C131E513CEA1AE82B5B81A4E1A -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16518_none_1ee303ae0a7f8ade\iexplore.exe
[2013/08/10 07:13:42 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=48A1306191216997F717C451B8D15139 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20794_none_a394d1a47f8d8a3c\iexplore.exe
[2014/06/02 06:43:13 | 000,812,248 | ---- | M] (Microsoft Corporation) MD5=60F88F6CA6303E8273AF7AAA9AAFECAC -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17126_none_1f0f731e0a5dfe56\iexplore.exe
[2013/07/26 05:49:06 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=7BA1862B8A5698DC5FCFDFF3BC359DE9 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16660_none_ba6aa26e65e05c0d\iexplore.exe
[2011/05/13 00:56:29 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_b135ff17c80c1949\iexplore.exe
[2013/10/12 09:16:06 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=9DFE1678738DD968D7BA5559B52706D1 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_a384a5267f9a8dfe\iexplore.exe
[2010/11/20 23:29:33 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_b5780d7c8309d95c\iexplore.exe
[2013/11/29 15:59:40 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\erdnt\cache\iexplore.exe
[2013/11/29 15:59:40 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_1eeed3e40a768844\iexplore.exe
[2014/06/20 21:39:54 | 000,812,216 | ---- | M] (Microsoft Corporation) MD5=CD900EFB4F8946A2BB1950D9F45915C2 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17207_none_1f028bd60a68013a\iexplore.exe
[2014/08/01 01:16:35 | 000,812,224 | ---- | M] (Microsoft Corporation) MD5=CDF01A5C7927786A708EAEE91F14797B -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17239_none_1f055f240a658081\iexplore.exe
[2013/09/23 01:54:30 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=D6B7DDB68436F13C3CAE2B92524F1FEC -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_ba5bba9265ec2c43\iexplore.exe
[2013/10/12 09:44:13 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=D7D5768B8A697FCBAEE2CFE137070F02 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_ba5c48f465ebc5bf\iexplore.exe
[2013/09/23 02:01:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=DB352EBF77E8655E0C46B6923F3C9950 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_a38444547f9ac140\iexplore.exe
[2013/07/26 07:09:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=E70D60B3A350BD09D86CDAD9CF55F36B -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20768_none_a39175a67f90a4bb\iexplore.exe
[2013/05/29 04:24:32 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=EE12BA876C4190532A4085994BA9B616 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16496_none_b0ef5115c8405b93\iexplore.exe
[2014/08/19 19:39:25 | 000,812,216 | ---- | M] (Microsoft Corporation) MD5=EEA63B8CF19E59C4A51AD2D9A59DDA25 -- C:\Program Files\Internet Explorer\iexplore.exe
[2014/08/19 19:39:25 | 000,812,216 | ---- | M] (Microsoft Corporation) MD5=EEA63B8CF19E59C4A51AD2D9A59DDA25 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17280_none_1f0b2d9e0a60188b\iexplore.exe
 
< MD5 for: IEXPLORE.EXE.MUI  >
[2013/11/29 16:02:23 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=0932AA1AD993263E2E56F3B56CD3B9DD -- C:\Program Files\Internet Explorer\tr-TR\iexplore.exe.mui
[2013/11/29 16:02:23 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=0932AA1AD993263E2E56F3B56CD3B9DD -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_tr-tr_a6c4b5cb790dd11e\iexplore.exe.mui
[2013/11/29 16:14:43 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=09B21C551BD19C9A11026B198A064B31 -- C:\Program Files\Internet Explorer\th-TH\iexplore.exe.mui
[2013/11/29 16:14:43 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=09B21C551BD19C9A11026B198A064B31 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_th-th_a2c18d377b968c6e\iexplore.exe.mui
[2013/11/29 15:59:42 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013/11/29 15:59:42 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_189b695b4223c92b\iexplore.exe.mui
[2009/07/13 17:41:20 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=0EF97FB20FD19F9FDB175948E68800C1 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_pl-pl_ae6ceed428e183fe\iexplore.exe.mui
[2009/07/13 17:33:10 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=12C68FA60C64C2A5256BB945D3D2EFB8 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_th-th_394ac6cff429dd86\iexplore.exe.mui
[2013/11/29 16:13:12 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=2AEF0D19FCA781DE91ADCB75D48FE897 -- C:\Program Files\Internet Explorer\ru-RU\iexplore.exe.mui
[2013/11/29 16:13:12 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=2AEF0D19FCA781DE91ADCB75D48FE897 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_ru-ru_61bc810f9328c4d2\iexplore.exe.mui
[2009/07/13 17:35:30 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=3C6ACA369FFF1767AB30D03A23976F94 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_bg-bg_c0c4e0fce634e1ba\iexplore.exe.mui
[2011/05/13 00:56:29 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_aae2948effb95a30\iexplore.exe.mui
[2009/07/13 17:49:40 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=4F5AB163F1D2026CF41EB1C44CD70F21 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_pt-br_b0c0d978276b17e2\iexplore.exe.mui
[2013/11/29 16:10:11 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=5EA584A09C5A9F7C1F122B8D758B8C1D -- C:\Program Files\Internet Explorer\da-DK\iexplore.exe.mui
[2013/11/29 16:10:11 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=5EA584A09C5A9F7C1F122B8D758B8C1D -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_da-dk_727efe26516f68cc\iexplore.exe.mui
[2009/07/13 17:49:02 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=6A3BEAC445371FE174ED49664E8DB86F -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_tr-tr_3d4def63f1a12236\iexplore.exe.mui
[2009/07/13 17:37:04 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=6A4942DE97D5C7053B0174EC820F0F60 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_da-dk_090837beca02b9e4\iexplore.exe.mui
[2013/11/29 16:05:36 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=79A9B3211174D45EEC11ED5611EE965D -- C:\Program Files\Internet Explorer\pl-PL\iexplore.exe.mui
[2013/11/29 16:05:36 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=79A9B3211174D45EEC11ED5611EE965D -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_pl-pl_17e3b53bb04e32e6\iexplore.exe.mui
[2009/07/13 17:39:54 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=7E597787327BCC4F5EF5ACED68146DC6 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_pt-pt_b1a2a8e426da87be\iexplore.exe.mui
[2013/03/30 12:11:20 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2013/08/03 10:37:20 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_b41defe19d893548\iexplore.exe.mui
[2009/07/13 17:32:32 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=9237D5B1F00C05B7AD88D559A6F73377 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_ro-ro_f5dd6f1c0d41531a\iexplore.exe.mui
[2009/07/13 17:39:10 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=9A35E917E4B5C27A51B756BAF7D7F815 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_ru-ru_f845baa80bbc15ea\iexplore.exe.mui
[2013/11/29 16:03:54 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=A477F8F74F549BBF798E2DB193EB0DBB -- C:\Program Files\Internet Explorer\pt-PT\iexplore.exe.mui
[2013/11/29 16:03:54 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=A477F8F74F549BBF798E2DB193EB0DBB -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_pt-pt_1b196f4bae4736a6\iexplore.exe.mui
[2013/11/29 16:15:17 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=A8A118655EAAC902111CC859B56A1B20 -- C:\Program Files\Internet Explorer\bg-BG\iexplore.exe.mui
[2013/11/29 16:15:17 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=A8A118655EAAC902111CC859B56A1B20 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_bg-bg_2a3ba7646da190a2\iexplore.exe.mui
[2013/11/29 16:11:51 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=AA961A309B4A5E877E2EF217EE4097A1 -- C:\Program Files\Internet Explorer\ro-RO\iexplore.exe.mui
[2013/11/29 16:11:51 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=AA961A309B4A5E877E2EF217EE4097A1 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_ro-ro_5f54358394ae0202\iexplore.exe.mui
[2013/11/29 16:08:43 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=AC01ED6E0675DD94EB7A0CA60BECF933 -- C:\Program Files\Internet Explorer\pt-BR\iexplore.exe.mui
[2013/11/29 16:08:43 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=AC01ED6E0675DD94EB7A0CA60BECF933 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_pt-br_1a379fdfaed7c6ca\iexplore.exe.mui
[2009/07/13 17:35:22 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=E744B41E15F382EE38057D5559574DF8 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_ar-sa_1a84ff73f5b49063\iexplore.exe.mui
[2009/07/14 04:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_af24a2f3bab71a43\iexplore.exe.mui
[2014/05/03 17:18:16 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FDC8BC1FF3993673FD148FD1119FE78E -- C:\Program Files\Internet Explorer\ar-SA\iexplore.exe.mui
[2014/05/03 17:18:16 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FDC8BC1FF3993673FD148FD1119FE78E -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_ar-sa_83fbc5db7d213f4b\iexplore.exe.mui
 
< MD5 for: IEXPLORE.EXE-908C99F8.PF  >
[2014/10/07 22:34:32 | 000,070,976 | ---- | M] () MD5=5323255CDFF1AFB1894BE15AF498E4BC -- C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf
 
< MD5 for: SERVICES  >
[2013/06/05 19:48:34 | 002,557,368 | ---- | M] () MD5=0BD54F76704E0E4302947C6D531C6297 -- C:\Program Files (x86)\Wireshark\services
[2014/04/20 19:03:18 | 000,930,834 | ---- | M] () MD5=3F8D39D7F13AC4D479BED1C1D456E013 -- C:\Program Files\Wireshark\services
[2009/06/10 23:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009/06/10 23:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services
 
< MD5 for: SERVICES.EXE  >
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\erdnt\cache\services.exe
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
 
< MD5 for: SERVICES.EXE.MUI  >
[2010/11/21 02:38:26 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2010/11/21 02:38:26 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui
[2009/07/13 18:47:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0F006BAEB5F7BF8128B634046B6AFC20 -- C:\Windows\System32\ru-RU\services.exe.mui
[2009/07/13 18:47:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0F006BAEB5F7BF8128B634046B6AFC20 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_b2f4b4eed84dbed9\services.exe.mui
[2009/07/13 18:41:32 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=13D87E1A0FCE47C4743C2DED1F569F52 -- C:\Windows\System32\ro-RO\services.exe.mui
[2009/07/13 18:41:32 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=13D87E1A0FCE47C4743C2DED1F569F52 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ro-ro_b08c6962d9d2fc09\services.exe.mui
[2009/07/13 18:29:26 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=246EC174DA214349EF15DC8183BFE32D -- C:\Windows\System32\bg-BG\services.exe.mui
[2009/07/13 18:29:26 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=246EC174DA214349EF15DC8183BFE32D -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_bg-bg_7b73db43b2c68aa9\services.exe.mui
[2009/07/13 18:43:52 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=33F631CFD6AEBF0F4EA34E7AA7484CEF -- C:\Windows\System32\da-DK\services.exe.mui
[2009/07/13 18:43:52 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=33F631CFD6AEBF0F4EA34E7AA7484CEF -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_c3b73205969462d3\services.exe.mui
[2009/07/13 18:34:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6826E85A4586EFAC6121261AA68CAC3C -- C:\Windows\System32\th-TH\services.exe.mui
[2009/07/13 18:34:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6826E85A4586EFAC6121261AA68CAC3C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_th-th_f3f9c116c0bb8675\services.exe.mui
[2009/07/13 18:44:10 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=6D8E63A4DB8C1761AD4440C7D1818CF4 -- C:\Windows\System32\ar-SA\services.exe.mui
[2009/07/13 18:44:10 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=6D8E63A4DB8C1761AD4440C7D1818CF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_d533f9bac2463952\services.exe.mui
[2009/07/13 18:50:14 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=A23ED3C2245080D27C9ED860C2837B42 -- C:\Windows\System32\pl-PL\services.exe.mui
[2009/07/13 18:50:14 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=A23ED3C2245080D27C9ED860C2837B42 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_691be91af5732ced\services.exe.mui
[2009/07/13 18:47:30 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B8C084BB518768C7F4B8428A51686D55 -- C:\Windows\System32\pt-PT\services.exe.mui
[2009/07/13 18:47:30 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B8C084BB518768C7F4B8428A51686D55 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_6c51a32af36c30ad\services.exe.mui
[2009/07/13 18:42:32 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=C92BECF5C5A6E982E4005445183F604F -- C:\Windows\System32\tr-TR\services.exe.mui
[2009/07/13 18:42:32 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=C92BECF5C5A6E982E4005445183F604F -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_f7fce9aabe32cb25\services.exe.mui
[2009/07/13 18:42:32 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=DF8309CE62330C8D8AFBAA936531DA93 -- C:\Windows\System32\pt-BR\services.exe.mui
[2009/07/13 18:42:32 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=DF8309CE62330C8D8AFBAA936531DA93 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_6b6fd3bef3fcc0d1\services.exe.mui
 
< MD5 for: SERVICES.FRM  >
[2012/09/21 17:12:26 | 000,008,820 | ---- | M] () MD5=DCEB8781CA633992CB031D74110A604E -- C:\Program Files (x86)\ManageEngine\OpManager\mysql\data\opmanagerdb\services.frm
 
< MD5 for: SERVICES.LNK  >
[2009/07/14 06:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 06:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
 
< MD5 for: SERVICES.M  >
[2008/11/10 21:53:30 | 000,024,015 | ---- | M] () MD5=31ECE8300894A8BBD2B512625FC85011 -- C:\Program Files\Wolfram Research\Mathematica\7.0\SystemFiles\Autoload\PacletManager\Kernel\Services.m
 
< MD5 for: SERVICES.MOF  >
[2009/06/10 23:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/10 23:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof
 
< MD5 for: SERVICES.MSC  >
[2009/07/13 18:36:10 | 000,092,790 | ---- | M] () MD5=20037594600FF469A209FA3465ECBA8A -- C:\Windows\System32\ru-RU\services.msc
[2009/07/13 18:36:10 | 000,092,790 | ---- | M] () MD5=20037594600FF469A209FA3465ECBA8A -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_ed3684daaeb758cc\services.msc
[2009/07/13 18:41:10 | 000,092,751 | ---- | M] () MD5=45061F4B05648B0549C709E431A9D33F -- C:\Windows\System32\da-DK\services.msc
[2009/07/13 18:41:10 | 000,092,751 | ---- | M] () MD5=45061F4B05648B0549C709E431A9D33F -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_fdf901f16cfdfcc6\services.msc
[2010/11/21 02:38:25 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2010/11/21 02:38:25 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
[2009/07/13 18:40:10 | 000,092,781 | ---- | M] () MD5=8AE3EDA71772B6C307111DCC9336F8C8 -- C:\Windows\System32\ar-SA\services.msc
[2009/07/13 18:40:10 | 000,092,781 | ---- | M] () MD5=8AE3EDA71772B6C307111DCC9336F8C8 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_0f75c9a698afd345\services.msc
[2009/07/13 18:45:44 | 000,092,758 | ---- | M] () MD5=A513B67E9C7A17FEE1126FDD0677434E -- C:\Windows\System32\tr-TR\services.msc
[2009/07/13 18:45:44 | 000,092,758 | ---- | M] () MD5=A513B67E9C7A17FEE1126FDD0677434E -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_323eb996949c6518\services.msc
[2009/07/13 18:37:46 | 000,092,756 | ---- | M] () MD5=C32B37F3C50BF058FC4860267DB4CD56 -- C:\Windows\System32\pl-PL\services.msc
[2009/07/13 18:37:46 | 000,092,756 | ---- | M] () MD5=C32B37F3C50BF058FC4860267DB4CD56 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_a35db906cbdcc6e0\services.msc
[2009/07/13 18:44:26 | 000,092,750 | ---- | M] () MD5=D10CEC9EE745D47F175851A96897BA51 -- C:\Windows\System32\pt-PT\services.msc
[2009/07/13 18:44:26 | 000,092,750 | ---- | M] () MD5=D10CEC9EE745D47F175851A96897BA51 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_a6937316c9d5caa0\services.msc
[2009/07/13 18:46:26 | 000,092,750 | ---- | M] () MD5=D2C49D7047664C51A9183D4A34C9008C -- C:\Windows\System32\pt-BR\services.msc
[2009/07/13 18:46:26 | 000,092,750 | ---- | M] () MD5=D2C49D7047664C51A9183D4A34C9008C -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_a5b1a3aaca665ac4\services.msc
 
< MD5 for: SERVICES.PNG  >
[2012/07/04 14:15:54 | 000,001,772 | ---- | M] () MD5=A2543F2B616F782FFB08BD76F89EE544 -- C:\Program Files (x86)\ManageEngine\OpManager\webclient\devices\images\Services.png
 
< MD5 for: SERVICES.PTXML  >
[2009/07/13 22:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/13 22:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml
 
< MD5 for: SERVICES.TICO  >
[2009/09/25 14:00:00 | 000,002,038 | ---- | M] () MD5=D669B1B2EBE288A61680C3C863828D28 -- C:\Program Files\AVG\AVG PC TuneUp\data\services.tico
 
< MD5 for: SERVICES.XML  >
[2012/07/04 14:15:56 | 000,000,588 | ---- | M] () MD5=560829A05258CE86EE5517B5AE30CFEC -- C:\Program Files (x86)\ManageEngine\OpManager\conf\services.xml
 
< MD5 for: WINLOGON.ADML  >
[2009/07/13 18:39:58 | 000,013,486 | ---- | M] () MD5=0C0FE7ABF455EC3BCBE3EE70EE01E948 -- C:\Windows\PolicyDefinitions\ru-RU\WinLogon.adml
[2009/07/13 18:39:58 | 000,013,486 | ---- | M] () MD5=0C0FE7ABF455EC3BCBE3EE70EE01E948 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_ddfb7f5f8f3a8ae1\WinLogon.adml
[2009/07/13 18:43:58 | 000,012,218 | ---- | M] () MD5=110C3B16C987CCCE651A623DF8943DEE -- C:\Windows\PolicyDefinitions\ar-SA\WinLogon.adml
[2009/07/13 18:43:58 | 000,012,218 | ---- | M] () MD5=110C3B16C987CCCE651A623DF8943DEE -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_003ac42b7933055a\WinLogon.adml
[2009/07/13 18:49:50 | 000,009,285 | ---- | M] () MD5=24253B0728C6EFB515839DBF8E74DF3F -- C:\Windows\PolicyDefinitions\pl-PL\WinLogon.adml
[2009/07/13 18:49:50 | 000,009,285 | ---- | M] () MD5=24253B0728C6EFB515839DBF8E74DF3F -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_9422b38bac5ff8f5\WinLogon.adml
[2009/07/13 18:40:52 | 000,009,721 | ---- | M] () MD5=392A832C05008717B119B1A156C836B8 -- C:\Windows\PolicyDefinitions\pt-PT\WinLogon.adml
[2009/07/13 18:40:52 | 000,009,721 | ---- | M] () MD5=392A832C05008717B119B1A156C836B8 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_97586d9baa58fcb5\WinLogon.adml
[2009/07/13 18:44:54 | 000,008,821 | ---- | M] () MD5=39FE1BDAD812A44C3003778EC1DDB269 -- C:\Windows\PolicyDefinitions\da-DK\WinLogon.adml
[2009/07/13 18:44:54 | 000,008,821 | ---- | M] () MD5=39FE1BDAD812A44C3003778EC1DDB269 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_eebdfc764d812edb\WinLogon.adml
[2009/07/13 18:50:40 | 000,008,891 | ---- | M] () MD5=498099F2EFD6B1499575582C58B87D34 -- C:\Windows\PolicyDefinitions\pt-BR\WinLogon.adml
[2009/07/13 18:50:40 | 000,008,891 | ---- | M] () MD5=498099F2EFD6B1499575582C58B87D34 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_96769e2faae98cd9\WinLogon.adml
[2010/11/21 02:38:36 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\PolicyDefinitions\en-US\WinLogon.adml
[2010/11/21 02:38:36 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_94da67ab3e358f3a\WinLogon.adml
[2009/07/13 18:49:50 | 000,009,229 | ---- | M] () MD5=ED7BD76407AA339F2A4D2532884D0255 -- C:\Windows\PolicyDefinitions\tr-TR\WinLogon.adml
[2009/07/13 18:49:50 | 000,009,229 | ---- | M] () MD5=ED7BD76407AA339F2A4D2532884D0255 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_2303b41b751f972d\WinLogon.adml
 
< MD5 for: WINLOGON.ADMX  >
[2009/06/10 23:43:18 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\PolicyDefinitions\WinLogon.admx
[2009/06/10 23:43:18 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_7ae3b2e5da95d117\WinLogon.admx
 
< MD5 for: WINLOGON.EXE  >
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2010/11/20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\erdnt\cache\winlogon.exe
[2010/11/20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2014/03/04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\System32\winlogon.exe
[2014/03/04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014/03/04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
 
< MD5 for: WINLOGON.EXE.MUI  >
[2010/11/20 04:47:30 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=01C32D1482344A54336F63095AD0318B -- C:\Windows\System32\tr-TR\winlogon.exe.mui
[2010/11/20 04:47:30 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=01C32D1482344A54336F63095AD0318B -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_tr-tr_5b2947e699429338\winlogon.exe.mui
[2010/11/20 04:35:46 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=23EA2D4C545ED87E2F2063B558F0C6AB -- C:\Windows\System32\ro-RO\winlogon.exe.mui
[2010/11/20 04:35:46 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=23EA2D4C545ED87E2F2063B558F0C6AB -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_ro-ro_13b8c79eb4e2c41c\winlogon.exe.mui
[2010/11/20 04:33:58 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=457F07AB81E9245CB30605D8507A33CA -- C:\Windows\System32\da-DK\winlogon.exe.mui
[2010/11/20 04:33:58 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=457F07AB81E9245CB30605D8507A33CA -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_da-dk_26e3904171a42ae6\winlogon.exe.mui
[2010/11/21 02:38:25 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=65C2C2EE8F334EE07F66876551DE1827 -- C:\Windows\System32\en-US\winlogon.exe.mui
[2010/11/21 02:38:25 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=65C2C2EE8F334EE07F66876551DE1827 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_en-us_ccfffb7662588b45\winlogon.exe.mui
[2010/11/20 04:55:58 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=713FA5D57583A7F08628371497E92E64 -- C:\Windows\System32\pt-BR\winlogon.exe.mui
[2010/11/20 04:55:58 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=713FA5D57583A7F08628371497E92E64 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_pt-br_ce9c31facf0c88e4\winlogon.exe.mui
[2010/11/20 04:46:24 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=7BD4B15378DA488B8CD51EED275447D4 -- C:\Windows\System32\ru-RU\winlogon.exe.mui
[2010/11/20 04:46:24 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=7BD4B15378DA488B8CD51EED275447D4 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_ru-ru_1621132ab35d86ec\winlogon.exe.mui
[2010/11/20 04:46:32 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=B11892C84B25EAD09065E948C509A63E -- C:\Windows\System32\pt-PT\winlogon.exe.mui
[2010/11/20 04:46:32 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=B11892C84B25EAD09065E948C509A63E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_pt-pt_cf7e0166ce7bf8c0\winlogon.exe.mui
[2010/11/20 04:33:56 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=B32EA0DCF202619AA9670D2ED72F22FA -- C:\Windows\System32\bg-BG\winlogon.exe.mui
[2010/11/20 04:33:56 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=B32EA0DCF202619AA9670D2ED72F22FA -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_bg-bg_dea0397f8dd652bc\winlogon.exe.mui
[2010/11/20 04:35:46 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=BB7EE60E5D03373F049EF9716E96BC2E -- C:\Windows\System32\th-TH\winlogon.exe.mui
[2010/11/20 04:35:46 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=BB7EE60E5D03373F049EF9716E96BC2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_th-th_57261f529bcb4e88\winlogon.exe.mui
[2010/11/20 04:35:38 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=DD149ED9747AE77AF6220E0BC25AF64F -- C:\Windows\System32\ar-SA\winlogon.exe.mui
[2010/11/20 04:35:38 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=DD149ED9747AE77AF6220E0BC25AF64F -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_ar-sa_386057f69d560165\winlogon.exe.mui
[2010/11/20 04:40:38 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=FCDB1BB88BFFB01B8744825524F7F41D -- C:\Windows\System32\pl-PL\winlogon.exe.mui
[2010/11/20 04:40:38 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=FCDB1BB88BFFB01B8744825524F7F41D -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_pl-pl_cc484756d082f500\winlogon.exe.mui
 
< MD5 for: WINLOGON.MFL  >
[2009/07/13 18:42:28 | 000,001,080 | ---- | M] () MD5=02345C56B022772AA29A6D249CBDDF62 -- C:\Windows\System32\wbem\pt-PT\winlogon.mfl
[2009/07/13 18:42:28 | 000,001,080 | ---- | M] () MD5=02345C56B022772AA29A6D249CBDDF62 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_2b0f3f69ecc5cebb\winlogon.mfl
[2010/11/21 02:38:26 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\System32\wbem\en-US\winlogon.mfl
[2010/11/21 02:38:26 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_2891397980a26140\winlogon.mfl
[2009/07/13 18:42:46 | 000,001,080 | ---- | M] () MD5=29D2D7CADA55AF5A1AC8B80FC9D75371 -- C:\Windows\System32\wbem\ro-RO\winlogon.mfl
[2009/07/13 18:42:46 | 000,001,080 | ---- | M] () MD5=29D2D7CADA55AF5A1AC8B80FC9D75371 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_ro-ro_6f4a05a1d32c9a17\winlogon.mfl
[2009/07/13 18:51:26 | 000,001,080 | ---- | M] () MD5=43DFDBFDFB7703B4E0E1533766E0C9C7 -- C:\Windows\System32\wbem\pl-PL\winlogon.mfl
[2009/07/13 18:51:26 | 000,001,080 | ---- | M] () MD5=43DFDBFDFB7703B4E0E1533766E0C9C7 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_27d98559eecccafb\winlogon.mfl
[2009/07/13 18:38:44 | 000,001,080 | ---- | M] () MD5=5EA7D2D62B1125D9E9D17AD55F86C1DD -- C:\Windows\System32\wbem\da-DK\winlogon.mfl
[2009/07/13 18:38:44 | 000,001,080 | ---- | M] () MD5=5EA7D2D62B1125D9E9D17AD55F86C1DD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_8274ce448fee00e1\winlogon.mfl
[2009/07/13 18:43:20 | 000,001,080 | ---- | M] () MD5=7692E2CEBFFA255EC64C28299416665F -- C:\Windows\System32\wbem\tr-TR\winlogon.mfl
[2009/07/13 18:43:20 | 000,001,080 | ---- | M] () MD5=7692E2CEBFFA255EC64C28299416665F -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_b6ba85e9b78c6933\winlogon.mfl
[2009/07/13 18:51:48 | 000,001,080 | ---- | M] () MD5=A728BE28643DDDCDA8D9A0477A28CB0E -- C:\Windows\System32\wbem\pt-BR\winlogon.mfl
[2009/07/13 18:51:48 | 000,001,080 | ---- | M] () MD5=A728BE28643DDDCDA8D9A0477A28CB0E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_2a2d6ffded565edf\winlogon.mfl
[2009/07/13 18:41:22 | 000,001,080 | ---- | M] () MD5=AC3DB6214BE53F6D948067FDFAEA8467 -- C:\Windows\System32\wbem\ru-RU\winlogon.mfl
[2009/07/13 18:41:22 | 000,001,080 | ---- | M] () MD5=AC3DB6214BE53F6D948067FDFAEA8467 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_71b2512dd1a75ce7\winlogon.mfl
[2009/07/13 18:35:34 | 000,001,080 | ---- | M] () MD5=B992736896EF493AA07E4A9F1E11BE51 -- C:\Windows\System32\wbem\th-TH\winlogon.mfl
[2009/07/13 18:35:34 | 000,001,080 | ---- | M] () MD5=B992736896EF493AA07E4A9F1E11BE51 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_th-th_b2b75d55ba152483\winlogon.mfl
[2009/07/13 18:37:50 | 000,001,080 | ---- | M] () MD5=D3EFBC11EEB056EA49C066DD5ABCF0F2 -- C:\Windows\System32\wbem\ar-SA\winlogon.mfl
[2009/07/13 18:37:50 | 000,001,080 | ---- | M] () MD5=D3EFBC11EEB056EA49C066DD5ABCF0F2 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_93f195f9bb9fd760\winlogon.mfl
[2009/07/13 18:32:36 | 000,001,080 | ---- | M] () MD5=EBFDF32FB385DB23B47F99B5D1841759 -- C:\Windows\System32\wbem\bg-BG\winlogon.mfl
[2009/07/13 18:32:36 | 000,001,080 | ---- | M] () MD5=EBFDF32FB385DB23B47F99B5D1841759 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_bg-bg_3a317782ac2028b7\winlogon.mfl
 
< MD5 for: WINLOGON.MOF  >
[2009/07/13 22:37:34 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\System32\wbem\winlogon.mof
[2009/07/13 22:37:34 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_800f1ff3d73b72d9\winlogon.mof
 
< %SYSTEMDRIVE%\*.* >
[2009/06/10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/07/14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2014/01/21 22:21:58 | 000,054,606 | ---- | M] () -- C:\ComboFix.txt
[2009/06/10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2014/09/14 03:44:25 | 000,000,748 | ---- | M] () -- C:\console.log
[2014/10/06 02:45:38 | 000,000,009 | ---- | M] () -- C:\END
[2007/11/07 18:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 18:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 18:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 18:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 18:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 18:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 18:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 18:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 18:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2012/10/08 01:26:43 | 000,000,876 | ---- | M] () -- C:\Exe.reg
[2014/09/16 18:03:43 | 000,004,238 | ---- | M] () -- C:\GingerSetup.log
[2014/09/16 18:03:43 | 000,029,326 | ---- | M] () -- C:\GingerSetupHelper.log
[2007/11/07 18:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2014/01/14 13:29:56 | 000,001,054 | ---- | M] () -- C:\GSview 4.6.LNK
[2014/10/07 09:18:47 | 2370,592,768 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 18:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 18:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 18:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 18:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 18:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 18:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 18:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 18:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 18:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 18:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2014/10/08 01:49:47 | 402,935,807 | -HS- | M] () -- C:\pagefile.sys
[2013/05/19 22:12:52 | 000,312,273 | ---- | M] () -- C:\Section 1.rar
[2012/11/30 18:19:27 | 000,000,360 | ---- | M] () -- C:\SetSearchAndHomepageInBrowserLog.txt
[2013/08/03 23:20:15 | 339,909,456 | ---- | M] (Hewlett Packard Company                                     ) -- C:\sp55947.exe
[2013/08/04 21:57:41 | 090,242,800 | ---- | M] (Hewlett Packard                                             ) -- C:\sp56282.exe
[2012/10/22 03:58:25 | 000,001,392 | ---- | M] () -- C:\user.js
[2007/11/07 18:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 18:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 18:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
 
< %systemroot%\Fonts\*.com >
[2009/07/14 06:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 06:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 06:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 06:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
 
< %systemroot%\Fonts\*.dll >
 
< %systemroot%\Fonts\*.ini >
[2009/06/10 23:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
 
< %systemroot%\Fonts\*.ini2 >
 
< %systemroot%\Fonts\*.exe >
 
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/07/14 03:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll
[2010/11/20 23:29:21 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\winprint.dll
 
< %systemroot%\REPAIR\*.bak1 >
 
< %systemroot%\REPAIR\*.ini >
 
< %systemroot%\system32\*.jpg >
 
< %systemroot%\*.jpg >
 
< %systemroot%\*.png >
 
< %systemroot%\*.scr >
 
< %systemroot%\*._sy >
 
< %APPDATA%\Adobe\Update\*.* >
 
< %ALLUSERSPROFILE%\Favorites\*.* >
 
< %APPDATA%\Microsoft\*.* >
 
< %PROGRAMFILES%\*.* >
[2009/07/14 06:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
 
< %APPDATA%\Update\*.* >
 
< %systemroot%\*. /mp /s >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C has no label.
 Volume Serial Number is 62CB-5226
 Directory of C:\
07/14/2009  06:53 AM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 Directory of C:\Program Files (x86)\Evernote
05/05/2011  03:06 AM    <SYMLINKD>     Evernote3.5 [C:\Program Files (x86)\Evernote\Evernote]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
07/14/2009  06:53 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009  06:53 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009  06:53 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009  06:53 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009  06:53 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009  06:53 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users
07/14/2009  06:53 AM    <SYMLINKD>     All Users [C:\ProgramData]
07/14/2009  06:53 AM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\123321
01/14/2014  10:32 AM    <JUNCTION>     Application Data [C:\Users\123321\AppData\Roaming]
01/14/2014  10:32 AM    <JUNCTION>     Cookies [C:\Users\123321\AppData\Roaming\Microsoft\Windows\Cookies]
01/14/2014  10:32 AM    <JUNCTION>     Local Settings [C:\Users\123321\AppData\Local]
01/14/2014  10:32 AM    <JUNCTION>     My Documents [C:\Users\123321\Documents]
01/14/2014  10:32 AM    <JUNCTION>     NetHood [C:\Users\123321\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/14/2014  10:32 AM    <JUNCTION>     PrintHood [C:\Users\123321\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/14/2014  10:32 AM    <JUNCTION>     Recent [C:\Users\123321\AppData\Roaming\Microsoft\Windows\Recent]
01/14/2014  10:32 AM    <JUNCTION>     SendTo [C:\Users\123321\AppData\Roaming\Microsoft\Windows\SendTo]
01/14/2014  10:32 AM    <JUNCTION>     Start Menu [C:\Users\123321\AppData\Roaming\Microsoft\Windows\Start Menu]
01/14/2014  10:32 AM    <JUNCTION>     Templates [C:\Users\123321\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\123321\AppData\Local
01/14/2014  10:32 AM    <JUNCTION>     Application Data [C:\Users\123321\AppData\Local]
01/14/2014  10:32 AM    <JUNCTION>     History [C:\Users\123321\AppData\Local\Microsoft\Windows\History]
01/14/2014  10:32 AM    <JUNCTION>     Temporary Internet Files [C:\Users\123321\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\123321\Documents
01/14/2014  10:32 AM    <JUNCTION>     My Music [C:\Users\123321\Music]
01/14/2014  10:32 AM    <JUNCTION>     My Pictures [C:\Users\123321\Pictures]
01/14/2014  10:32 AM    <JUNCTION>     My Videos [C:\Users\123321\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
07/14/2009  06:53 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009  06:53 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009  06:53 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009  06:53 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009  06:53 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009  06:53 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default
07/14/2009  06:53 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009  06:53 AM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
07/14/2009  06:53 AM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
07/14/2009  06:53 AM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009  06:53 AM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009  06:53 AM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009  06:53 AM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009  06:53 AM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009  06:53 AM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
07/14/2009  06:53 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
07/14/2009  06:53 AM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009  06:53 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
07/14/2009  06:53 AM    <JUNCTION>     My Music [C:\Users\Default\Music]
07/14/2009  06:53 AM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
07/14/2009  06:53 AM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\MAGMAM
08/02/2013  01:25 PM    <JUNCTION>     Application Data [C:\Users\MAGMAM\AppData\Roaming]
08/02/2013  01:25 PM    <JUNCTION>     Cookies [C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Cookies]
08/02/2013  01:25 PM    <JUNCTION>     Local Settings [C:\Users\MAGMAM\AppData\Local]
08/02/2013  01:25 PM    <JUNCTION>     My Documents [C:\Users\MAGMAM\Documents]
08/02/2013  01:25 PM    <JUNCTION>     NetHood [C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08/02/2013  01:25 PM    <JUNCTION>     PrintHood [C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/02/2013  01:25 PM    <JUNCTION>     Recent [C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Recent]
08/02/2013  01:25 PM    <JUNCTION>     SendTo [C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\SendTo]
08/02/2013  01:25 PM    <JUNCTION>     Start Menu [C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu]
08/02/2013  01:25 PM    <JUNCTION>     Templates [C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\MAGMAM\AppData\Local
08/02/2013  01:25 PM    <JUNCTION>     Application Data [C:\Users\MAGMAM\AppData\Local]
08/02/2013  01:25 PM    <JUNCTION>     History [C:\Users\MAGMAM\AppData\Local\Microsoft\Windows\History]
08/02/2013  01:25 PM    <JUNCTION>     Temporary Internet Files [C:\Users\MAGMAM\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\MAGMAM\Desktop\arduino-1.0.5-linux32\arduino-1.0.5\hardware\tools\avr\bin
02/20/2014  12:35 AM    <SYMLINK>      avr-c++ [avr-g++]
02/20/2014  12:35 AM    <SYMLINK>      avr-gcc-4.3.2 [avr-gcc]
               2 File(s)              0 bytes
 Directory of C:\Users\MAGMAM\Desktop\arduino-1.0.5-linux32\arduino-1.0.5\hardware\tools\avr\lib
02/20/2014  12:35 AM    <SYMLINK>      libgmp.so.3 [libgmp.so.3.4.4]
02/20/2014  12:35 AM    <SYMLINK>      libmpfr.so.1 [libmpfr.so.1.2.0]
               2 File(s)              0 bytes
 Directory of C:\Users\MAGMAM\Desktop\arduino-1.0.5-linux32\arduino-1.0.5\hardware\tools\avr\lib\avr\bin
02/20/2014  12:35 AM    <SYMLINK>      ar [..\..\..\bin\avr-ar]
02/20/2014  12:35 AM    <SYMLINK>      as [..\..\..\bin\avr-as]
02/20/2014  12:35 AM    <SYMLINK>      ld [..\..\..\bin\avr-ld]
02/20/2014  12:35 AM    <SYMLINK>      nm [..\..\..\bin\avr-nm]
02/20/2014  12:35 AM    <SYMLINK>      objcopy [..\..\..\bin\avr-objcopy]
02/20/2014  12:35 AM    <SYMLINK>      objdump [..\..\..\bin\avr-objdump]
02/20/2014  12:35 AM    <SYMLINK>      ranlib [..\..\..\bin\avr-ranlib]
02/20/2014  12:35 AM    <SYMLINK>      strip [..\..\..\bin\avr-strip]
               8 File(s)              0 bytes
 Directory of C:\Users\MAGMAM\Documents
08/02/2013  01:25 PM    <JUNCTION>     My Music [C:\Users\MAGMAM\Music]
08/02/2013  01:25 PM    <JUNCTION>     My Pictures [C:\Users\MAGMAM\Pictures]
08/02/2013  01:25 PM    <JUNCTION>     My Videos [C:\Users\MAGMAM\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Public\Documents
07/14/2009  06:53 AM    <JUNCTION>     My Music [C:\Users\Public\Music]
07/14/2009  06:53 AM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
07/14/2009  06:53 AM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
     Total Files Listed:
              12 File(s)              0 bytes
              66 Dir(s)  14,232,317,952 bytes free
 
< %systemroot%\System32\config\*.sav >
 
< %PROGRAMFILES%\bak. /s >
 
< %systemroot%\system32\bak. /s >
 
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
 
< %systemroot%\system32\config\systemprofile\*.dat /x >
 
< %systemroot%\*.config >
 
< %systemroot%\system32\*.db >
 
< %PROGRAMFILES%\Internet Explorer\*.dat >
 
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2013/08/02 13:27:39 | 000,000,221 | -HS- | M] () -- C:\Users\MAGMAM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
 
< %USERPROFILE%\Desktop\*.exe >
[2014/04/28 08:26:49 | 004,485,816 | ---- | M] (AVG Technologies) -- C:\Users\MAGMAM\Desktop\avg_avct_stb_all_2014_4569.exe
[2014/04/28 09:23:59 | 070,658,472 | ---- | M] (AVG) -- C:\Users\MAGMAM\Desktop\avg_tuh_stf_all_2014_380_24c28.exe
[2014/01/21 21:41:33 | 005,172,786 | R--- | M] (Swearware) -- C:\Users\MAGMAM\Desktop\ComboFix.exe
[2014/10/06 04:15:20 | 000,355,328 | ---- | M] () -- C:\Users\MAGMAM\Desktop\FIFA15Downloader__7934_il2533458.exe
[2014/10/06 02:10:17 | 008,052,240 | ---- | M] () -- C:\Users\MAGMAM\Desktop\HSS-3.42-install-hss.exe
[2014/01/22 07:18:10 | 001,037,068 | ---- | M] (Thisisu) -- C:\Users\MAGMAM\Desktop\JRT.exe
[2014/01/19 11:30:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MAGMAM\Desktop\OTL.exe
[2014/09/14 01:42:20 | 001,758,592 | ---- | M] (AVM Software Inc.) -- C:\Users\MAGMAM\Desktop\pal_install_ar_r109860_a3000.exe
[2014/04/23 21:40:14 | 049,259,608 | ---- | M] (RealNetworks, Inc.) -- C:\Users\MAGMAM\Desktop\realplayercloud.exe
[2014/10/03 08:29:04 | 001,006,592 | ---- | M] (AutomaticSolution Software                                  ) -- C:\Users\MAGMAM\Desktop\ReMouseMicro-Setup.exe
[2014/05/08 14:45:54 | 000,640,792 | ---- | M] () -- C:\Users\MAGMAM\Desktop\safari-browser.exe
[2014/02/17 23:10:43 | 005,855,856 | ---- | M] (TeamViewer GmbH) -- C:\Users\MAGMAM\Desktop\TeamViewer_Setup_ar.exe
[2014/01/27 08:12:53 | 001,307,736 | ---- | M] (BitTorrent Inc.) -- C:\Users\MAGMAM\Desktop\utorrent.exe
[2014/07/23 18:29:23 | 000,441,856 | ---- | M] () -- C:\Users\MAGMAM\Desktop\war of nations gold generator.exe
[2014/02/17 15:43:59 | 026,562,872 | ---- | M] () -- C:\Users\MAGMAM\Desktop\WebcamMax-7.8.1.6.MultiLanguage.Setup.exe
[2014/07/03 06:28:01 | 009,304,408 | ---- | M] (Wargaming.net                                               ) -- C:\Users\MAGMAM\Desktop\WoT_internet_install_eu.exe
[2 C:\Users\MAGMAM\Desktop\*.tmp files -> C:\Users\MAGMAM\Desktop\*.tmp -> ]
 
< %PROGRAMFILES%\Common Files\*.* >
 
< %systemroot%\*.src >
[2012/11/28 09:42:06 | 000,013,021 | ---- | M] () -- C:\Windows\snp2uvc.src
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
< %systemroot%\install\*.* >
 
< %systemroot%\system32\DLL\*.* >
 
< %systemroot%\system32\HelpFiles\*.* >
 
< %systemroot%\system32\rundll\*.* >
 
< %systemroot%\winn32\*.* >
 
< %systemroot%\Java\*.* >
 
< %systemroot%\system32\test\*.* >
 
< %systemroot%\system32\Rundll32\*.* >
 
< %systemroot%\AppPatch\Custom\*.* >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2014-10-01 01:07:58
 
========== Files - Unicode (All) ==========
[2014/07/25 02:22:38 | 020,064,795 | ---- | M] ()(C:\Users\MAGMAM\Documents\Alex D?az.mp4) -- C:\Users\MAGMAM\Documents\Alex Díaz.mp4
[2014/07/23 03:48:43 | 020,064,795 | ---- | C] ()(C:\Users\MAGMAM\Documents\Alex D?az.mp4) -- C:\Users\MAGMAM\Documents\Alex Díaz.mp4
[2014/07/21 14:35:23 | 001,747,888 | ---- | M] ()(C:\Users\MAGMAM\Documents\SA Ward?ga - Korean Samara.mp4) -- C:\Users\MAGMAM\Documents\SA Wardęga - Korean Samara.mp4
[2014/07/21 14:34:02 | 001,747,888 | ---- | C] ()(C:\Users\MAGMAM\Documents\SA Ward?ga - Korean Samara.mp4) -- C:\Users\MAGMAM\Documents\SA Wardęga - Korean Samara.mp4
[2014/07/04 02:51:33 | 003,477,070 | ---- | M] ()(C:\Users\MAGMAM\Documents\??????? TVPool Buffet _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\ทีวีพูล TVPool Buffet _ Facebook.mp4
[2014/07/04 02:48:08 | 003,477,070 | ---- | C] ()(C:\Users\MAGMAM\Documents\??????? TVPool Buffet _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\ทีวีพูล TVPool Buffet _ Facebook.mp4
[2014/06/20 00:34:11 | 004,082,194 | ---- | M] ()(C:\Users\MAGMAM\Documents\???Sonr?e!! Que tengas un buen d?a. - Amigos de los Animales Chihuahua _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\¡¡¡Sonríe!! Que tengas un buen día. - Amigos de los Animales Chihuahua _ Facebook.mp4
[2014/06/20 00:33:35 | 004,082,194 | ---- | C] ()(C:\Users\MAGMAM\Documents\???Sonr?e!! Que tengas un buen d?a. - Amigos de los Animales Chihuahua _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\¡¡¡Sonríe!! Que tengas un buen día. - Amigos de los Animales Chihuahua _ Facebook.mp4
[2014/06/19 02:44:08 | 027,822,915 | ---- | M] ()(C:\Users\MAGMAM\Documents\Jamich - SOBRANG KILIG!!!! PANOODIN NIYO!! _)) ? _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\Jamich - SOBRANG KILIG!!!! PANOODIN NIYO!! _)) ♥ _ Facebook.mp4
[2014/06/19 02:39:44 | 027,822,915 | ---- | C] ()(C:\Users\MAGMAM\Documents\Jamich - SOBRANG KILIG!!!! PANOODIN NIYO!! _)) ? _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\Jamich - SOBRANG KILIG!!!! PANOODIN NIYO!! _)) ♥ _ Facebook.mp4
[2014/06/17 03:49:10 | 026,224,572 | ---- | M] ()(C:\Users\MAGMAM\Documents\Bedirhan G?kçe - Alk??? Hak Edenler _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\Bedirhan Gökçe - Alkışı Hak Edenler _ Facebook.mp4
[2014/06/17 03:45:24 | 026,224,572 | ---- | C] ()(C:\Users\MAGMAM\Documents\Bedirhan G?kçe - Alk??? Hak Edenler _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\Bedirhan Gökçe - Alkışı Hak Edenler _ Facebook.mp4
[2014/06/16 17:16:22 | 018,978,704 | ---- | M] ()(C:\Users\MAGMAM\Documents\En iyi uykudan uyand?rma y?ntemleri _)))) - Abi çok iyi yaa. _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\En iyi uykudan uyandırma yöntemleri _)))) - Abi çok iyi yaa. _ Facebook.mp4
[2014/06/16 17:13:22 | 018,978,704 | ---- | C] ()(C:\Users\MAGMAM\Documents\En iyi uykudan uyand?rma y?ntemleri _)))) - Abi çok iyi yaa. _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\En iyi uykudan uyandırma yöntemleri _)))) - Abi çok iyi yaa. _ Facebook.mp4
[2014/06/15 23:57:24 | 004,159,448 | ---- | M] ()(C:\Users\MAGMAM\Documents\Climatologia Geogr?fica _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\Climatologia Geográfica _ Facebook.mp4
[2014/06/15 23:56:40 | 004,159,448 | ---- | C] ()(C:\Users\MAGMAM\Documents\Climatologia Geogr?fica _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\Climatologia Geográfica _ Facebook.mp4
[2014/06/13 21:39:26 | 009,422,854 | ---- | M] ()(C:\Users\MAGMAM\Documents\D.A.A.S - El v?deo mas enternecedor del MUNDO!! _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\D.A.A.S - El vídeo mas enternecedor del MUNDO!! _ Facebook.mp4
[2014/06/13 21:34:34 | 009,422,854 | ---- | C] ()(C:\Users\MAGMAM\Documents\D.A.A.S - El v?deo mas enternecedor del MUNDO!! _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\D.A.A.S - El vídeo mas enternecedor del MUNDO!! _ Facebook.mp4
[2014/06/11 09:37:30 | 014,251,930 | ---- | M] ()(C:\Users\MAGMAM\Documents\??????????? _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\真愛談戀愛。真愛橋到底 _ Facebook.mp4
[2014/06/11 09:37:21 | 014,251,930 | ---- | C] ()(C:\Users\MAGMAM\Documents\??????????? _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\真愛談戀愛。真愛橋到底 _ Facebook.mp4
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:07F6D9E4
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:6FE816BE
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:CB9FA647
 
< End of report >
 
 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 04:10:19 am, on 08/10/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal
 
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Program Files\WebcamMax\wcmmon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Hotspot Shield\bin\hsscp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Ginger\GingerServices\GingerServices.exe
C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Notepad++\notepad++.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\MAGMAM\Desktop\HiJackThis.exe
C:\Windows\System32\osk.exe
c:\program files\real\realplayer\RealPlay.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mefeedia.com/mena?v=3.42
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8555;https=127.0.0.1:8555
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: 127.0.0.3 www.anchorfree.net
O1 - Hosts: 127.0.0.2 www.mefeedia.com
O2 - BHO: Ginger Grammar & Spell Checker - {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} - C:\Program Files\Ginger\GingerIEAddin\adxloader.dll (file missing)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: FoxPro - {598AC71E-BE58-3981-B78A-5C138F423AD6} - C:\Users\MAGMAM\AppData\Roaming\VolIE\FoxPro_32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files\WebcamMax\wcmmon.exe" -a
O4 - HKCU\..\Run: [uTorrent] "C:\Users\MAGMAM\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [SpeedConnectStartUp] C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe -run
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6116CBA5655B8B1266EAB4041CDFAAA1] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\RunOnce: [osk.exe] osk.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Windows\System32\osk.exe  (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [osk.exe] osk.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O4 - Global Startup: Ginger.lnk = ?
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - (no file)
O9 - Extra 'Tools' menuitem: WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - (no file)
O9 - Extra button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - (no file)
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.m...ash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Arp Intelligent Protection Service (AIPS) - Arcai.com - C:\Program Files\netcut\services\AIPS.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
O23 - Service: GingerUpdateService - Ginger Software - C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: webcamXP Service (wxpSvc) - Moonware Studios - C:\Program Files\webcamXP5\wService.exe
 
--
End of file - 13550 bytes

Attached Files

  • Attached File  DDS.txt   25.61KB   133 downloads

Edited by ComputerEngineer, 07 October 2014 - 09:14 PM.

    Advertisements

Register to Remove


#2 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 08 October 2014 - 04:45 PM

:welcome:

 

What are you experiencing to make you think your computer is infected ?

 

uTorrent <-   Keeping using File Sharing like this and you will 100% get infected.  I would like you to go to Programs and Features in the Control Panel and uninstall it

 

 

We are using new and updated scanners now, lets do this

 

 

1QYkxTZ.jpg Please download aswMBR to your desktop.
 
  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.
  •  
    I just want to see the report....Please Do Not Fix Anything
     
    ============================================================================
     
     
     

    Please download Farbar Recovery Scan Tool and save it to your desktop.
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
     
    How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
    A simple way to check your system: Start --> Computer (right click) --> Properties
     
     
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Please make sure All Users is checked
  • Do not check 
  • *List BCD
    *Drivers MD5
    *Shortcut txt
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
  •  


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #3 ComputerEngineer

    ComputerEngineer

      Authentic Member

    • Authentic Member
    • PipPip
    • 35 posts

    Posted 09 October 2014 - 12:13 AM

    Thanks,
     
    Actually, it's not me who thinks so, but him: http://forums.whatth...814#entry856362.
     
    Ran by MAGMAM (administrator) on MAGMAM-PC on 09-10-2014 07:32:39
    Running from C:\Users\MAGMAM\Desktop
    Loaded Profile: MAGMAM (Available profiles: MAGMAM & 123321)
    Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
    (Microsoft Corporation) C:\Windows\System32\audiodg.exe
    (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
    (Arcai.com) C:\Program Files\netcut\services\aips.exe
    (APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgfws.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (Ginger Software) C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe
    (Hewlett-Packard Company) C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
    (AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
    () C:\Program Files\Hotspot Shield\bin\hsswd.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
    (Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
    (Arcai.com) C:\Program Files\netcut\netcut.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    () C:\ProgramData\MobileBrServ\mbbService.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    (Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
    () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
    (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
    (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    (Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
    (AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\HSSCP.exe
    (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
    (Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
    (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
    (APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
    () C:\Program Files\WebcamMax\wcmmon.exe
    (BitTorrent Inc.) C:\Users\MAGMAM\AppData\Roaming\uTorrent\uTorrent.exe
    (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
    (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
    (AVM Software Inc.) C:\Program Files\Paltalk Messenger\paltalk.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Ginger Software) C:\Program Files\Ginger\GingerServices\GingerServices.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\taskmgr.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\osk.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
    HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-18] (Renesas Electronics Corporation)
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2444016 2013-10-30] (Synaptics Incorporated)
    HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
    HKLM\...\Run: [MobileBroadband] => C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [408576 2011-03-29] (Vodafone)
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
    HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [296520 2014-09-17] (RealNetworks, Inc.)
    HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1942424 2014-09-22] (APN)
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [3125976 2013-09-23] (Disc Soft Ltd)
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [937472 2014-10-07] (Informer Technologies, Inc.)
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Run: [WebcamMaxAutoRun] => C:\Program Files\WebcamMax\wcmmon.exe [1038848 2011-07-17] ()
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Run: [uTorrent] => C:\Users\MAGMAM\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-03] (BitTorrent Inc.)
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Run: [SpeedConnectStartUp] => C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe [618192 2010-04-21] (CBS Software)
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Run: [GoogleChromeAutoLaunch_6116CBA5655B8B1266EAB4041CDFAAA1] => C:\Program Files\Google\Chrome\Application\chrome.exe [854344 2014-10-01] (Google Inc.)
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
    HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [646144 2014-06-18] (Microsoft Corporation)
    HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [646144 2014-06-18] (Microsoft Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ginger.lnk
    ShortcutTarget: Ginger.lnk -> C:\Windows\Installer\{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}\GingerClientStartu_3C297780F1D34554B9F292E4DAC788DA.exe (Flexera Software LLC)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
    ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
    Startup: C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
    ShortcutTarget: PalTalk.lnk -> C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mefeedia.com/mena?v=3.42
    URLSearchHook: HKLM - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
    SearchScopes: HKLM - DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://start.mysearc...=1029031320&ir=
    SearchScopes: HKLM - {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} URL = http://www.arabyonli...q={searchTerms}
    SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://start.mysearc...=1029031320&ir=
    SearchScopes: HKCU - DefaultScope {0001612C-7A4C-413E-AE24-A0533160057F} URL = 
    SearchScopes: HKCU - 5055E17DDD094F28BDB7DB89B6D45BC5 URL = http://search.qvo6.c...X&ts=1376413680
    SearchScopes: HKCU - {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} URL = http://www.arabyonli...q={searchTerms}
    SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://start.mysearc...=1029031320&ir=
    SearchScopes: HKCU - {7BF28D31-16C0-443C-8DF8-B8A6ABDBD87D} URL = http://www.mysearchr...q={searchTerms}
    SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={D9444AAD-89CD-4199-B024-73EC10916BD1}&mid=6bce5ce22d7947d39831b9ea824161c4-df9ce6dce916111b504e34f7134076bab6351bc4&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-21 14:56:29&v=18.0.5.292&pid=safeguard&sg=&sap=dsp&q={searchTerms}
    SearchScopes: HKCU - {c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} URL = http://search.hotspo...q={searchTerms}
    BHO: Ginger Grammar & Spell Checker -> {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} -> C:\Program Files\Ginger\GingerIEAddin\adxloader.dll No File
    BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
    BHO: FoxPro Class -> {598AC71E-BE58-3981-B78A-5C138F423AD6} -> C:\Users\MAGMAM\AppData\Roaming\VolIE\FoxPro_32.dll ()
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 83.136.58.190 62.209.25.155
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default
    FF DefaultSearchEngine: AVG Secure Search
    FF SearchEngineOrder.1: Mysearchdial
    FF SelectedSearchEngine: AVG Secure Search
    FF Homepage: hxxp://www.arabyonline.com/?src=117
    FF Keyword.URL: user_pref("keyword.URL", "");
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
    FF Plugin: @real.com/nppl3260;version=17.0.13.2 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.13 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
    FF Plugin: @real.com/nprpplugin;version=17.0.13.2 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: gingersoftware.com/gingerPlugin -> C:\Program Files\Ginger\GingerServices\GingerServicesProxy.dll (Ginger Software)
    FF user.js: detected! => C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\user.js
    FF SearchPlugin: C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\searchplugins\ZenSearch.xml
    FF Extension: Hotspot Shield  - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d} [2014-10-06]
    FF Extension: softonic.com - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\ffxtlbra@softonic.com.xpi [2013-12-24]
    FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi [2013-10-28]
    FF Extension: WinToFlash Suggestor - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2012-05-25]
    FF Extension: BonanzaDeals - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi [2013-12-29]
    FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-09-17]
    FF HKLM\...\Firefox\Extensions: [chknq@jrkbwgoi.org] - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\extensions\chknq@jrkbwgoi.org
    FF HKLM\...\Firefox\Extensions: [adapter@gingersoftware.com] - C:\Program Files\Ginger\Mozilla\adapter@gingersoftware.com
    FF Extension: Ginger - C:\Program Files\Ginger\Mozilla\adapter@gingersoftware.com [2014-07-04]
    FF HKLM\...\Firefox\Extensions: [firefox@gingersoftware.2.0.0.74.com] - C:\Program Files\Ginger\Mozilla\firefox@gingersoftware.2.0.0.74.com
    FF Extension: Ginger - Grammar and Spell Checker - C:\Program Files\Ginger\Mozilla\firefox@gingersoftware.2.0.0.74.com [2014-05-18]
    FF HKLM\...\Firefox\Extensions: [{9D2AA73B-6049-4799-B8AC-925723370070}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
     
    Chrome: 
    =======
    CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\38.0.2125.101\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\38.0.2125.101\ppGoogleNaClPluginChrome.dll No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\38.0.2125.101\pdf.dll ()
    CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
    CHR CustomProfile: C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Ask Search) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg [2014-09-17]
    CHR Extension: (Google Docs) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-02]
    CHR Extension: (Google Drive) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-02]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
    CHR Extension: (YouTube) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-02]
    CHR Extension: (Google Search) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-02]
    CHR Extension: (Skype Click to Call) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-11]
    CHR Extension: (AVG Secure Search) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-09-17]
    CHR Extension: (Google Wallet) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
    CHR Extension: (Gmail) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-02]
    CHR HKLM\...\Chrome\Extension: [cmfpfjjciophcbhnhnpbadhmdmfgceic] - C:\Program Files\DiVapton\cmfpfjjciophcbhnhnpbadhmdmfgceic.crx []
    CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files\DefaultTab\DefaultTab.crx []
    CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
    CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
     
    ========================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 AIPS; C:\Program Files\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed]
    R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-09-22] (APN LLC.)
    R2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1417160 2014-08-25] (AVG Technologies CZ, s.r.o.)
    R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
    R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
    S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2013-11-07] (Intel Corporation)
    R3 Disc Soft Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [654552 2013-09-23] (Disc Soft Ltd)
    R2 GingerUpdateService; C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe [280976 2014-09-09] (Ginger Software)
    R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-05-21] (Hewlett-Packard Company)
    R2 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [File not signed]
    S3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()
    R2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe [430344 2014-05-17] ()
    R3 ICCS; C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
    R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
    R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [230240 2013-09-18] ()
    R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-07-26] (Nitro PDF Software)
    R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-30] ()
    R2 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-09-17] (RealNetworks, Inc.)
    S2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-30] () [File not signed]
    R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1805624 2014-03-31] (AVG)
    R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [35640 2014-03-31] (AVG)
    R2 VmbService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [9216 2011-03-29] (Vodafone) [File not signed]
    S3 wxpSvc; C:\Program Files\webcamXP5\wService.exe [5221184 2013-11-17] (Moonware Studios)
    S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-02] (Wondershare)
    R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2957312 2012-06-20] (Qualcomm Atheros Communications, Inc.)
    R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
    R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [68352 2013-08-27] (Baidu, Inc.)
    R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [24704 2013-10-15] (Disc Soft Ltd)
    R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [39624 2014-05-17] (AnchorFree Inc.)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-10-09] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
    R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
    R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
    R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [62336 2010-12-11] (Renesas Electronics Corporation)
    R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [141440 2010-12-11] (Renesas Electronics Corporation)
    R0 phylock; C:\Windows\System32\drivers\phylock.sys [29232 2013-08-19] (TeraByte, Inc.)
    R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1826784 2012-11-28] ()
    S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-07-24] (AnchorFree Inc)
    R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2014-05-17] (Anchorfree Inc.)
    S3 TBIMount; C:\Windows\System32\drivers\tbimount.sys [414128 2013-12-27] (TeraByte, Inc.)
    R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2014-02-10] (TuneUp Software)
    R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows ® Win 7 DDK provider)
    R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [195968 2012-01-07] (Jungo)
    R2 XilinxPC4Driver; C:\Windows\System32\drivers\xpc4drvr.sys [16000 2012-01-07] (Xilinx, Inc.) [File not signed]
    S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
    S3 catchme; \??\C:\Users\MAGMAM\AppData\Local\Temp\catchme.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    U3 aswMBR; \??\C:\Users\MAGMAM\AppData\Local\Temp\aswMBR.sys [X]
    U3 aswVmm; \??\C:\Users\MAGMAM\AppData\Local\Temp\aswVmm.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-10-09 07:32 - 2014-10-09 07:33 - 00028815 _____ () C:\Users\MAGMAM\Desktop\FRST.txt
    2014-10-09 07:24 - 2014-10-09 07:32 - 00000000 ____D () C:\FRST
    2014-10-09 06:55 - 2014-10-09 06:55 - 00186152 _____ () C:\Windows\Minidump\100914-56253-01.dmp
    2014-10-09 06:31 - 2014-10-09 06:31 - 01101312 _____ (Farbar) C:\Users\MAGMAM\Desktop\FRST.exe
    2014-10-09 06:27 - 2014-10-09 06:28 - 05185536 _____ (AVAST Software) C:\Users\MAGMAM\Desktop\aswMBR.exe
    2014-10-08 10:02 - 2014-10-08 10:02 - 00000000 ____D () C:\ProgramData\Avg_Update_0614i
    2014-10-08 05:03 - 2014-10-08 05:03 - 00026224 _____ () C:\Users\MAGMAM\Desktop\DDS.txt
    2014-10-08 04:39 - 2014-10-08 04:40 - 00147840 _____ () C:\Windows\Minidump\100814-32885-01.dmp
    2014-10-07 08:52 - 2014-10-07 08:52 - 00000000 ____D () C:\Users\123321\AppData\Local\Avg
    2014-10-06 04:34 - 2014-10-06 21:17 - 00000000 ____D () C:\Users\MAGMAM\Desktop\GMT.KZ_FIFA_15_Ultimate_Team_Edition
    2014-10-06 02:46 - 2014-10-06 02:46 - 00001078 _____ () C:\Users\Public\Desktop\Hotspot Shield.lnk
    2014-10-06 02:45 - 2014-10-06 02:45 - 00000009 _____ () C:\END
    2014-10-06 02:36 - 2014-05-17 04:33 - 00039624 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
    2014-10-06 02:35 - 2014-10-07 08:29 - 00000000 ____D () C:\ProgramData\Hotspot Shield
    2014-10-06 02:35 - 2014-10-06 02:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
    2014-10-06 02:34 - 2014-10-06 02:45 - 00000000 ____D () C:\Program Files\Hotspot Shield
    2014-10-06 02:11 - 2014-10-06 02:11 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Hotspot Shield
    2014-10-06 02:09 - 2014-10-06 02:10 - 08052240 _____ () C:\Users\MAGMAM\Desktop\HSS-3.42-install-hss.exe
    2014-10-05 22:00 - 2014-10-05 22:00 - 00000000 ____D () C:\Users\123321\AppData\Roaming\Acapela Group
    2014-10-05 21:59 - 2014-10-05 21:59 - 00000000 ____D () C:\Users\123321\AppData\Roaming\Vodafone
    2014-10-05 21:59 - 2014-10-05 21:59 - 00000000 ____D () C:\Users\123321\AppData\Roaming\AVG2014
    2014-10-05 21:59 - 2014-10-05 21:59 - 00000000 ____D () C:\Users\123321\AppData\Local\VirtualStore
    2014-10-05 21:59 - 2014-10-05 21:59 - 00000000 ____D () C:\Users\123321\AppData\Local\Avg2014
    2014-10-05 20:00 - 2014-10-05 20:01 - 09083136 _____ () C:\Users\MAGMAM\Documents\DJ Sharaz - Shake It, Bake It, Booty Quake It _ Facebook.mp4
    2014-10-03 08:32 - 2014-10-03 08:32 - 00001021 _____ () C:\Users\Public\Desktop\ReMouse Micro.lnk
    2014-10-03 08:32 - 2014-10-03 08:32 - 00000000 ____D () C:\Users\MAGMAM\Documents\AutomaticSolution Software
    2014-10-03 08:32 - 2014-10-03 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReMouse Micro
    2014-10-03 08:32 - 2014-10-03 08:32 - 00000000 ____D () C:\Program Files\ReMouse Micro
    2014-10-03 08:28 - 2014-10-03 08:29 - 01006592 _____ (AutomaticSolution Software ) C:\Users\MAGMAM\Desktop\ReMouseMicro-Setup.exe
    2014-10-01 02:20 - 2014-10-01 02:22 - 09303162 _____ () C:\Users\MAGMAM\Documents\Benjo Tabora _ Facebook.mp4
    2014-09-30 21:28 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2014-09-24 04:47 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-09-23 06:18 - 2014-09-23 06:20 - 12443664 _____ () C:\Users\MAGMAM\Documents\Nova 106.9 _ Facebook.mp4
    2014-09-20 03:46 - 2014-09-30 23:40 - 00000000 ____D () C:\Users\MAGMAM\Documents\New folder
    2014-09-20 00:47 - 2014-09-20 00:47 - 00002509 _____ () C:\Users\Public\Desktop\Skype.lnk
    2014-09-20 00:47 - 2014-09-20 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2014-09-20 00:47 - 2014-09-20 00:47 - 00000000 ____D () C:\Program Files\Common Files\Skype
    2014-09-19 01:52 - 2014-09-19 01:52 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
    2014-09-19 01:52 - 2014-09-19 01:52 - 00001048 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
    2014-09-17 20:15 - 2014-09-17 20:15 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\RealNetworks
    2014-09-17 20:15 - 2014-09-17 20:15 - 00000000 ____D () C:\Users\MAGMAM\AppData\Local\AskPartnerNetwork
    2014-09-17 20:14 - 2014-09-17 20:14 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
    2014-09-17 20:14 - 2014-09-17 20:14 - 00000000 ____D () C:\ProgramData\APN
    2014-09-17 20:14 - 2014-09-17 20:14 - 00000000 ____D () C:\Program Files\AskPartnerNetwork
    2014-09-17 20:13 - 2014-09-17 20:13 - 00001012 _____ () C:\Users\Public\Desktop\RealPlayer Cloud.lnk
    2014-09-17 20:13 - 2014-09-17 20:13 - 00000000 ____D () C:\ProgramData\RealNetworks
    2014-09-17 20:13 - 2014-09-17 20:13 - 00000000 ____D () C:\Program Files\RealNetworks
    2014-09-17 20:12 - 2014-09-17 20:12 - 00000000 ____D () C:\Program Files\Common Files\xing shared
    2014-09-14 23:28 - 2014-09-14 23:28 - 00000000 ____D () C:\Users\MAGMAM\Documents\My Received Files
    2014-09-14 03:41 - 2014-09-14 03:44 - 00000748 _____ () C:\console.log
    2014-09-14 01:51 - 2014-09-14 01:51 - 00001941 _____ () C:\Users\MAGMAM\Desktop\Paltalk Messenger.lnk
    2014-09-14 01:51 - 2014-09-14 01:51 - 00001216 _____ () C:\Users\MAGMAM\Desktop\Upgrade to Paltalk Extreme.lnk
    2014-09-14 01:51 - 2014-09-14 01:51 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
    2014-09-14 01:50 - 2014-09-14 01:51 - 00000000 ____D () C:\Program Files\Paltalk Messenger
    2014-09-14 01:41 - 2014-09-14 01:42 - 01758592 _____ (AVM Software Inc.) C:\Users\MAGMAM\Desktop\pal_install_ar_r109860_a3000.exe
    2014-09-12 21:17 - 2014-09-12 22:21 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\ARHome
    2014-09-12 21:17 - 2014-09-12 21:17 - 00004772 _____ () C:\Users\MAGMAM\AppData\Roaming\ext.crx
    2014-09-12 21:17 - 2014-09-12 21:17 - 00003072 _____ () C:\Users\MAGMAM\AppData\Roaming\chrome-extension.localstorage
    2014-09-12 21:17 - 2014-09-12 21:17 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\VolIE
    2014-09-12 21:16 - 2014-09-12 21:12 - 08651384 _____ (Bitberry Software ) C:\Users\MAGMAM\Downloads\FinalMediaPlayer2014U1Setup.exe
    2014-09-12 02:35 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-09-12 02:35 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-09-12 02:35 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-09-12 02:35 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-09-12 02:35 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-09-12 02:35 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-09-12 02:35 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-09-12 02:35 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-09-12 02:35 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-09-12 02:35 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-09-12 02:35 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-09-12 02:35 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-09-12 02:35 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-09-12 02:35 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-09-12 02:35 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-09-12 02:35 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-09-12 02:35 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-09-12 02:35 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-09-12 02:35 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-09-12 02:35 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-09-12 02:35 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-09-12 02:35 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-09-12 02:35 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-09-12 02:35 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-09-12 02:35 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-09-12 02:34 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-09-12 02:34 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-09-12 02:34 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-09-12 02:34 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-09-12 02:34 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-09-12 02:32 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-09-11 15:54 - 2014-09-11 15:54 - 00002292 _____ () C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Best VPN Soft Special Offer.lnk
    2014-09-11 15:54 - 2014-09-11 15:54 - 00002268 _____ () C:\Users\MAGMAM\Desktop\Best VPN Soft Special Offer.lnk
    2014-09-11 15:54 - 2014-09-11 15:54 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hotspot Shield v2.88 Elite Final Full
    2014-09-11 15:54 - 2014-09-11 15:54 - 00000000 ____D () C:\Program Files\S.P.D
    2014-09-11 04:04 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-09-11 04:04 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-09-11 04:01 - 2014-09-05 03:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-09-11 04:01 - 2014-09-05 03:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-09-11 04:01 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2014-09-11 04:01 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-10-09 07:33 - 2013-08-02 17:53 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\uTorrent
    2014-10-09 07:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
    2014-10-09 07:23 - 2013-10-25 19:37 - 00000000 ____D () C:\Users\MAGMAM\Desktop\Games and progs
    2014-10-09 07:22 - 2013-10-15 02:49 - 00000000 ____D () C:\Users\MAGMAM\AppData\Local\CrashDumps
    2014-10-09 07:16 - 2013-08-07 17:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-10-09 07:09 - 2014-01-25 19:20 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Software Informer
    2014-10-09 07:06 - 2014-05-19 22:53 - 00000000 ____D () C:\Users\MAGMAM\Desktop\others
    2014-10-09 07:03 - 2014-06-13 12:43 - 00000000 ____D () C:\Program Files\netcut
    2014-10-09 07:03 - 2013-08-02 22:52 - 01158070 _____ () C:\Windows\WindowsUpdate.log
    2014-10-09 07:00 - 2013-09-23 15:41 - 00000000 ___RD () C:\Users\MAGMAM\Dropbox
    2014-10-09 07:00 - 2013-09-23 15:36 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Dropbox
    2014-10-09 07:00 - 2013-08-11 18:01 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Skype
    2014-10-09 06:58 - 2014-05-19 09:09 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-10-09 06:55 - 2014-06-01 12:23 - 00000000 ____D () C:\Windows\Minidump
    2014-10-09 06:55 - 2014-02-23 01:00 - 00020601 _____ () C:\Windows\setupact.log
    2014-10-09 06:55 - 2013-08-03 18:28 - 00000388 _____ () C:\Windows\Tasks\Final Media Player Update Checker.job
    2014-10-09 06:55 - 2013-08-02 14:34 - 00000826 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-10-09 06:55 - 2013-08-02 13:45 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
    2014-10-09 06:55 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-10-09 06:54 - 2014-03-12 07:42 - 00312678 _____ () C:\Windows\PFRO.log
    2014-10-09 06:54 - 2013-08-03 11:03 - 00000000 ____D () C:\Windows\PCHEALTH
    2014-10-09 06:44 - 2013-08-02 14:34 - 00000830 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-10-09 06:29 - 2013-08-02 14:06 - 00000000 ____D () C:\ProgramData\MFAData
    2014-10-09 06:27 - 2014-02-19 23:19 - 00000000 ____D () C:\Users\MAGMAM\Desktop\arduino-1.0.5-linux32
    2014-10-08 19:03 - 2014-01-31 03:17 - 00000286 _____ () C:\Windows\Tasks\WinZipDriverUpdater_UPDATES.job
    2014-10-08 17:15 - 2014-01-25 19:20 - 00000000 ____D () C:\Program Files\Software Informer
    2014-10-08 17:15 - 2013-10-15 02:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer
    2014-10-07 22:52 - 2013-12-08 17:01 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Notepad++
    2014-10-07 11:13 - 2014-06-28 02:44 - 00000000 ____D () C:\Windows\rescache
    2014-10-07 08:54 - 2014-04-26 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2014-10-07 08:52 - 2014-04-28 09:27 - 00000000 ____D () C:\Users\MAGMAM\AppData\Local\AVG
    2014-10-07 08:00 - 2013-11-14 15:22 - 00000000 ____D () C:\ProgramData\AVG2014
    2014-10-06 23:37 - 2013-10-17 09:22 - 00000000 ____D () C:\Users\MAGMAM\Documents\FIFA 14
    2014-10-06 02:20 - 2009-07-14 06:34 - 00028768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-10-06 02:20 - 2009-07-14 06:34 - 00028768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-10-06 01:52 - 2014-01-16 10:15 - 00000000 ____D () C:\Users\123321\AppData\Local\CrashDumps
    2014-10-05 22:00 - 2014-01-14 10:32 - 00121648 _____ () C:\Users\123321\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-10-05 21:59 - 2014-01-14 10:32 - 00001246 __RSH () C:\Users\123321\ntuser.pol
    2014-10-05 21:59 - 2014-01-14 10:32 - 00000000 ____D () C:\Users\123321
    2014-10-01 22:52 - 2013-08-02 14:44 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-10-01 22:30 - 2013-08-15 20:26 - 00735104 _____ () C:\Windows\system32\perfh015.dat
    2014-10-01 22:30 - 2013-08-15 20:26 - 00723764 _____ () C:\Windows\system32\prfh0816.dat
    2014-10-01 22:30 - 2013-08-15 20:26 - 00719346 _____ () C:\Windows\system32\perfh019.dat
    2014-10-01 22:30 - 2013-08-15 20:26 - 00708626 _____ () C:\Windows\system32\prfh0416.dat
    2014-10-01 22:30 - 2013-08-15 20:26 - 00156622 _____ () C:\Windows\system32\perfc015.dat
    2014-10-01 22:30 - 2013-08-15 20:26 - 00153656 _____ () C:\Windows\system32\prfc0816.dat
    2014-10-01 22:30 - 2013-08-15 20:26 - 00151592 _____ () C:\Windows\system32\perfc019.dat
    2014-10-01 22:30 - 2013-08-15 20:26 - 00148406 _____ () C:\Windows\system32\prfc0416.dat
    2014-10-01 22:30 - 2013-08-14 19:44 - 00651428 _____ () C:\Windows\system32\perfh01F.dat
    2014-10-01 22:30 - 2013-08-14 19:44 - 00140750 _____ () C:\Windows\system32\perfc01F.dat
    2014-10-01 22:30 - 2010-11-20 23:01 - 07055438 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\th-TH
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ru-RU
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ro-RO
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-PT
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-BR
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fr-FR
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\bg-BG
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ar-SA
    2014-09-24 05:16 - 2013-08-07 17:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2014-09-24 05:16 - 2013-08-07 17:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2014-09-20 11:53 - 2013-08-03 18:28 - 00000000 ____D () C:\Program Files\File Type Assistant
    2014-09-20 00:53 - 2013-09-23 15:41 - 00000982 _____ () C:\Users\MAGMAM\Desktop\Dropbox.lnk
    2014-09-20 00:53 - 2013-09-23 15:37 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2014-09-20 00:47 - 2013-08-11 18:01 - 00000000 ___RD () C:\Program Files\Skype
    2014-09-20 00:47 - 2013-08-11 18:00 - 00000000 ____D () C:\ProgramData\Skype
    2014-09-20 00:05 - 2009-07-14 06:33 - 00443504 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-09-18 02:03 - 2013-08-02 14:03 - 00121648 _____ () C:\Users\MAGMAM\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-09-17 20:13 - 2013-08-02 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
    2014-09-17 20:12 - 2014-01-25 18:26 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\system32\rmoc3260.dll
    2014-09-17 20:12 - 2013-08-02 22:53 - 00000000 ____D () C:\Program Files\Real
    2014-09-17 20:12 - 2013-08-02 22:46 - 00000000 ____D () C:\ProgramData\Real
    2014-09-17 20:11 - 2014-01-25 18:25 - 00505416 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
    2014-09-17 20:11 - 2014-01-25 18:25 - 00353864 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
    2014-09-17 20:11 - 2013-08-02 22:54 - 00278600 _____ (Progressive Networks) C:\Windows\system32\pncrt.dll
    2014-09-16 18:03 - 2014-05-18 03:46 - 00000000 ____D () C:\Program Files\Ginger
    2014-09-16 18:03 - 2014-05-18 03:40 - 00029326 _____ () C:\GingerSetupHelper.log
    2014-09-16 18:03 - 2014-05-18 03:40 - 00004238 _____ () C:\GingerSetup.log
    2014-09-16 18:01 - 2014-07-04 03:57 - 00002949 _____ () C:\Users\Public\Desktop\Ginger.lnk
    2014-09-16 18:01 - 2014-07-04 03:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ginger
    2014-09-14 03:50 - 2013-10-22 23:44 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Paltalk
    2014-09-12 21:17 - 2013-08-03 18:28 - 00001067 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\FinalMediaPlayer.lnk
    2014-09-12 21:17 - 2013-08-03 18:28 - 00001061 _____ () C:\Users\MAGMAM\Desktop\FinalMediaPlayer.lnk
    2014-09-12 21:17 - 2013-08-03 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalMediaPlayer
    2014-09-12 21:17 - 2013-08-03 18:28 - 00000000 ____D () C:\Program Files\FinalMediaPlayer
    2014-09-12 15:08 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
    2014-09-12 02:33 - 2013-08-03 11:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-09-12 02:32 - 2013-08-15 15:10 - 00000000 ____D () C:\Windows\system32\MRT
    2014-09-12 02:14 - 2013-08-03 10:57 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-09-12 02:13 - 2014-05-01 03:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
     
    Some content of TEMP:
    ====================
    C:\Users\MAGMAM\AppData\Local\Temp\conduitinstaller.exe
    C:\Users\MAGMAM\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv0badi.dll
    C:\Users\MAGMAM\AppData\Local\Temp\FinalMediaPlayerSetup.exe
    C:\Users\MAGMAM\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
    C:\Users\MAGMAM\AppData\Local\Temp\lowproc.exe
    C:\Users\MAGMAM\AppData\Local\Temp\npp.6.6.9.Installer.exe
    C:\Users\MAGMAM\AppData\Local\Temp\stubhelper.dll
    C:\Users\MAGMAM\AppData\Local\Temp\tmpFF01.tmp.exe
    C:\Users\MAGMAM\AppData\Local\Temp\xmlUpdater.exe
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => MD5 is legit
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2014-10-07 07:57
     
    ==================== End Of Log ============================
     
     
     
    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-10-2014 01
    Ran by MAGMAM at 2014-10-09 07:34:38
    Running from C:\Users\MAGMAM\Desktop
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
    FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
    1AVMonitor version 1.8.8.90 (HKLM\...\{B1D0FF50-8C97-45A2-84A7-05E1C05395F8}_is1) (Version: 1.8.8.90 - PCWinSoft Systems)
    Abdio Free MP4 Player (Free) (HKLM\...\Abdio Free MP4 Player (Free)) (Version: Abdio Free MP4 Player - Abdio Free MP4 Player)
    Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Adobe Flash Player ActiveX Free Download Packages (HKCU\...\Adobe Flash Player ActiveX Free Download Packages) (Version:  - ) <==== ATTENTION
    Adobe Flash Player Plugin Free Download Packages (HKCU\...\Adobe Flash Player Plugin Free Download Packages) (Version:  - ) <==== ATTENTION
    AFPL Ghostscript 8.14 (HKLM\...\AFPL Ghostscript 8.14) (Version:  - )
    AFPL Ghostscript Fonts (HKLM\...\AFPL Ghostscript Fonts) (Version:  - )
    Age of Empires Online (HKLM\...\GFWL_{4D530FA3-9B89-4186-98B7-F51000008100}) (Version: 1.0.0000.129 - Microsoft Studios)
    Age of Empires Online (Version: 1.0.0000.129 - Microsoft Studios) Hidden
    Alarabeyes (HKCU\...\ARHome) (Version: 3.0.0.0 - NoVooIT)
    AMD APP SDK Runtime (Version: 2.5.793.1 - Advanced Micro Devices Inc.) Hidden
    AMD Catalyst Install Manager (HKLM\...\{71CBB584-683D-33FC-1CE3-95414DC3B8C9}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Arduino (HKLM\...\Arduino) (Version: 1.0.5-r2 - Arduino LLC)
    AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
    AVG 2014 (Version: 14.0.4040 - AVG Technologies) Hidden
    AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
    AVG PC TuneUp 2014 (en-US) (Version: 14.0.1001.489 - AVG) Hidden
    AVG PC TuneUp 2014 (HKLM\...\AVG PC TuneUp) (Version: 14.0.1001.392 - AVG)
    AVG PC TuneUp 2014 (Version: 14.0.1001.392 - AVG) Hidden
    Bandicam (HKLM\...\Bandicam) (Version: 1.9.2.455 - Bandisoft.com)
    Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - Bandisoft.com)
    Battlefield BC2 (HKLM\...\Battlefield BC2_is1) (Version:  - )
    Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
    CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
    C-Free 5.0 Professional (HKLM\...\C-Free 5.0_is1) (Version:  - Program Arts)
    Cheat Engine 6.3 (HKLM\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
    Cisco Networking Academy curriculum 4.0.0.2 (HKLM\...\Cisco Networking Academy curriculum_is1) (Version:  - Cisco Systems, Inc.)
    Cisco Packet Tracer 6.0 (HKLM\...\Cisco Packet Tracer 6.0_is1) (Version:  - Cisco Systems, Inc.)
    DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 2.0.0.0159 - Disc Soft Ltd)
    Deep Shredder 12 UCI (HKLM\...\{14B6295D-6D03-4635-A17F-76AB10C74EF0}_is1) (Version:  - Stefan Meyer-Kahlen)
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
    Digilent Software (HKLM\...\Digilent Software) (Version: 1.0.189 - Digilent, Inc.)
    Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
    Dxtory version 2.0.119 (HKLM\...\Dxtory2.0_is1) (Version: 2.0.119 - Dxtory Software)
    EasyNP2 version 56.2.0.38 (HKLM\...\{45D0CE08-14DE-4F94-AE24-6151BBE6FA90}_is1) (Version: 56.2.0.38 - EasyNP2, Inc.)
    Europa Universalis IV Wealth of Nations (HKLM\...\Europa Universalis IV Wealth of Nations_is1) (Version:  - )
    F3_ActiveX_1.0.0.1 (HKLM\...\{C61B1BD6-1B74-499B-8CC1-AEB4F7BDD878}_is1) (Version: 1.0.0.1 - )
    ffdshow v1.2.4422 [2012-04-09] (HKLM\...\ffdshow_is1) (Version: 1.2.4422.0 - FreeCodecPack)
    FIFA 13 (HKLM\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.5.0.0 - Electronic Arts)
    File Type Assistant (HKLM\...\Trusted Software Assistant_is1) (Version: 2014.3.25.0 - ) <==== ATTENTION
    FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
    Final Media Player 2014 (HKLM\...\FinalMediaPlayer_is1) (Version: 2014.08.04.00 - Bitberry Software) <==== ATTENTION
    GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version:  - )
    Ginger (HKLM\...\InstallShield_{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}) (Version: 3.5.223 - Ginger Software)
    Ginger (Version: 3.5.223 - Ginger Software) Hidden
    Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
    Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
    Google Web Designer (HKLM\...\{811767F4-C586-4673-A41F-E9D767497222}) (Version: 1.0.5.0 - Google Inc.)
    GPL Ghostscript (HKLM\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
    Grand Theft Auto IV (HKLM\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
    GSview 4.6 (HKLM\...\GSview 4.6) (Version:  - )
    Haali Media Splitter (HKLM\...\HaaliMkx) (Version:  - FreeCodecPack)
    Hearts of Iron III - Their Finest Hour version 4.02 (HKLM\...\{25D080C2-19A4-427D-A12A-979D674B57F8}}_is1) (Version: 4.02 - Paradox Interactive)
    Hearts of Iron III (HKLM\...\{D0106CC2-E34B-4FA3-B6B6-91F0ACEA2CC3}) (Version:  - )
    Hotspot Shield 3.42 (HKLM\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
    Hotspot Shield v2.88 Elite Final Full (HKLM\...\Hotspot Shield v2.88 Elite Final Full) (Version: Full - S.P.D.)
    HP Support Solutions Framework (HKLM\...\{D2F04839-0AD0-4F06-A6B5-6DFF05E27B67}) (Version: 11.50.0019 - Hewlett-Packard Company)
    Image for Windows 2.87 Trial (HKLM\...\Image for Windows (V2)_is1) (Version:  - TeraByte Unlimited)
    Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
    Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
    Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    ISO Image Burner 1.1 (HKLM\...\{B2B123D3-E780-4EB0-B540-18F5FCC6EFE9}_is1) (Version:  - ISOImageBurner.com)
    Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
    Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
    JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
    Lagarith Lossless Codec (1.3.27) (HKLM\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    MathType 6 (HKLM\...\DSMT6) (Version: 6.7 - Design Science, Inc.)
    Mawareeth (HKLM\...\ST6UNST #1) (Version:  - )
    Metal Player version 4.0.4.2 (HKLM\...\{EF752F37-DA27-4E1D-8E83-BDF5FBB5E773}_is1) (Version: 4.0.4.2 - Abyssalsoft)
    Microsoft .NET Framework 4.5.1 (ARA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (DAN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (dansk) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1030) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (PTB) (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (PTG) (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (RUS) (Version: 4.5.50938 - Корпорация Майкрософт) Hidden
    Microsoft .NET Framework 4.5.1 (TRK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (Türkçe) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (Русский) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1049) (Version: 4.5.50938 - Корпорация Майкрософт)
    Microsoft .NET Framework 4.5.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
    Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
    Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing Tools 2013 Preview - English (HKLM\...\{20150000-001F-0409-0000-0000000FF1CE}) (Version: 15.0.4128.1014 - Microsoft Corporation)
    Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Rise Of Nations (HKLM\...\RiseOfNations 1.0) (Version:  - Microsoft)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
    Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.10.00.03 - Huawei Technologies Co.,Ltd)
    Mozilla Firefox 27.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
    MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - MyPC Backup) <==== ATTENTION
    Nitro Reader 3 (HKLM\...\{F5451D00-B448-4E9A-82DC-1929F4F1910D}) (Version: 3.5.6.5 - Nitro)
    Notepad++ (HKLM\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
    Notepad++ Free Download Packages (HKCU\...\Notepad++ Free Download Packages) (Version:  - ) <==== ATTENTION
    Paltalk Messenger  11.4 (HKLM\...\Paltalk Messenger) (Version: 11.4.564.16415 - AVM Software Inc.)
    Password Reveal Pro (HKLM\...\Password Reveal Pro) (Version: 2.0 - Camtech 2000)
    PFConfig 1.0.296 (HKLM\...\PFConfig) (Version: 1.0.296 - Portforward.com)
    Polyglot 3000 (Version 3.74) (HKLM\...\Polyglot 3000_is1) (Version:  - Likasoft)
    RAR Password Recovery 3.1.0.0 (HKLM\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version:  - Anypasskey Studio)
    RealDownloader (Version: 17.0.13 - RealNetworks, Inc.) Hidden
    RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
    RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.13 - RealNetworks)
    RealPlayer Free Download Packages (HKCU\...\RealPlayer Free Download Packages) (Version:  - ) <==== ATTENTION
    Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
    RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
    ReMouse Micro (HKLM\...\ReMouse Micro_is1) (Version: Micro V3.5 - AutomaticSolution Software)
    Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
    Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
    Rockstar Games Social Club (HKLM\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
    Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    Search App by Ask (HKLM\...\{5245414C-312D-5350-00A7-A758B70C1101}) (Version: 12.17.1.66 - APN, LLC) <==== ATTENTION
    SiRFDemo (HKLM\...\{D8207FF4-0A8C-4D36-9682-36E04AE96C52}) (Version: 3.87 - SiRF Technology, Inc.)
    Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
    Skype™ 6.20 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
    Software Informer 1.4.1152.0 (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
    SpeedConnect Internet Accelerator v.8.0 (HKLM\...\SpeedConnect Internet Accelerator v.8.0_is1) (Version:  - CBS Software)
    SpotAuditor 4.8.3 (HKLM\...\SpotAuditor_is1) (Version:  - Nsasoft LLC.)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
    TBIView 4.34 - TBIMount 1.12 (HKLM\...\TBIView_is1) (Version:  - TeraByte Unlimited)
    TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
    TeXstudio 2.6.6 (HKLM\...\TeXstudio_is1) (Version: 2.6.6 - Benito van der Zander)
    TornTV (HKLM\...\1ClickDownload) (Version: 2.1 Build 26473 - TornTV.com) <==== ATTENTION
    Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
    UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
    Visual CertExam Suite (HKLM\...\Visual CertExam Suite_is1) (Version:  - Avanset)
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Vodafone Mobile Broadband Lite (HKLM\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.2.102.30707 - Vodafone)
    WebcamMax (HKLM\...\WebcamMax) (Version: 7.8.1.6.MultiLanguage - )
    webcamXP 5 (HKLM\...\wLite) (Version: 5.7.3.0 - Moonware Studios)
    Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
    WinEdt (HKLM\...\WinEdt) (Version: 5.3 - Aleksander Simonic (WinEdt Team))
    WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
    WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
    WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DE}) (Version: 18.0.10661 - WinZip Computing, S.L. )
    WinZip Driver Updater (HKLM\...\{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1) (Version: 1.0.648.15384 - WinZip Computing, S.L. (WinZip Computing))
    Wireshark 1.10.7 (32-bit) (HKLM\...\Wireshark) (Version: 1.10.7 - The Wireshark developer community, http://www.wireshark.org)
    Wise Game Booster 1.25 (HKLM\...\Wise Game Booster_is1) (Version: 1.25 - WiseCleaner.com, Inc.)
    Wolfram Mathematica 7 for Students (M-WIN-G 7.0.0 1148361) (HKLM\...\M-WIN-G 7.0.0 1148361_is1) (Version: 7.0.0 - Wolfram Research, Inc.)
    Wolfram Notebook Indexer 2.0 (HKLM\...\{C260343B-6282-42A2-939F-1FF7E503F608}) (Version: 2.17.34091 - Wolfram Research)
    World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
    World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
    YTD Video Downloader 4.7.2 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.2 - GreenTree Applications SRL)
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
     
    ==================== Restore Points  =========================
     
    09-10-2014 05:03:40 ##IDS_ERROR_1717##
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-14 04:04 - 2014-02-22 15:48 - 00000221 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    127.0.0.1 anchorfree.net
    127.0.0.1 rss2search.com
    127.0.0.1 techbrowsing.com
    127.0.0.1 box.anchorfree.net
    127.0.0.1 www.mefeedia.com
    127.0.0.3 www.anchorfree.net
    127.0.0.2 www.mefeedia.com
     
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {00930A1C-91A8-43B1-B153-FA26661FDA09} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2014-10-07] (Informer Technologies, Inc.)
    Task: {0B8ED058-DDD9-401C-A60B-A1B73CF07462} - System32\Tasks\{F9E8B480-0130-4639-9251-234ADBB6749B} => c:\program files\safari\safari.exe [2012-04-25] (Apple Inc.)
    Task: {0E74DBB0-681B-49F9-9DAC-4D0D1496201E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-357385200-1680055637-319585916-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
    Task: {10A9A994-0741-4F7A-9404-9AC5ADE96173} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
    Task: {25A72911-7AF1-44AA-B80C-63F445B031E6} - System32\Tasks\ZenSearch\Updater\ZenSearch updater => C:\Program Files\ZenSearch Updater\updater.exe
    Task: {284A8D45-78DD-43B9-87F5-F5B0ED01A7C9} - \5FOFD9B73D6C-2CRMOI6 No Task File <==== ATTENTION
    Task: {32A487DC-4C14-468E-802E-037EDDB070F1} - \ProgramUpdateCheck No Task File <==== ATTENTION
    Task: {35579CCB-C347-4DCD-8AFE-DD0E277EFD32} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
    Task: {38DBE74C-FED8-4588-811E-385F67374930} - System32\Tasks\WinZipDriverUpdaterRunAtStartup => C:\Program Files\WinZip Driver Updater\winzipdu.exe [2013-07-11] (WinZip Computing, S.L. (WinZip Computing))
    Task: {45B0FCE3-50C4-487D-B015-E586311BBA15} - System32\Tasks\{1B59953F-7F05-433D-AFE5-9C8CB4FACE76} => C:\Users\MAGMAM\Desktop\CCNA\ccna exploration\Material-explorations\Exploration4_English.exe
    Task: {6BFAF740-2428-4AF2-830C-B0569BC7F13F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {788F288F-664F-4872-9812-68D402BC3B82} - System32\Tasks\Volaro Update => C:\Program Files\Volaro\Updater\Updater.exe <==== ATTENTION
    Task: {792A63FB-28F6-47A8-804A-8828571140ED} - System32\Tasks\Final Media Player Update Checker => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe [2013-03-25] (Bitberry Software)
    Task: {8538B6E7-2673-4977-8124-60D53A3B9BCB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-02] (Google Inc.)
    Task: {864A9D0D-800D-4EAC-ABFD-5E1D34312040} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
    Task: {8B943A65-3E35-42BD-95CD-406FA6FBD9F1} - System32\Tasks\DTReg => C:\Users\MAGMAM\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION
    Task: {A22380EA-AB8E-437D-84D3-E2DE195F58F7} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-357385200-1680055637-319585916-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
    Task: {B15518A1-E7D9-4DD6-9BA2-C80302E2BC3E} - \4CEFD9B73D6C-1CRMOI2 No Task File <==== ATTENTION
    Task: {B3FB2531-2C7E-4B89-95F8-B293B9C81367} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe [2014-03-31] (AVG)
    Task: {B55C7C44-D769-43FA-9FFB-84734DCE8A77} - System32\Tasks\{6CEB5F5B-1868-4D0B-B451-04E6C7328601} => C:\Users\MAGMAM\Desktop\CCNA\ccna exploration\Material-explorations\Exploration4_English.exe
    Task: {B7D59E5D-2092-45BD-8DB9-09BA073D8F59} - \ProgramRefresh-ATFST No Task File <==== ATTENTION
    Task: {BA11A3C7-01AF-44DF-A43E-1FC2614D7BE5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
    Task: {BB81308C-E3B0-4B5F-BB16-C1D9C2DA032E} - System32\Tasks\Real Player online update program => C:\Program Files\Real\RealPlayer\update\realsched.exe [2014-09-17] (RealNetworks, Inc.)
    Task: {BF044A32-0885-43EE-9674-A490CE31CC51} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-357385200-1680055637-319585916-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2014-07-30] (RealNetworks, Inc.)
    Task: {C1906E5B-EAA2-445D-A32C-AFE24DCCA3D8} - System32\Tasks\WinZipDriverUpdater_UPDATES => C:\Program Files\WinZip Driver Updater\winzipdu.exe [2013-07-11] (WinZip Computing, S.L. (WinZip Computing))
    Task: {C5F21D01-C598-4720-A0F7-EC3140A1497C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-357385200-1680055637-319585916-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
    Task: {C6BD5F12-6F14-444B-B3E8-DE8EC07CC652} - System32\Tasks\Baidu PC Faster Update => $szInstallingDir\Updater.exe
    Task: {D48E5441-8209-481C-AFCB-D2825C0BBEBF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-02] (Google Inc.)
    Task: {FE5B67A9-DAC3-4E5B-B12E-4D57B4192CC2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-357385200-1680055637-319585916-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
    Task: {FF5F4481-109E-4901-8868-C16BBE2E9B04} - System32\Tasks\Games\UpdateCheck_S-1-5-21-357385200-1680055637-319585916-1000
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\Final Media Player Update Checker.job => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\WinZipDriverUpdater_UPDATES.job => C:\Program Files\WinZip Driver Updater\winzipdu.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2014-05-17 02:11 - 2014-05-17 02:11 - 00908584 _____ () C:\Program Files\Hotspot Shield\bin\af_proxy.dll
    2014-05-17 02:37 - 2014-05-17 02:37 - 00506664 _____ () C:\Program Files\Hotspot Shield\bin\HssRep.dll
    2014-05-17 00:34 - 2014-05-17 00:34 - 00430344 _____ () C:\Program Files\Hotspot Shield\bin\hsswd.exe
    2010-01-09 19:18 - 2010-01-09 19:18 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-01-21 00:34 - 2010-01-21 00:34 - 08793952 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
    2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
    2014-06-13 12:43 - 2006-09-21 13:59 - 00389120 _____ () C:\Windows\system32\actskn43.ocx
    2013-09-18 00:54 - 2013-09-18 00:54 - 00230240 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
    2014-07-30 01:17 - 2014-07-30 01:17 - 00039568 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    2014-07-10 09:04 - 2014-09-17 20:11 - 00864856 _____ () c:\program files\real\realplayer\RPDS\Plugins\cldplin.dll
    2014-03-31 13:21 - 2014-03-31 13:21 - 00568120 _____ () C:\Program Files\AVG\AVG PC TuneUp\avgreplibx.dll
    2012-12-14 02:02 - 2012-12-14 02:02 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
    2011-07-17 06:56 - 2011-07-17 06:56 - 01038848 _____ () C:\Program Files\WebcamMax\wcmmon.exe
    2014-09-14 01:50 - 2014-02-21 00:11 - 38713856 _____ () C:\Program Files\Paltalk Messenger\libcef.dll
    2014-08-13 18:25 - 2014-08-13 18:25 - 00042064 _____ () C:\Program Files\Paltalk Messenger\ctrlkey.dll
    2014-09-14 01:50 - 2014-06-24 17:58 - 02219520 _____ () C:\Program Files\Paltalk Messenger\Images.dll
    2014-10-01 22:52 - 2014-10-01 07:54 - 01042760 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.101\libglesv2.dll
    2014-10-01 22:52 - 2014-10-01 07:54 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.101\libegl.dll
    2014-10-01 22:52 - 2014-10-01 07:54 - 08911176 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.101\pdf.dll
    2014-10-01 22:52 - 2014-10-01 07:54 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.101\ffmpegsumo.dll
    2014-10-01 22:52 - 2014-10-01 07:54 - 14891848 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.101\PepperFlash\pepflashplayer.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
    AlternateDataStreams: C:\ProgramData\TEMP:07F6D9E4
    AlternateDataStreams: C:\ProgramData\TEMP:6FE816BE
    AlternateDataStreams: C:\ProgramData\TEMP:CB9FA647
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
     
    ========================= Accounts: ==========================
     
    123321 (S-1-5-21-357385200-1680055637-319585916-1001 - Administrator - Enabled) => C:\Users\123321
    Administrator (S-1-5-21-357385200-1680055637-319585916-500 - Administrator - Disabled)
    Guest (S-1-5-21-357385200-1680055637-319585916-501 - Limited - Disabled)
    MAGMAM (S-1-5-21-357385200-1680055637-319585916-1000 - Administrator - Enabled) => C:\Users\MAGMAM
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Generic Bluetooth Adapter
    Description: Generic Bluetooth Adapter
    Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
    Manufacturer: GenericAdapter
    Service: BTHUSB
    Problem: : Windows has stopped this device because it has reported problems. (Code 43)
    Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 
     
    Name: HP Integrated Bluetooth module
    Description: HP Integrated Bluetooth module
    Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
    Manufacturer: HP
    Service: BTHUSB
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (10/09/2014 07:20:16 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: aswMBR.exe, version: 1.0.1.2041, time stamp: 0x539e8df7
    Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
    Exception code: 0xc0000005
    Fault offset: 0x00052d37
    Faulting process id: 0x1c40
    Faulting application start time: 0xaswMBR.exe0
    Faulting application path: aswMBR.exe1
    Faulting module path: aswMBR.exe2
    Report Id: aswMBR.exe3
     
    Error: (10/09/2014 06:58:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (10/09/2014 06:57:37 AM) (Source: VmbService) (EventID: 0) (User: )
    Description: conflictManagerTypeValue
     
    Error: (10/09/2014 06:56:11 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: winzipdu.exe, version: 1.0.648.15384, time stamp: 0x51deacec
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x00000000
    Faulting process id: 0xd40
    Faulting application start time: 0xwinzipdu.exe0
    Faulting application path: winzipdu.exe1
    Faulting module path: winzipdu.exe2
    Report Id: winzipdu.exe3
     
    Error: (10/09/2014 06:55:27 AM) (Source: Winlogon) (EventID: 4103) (User: )
    Description: Windows license activation failed. Error 0x80070005.
     
    Error: (10/09/2014 05:58:46 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: eu4.exe, version: 1.0.0.0, time stamp: 0x5386f553
    Faulting module name: eu4.exe, version: 1.0.0.0, time stamp: 0x5386f553
    Exception code: 0xc0000005
    Fault offset: 0x00415636
    Faulting process id: 0x36e8
    Faulting application start time: 0xeu4.exe0
    Faulting application path: eu4.exe1
    Faulting module path: eu4.exe2
    Report Id: eu4.exe3
     
    Error: (10/09/2014 00:43:25 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
    Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (10/09/2014 00:00:21 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
    Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (10/08/2014 11:54:17 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: eu4.exe, version: 1.0.0.0, time stamp: 0x5386f553
    Faulting module name: eu4.exe, version: 1.0.0.0, time stamp: 0x5386f553
    Exception code: 0xc0000005
    Fault offset: 0x00415636
    Faulting process id: 0x2578
    Faulting application start time: 0xeu4.exe0
    Faulting application path: eu4.exe1
    Faulting module path: eu4.exe2
    Report Id: eu4.exe3
     
    Error: (10/08/2014 09:59:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 7161195
     
     
    System errors:
    =============
    Error: (10/09/2014 07:00:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Intel® Rapid Storage Technology service failed to start due to the following error: 
    %%1053
     
    Error: (10/09/2014 07:00:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® Rapid Storage Technology service to connect.
     
    Error: (10/09/2014 06:56:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the RealPlayer Update Service service to connect.
     
    Error: (10/09/2014 06:56:28 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
     
    Error: (10/09/2014 06:54:36 AM) (Source: BTHUSB) (EventID: 17) (User: )
    Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
     
    Error: (10/09/2014 06:55:05 AM) (Source: BugCheck) (EventID: 1001) (User: )
    Description: 0x0000000a (0x7ff7e124, 0x000000ff, 0x00000000, 0x82e36b99)C:\Windows\MEMORY.DMP100914-56253-01
     
    Error: (10/09/2014 06:55:03 AM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 06:53:14 ص on 10/079/2014 was unexpected.
     
    Error: (10/08/2014 10:00:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Arp Intelligent Protection Service service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (10/08/2014 05:59:03 PM) (Source: DCOM) (EventID: 10001) (User: )
    Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
     
    Error: (10/08/2014 02:20:46 PM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
     
     
    Microsoft Office Sessions:
    =========================
    Error: (10/09/2014 07:20:16 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: aswMBR.exe1.0.1.2041539e8df7ntdll.dll6.1.7601.18247521ea91cc000000500052d371c4001cfe37ec94b99e6C:\Users\MAGMAM\Desktop\aswMBR.exeC:\Windows\SYSTEM32\ntdll.dllf37b9e67-4f73-11e4-9e44-6431509e6a3f
     
    Error: (10/09/2014 06:58:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (10/09/2014 06:57:37 AM) (Source: VmbService) (EventID: 0) (User: )
    Description: conflictManagerTypeValue
     
    Error: (10/09/2014 06:56:11 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: winzipdu.exe1.0.648.1538451deacecunknown0.0.0.000000000c000000500000000d4001cfe37d45bdb47cC:\Program Files\WinZip Driver Updater\winzipdu.exeunknown965b8626-4f70-11e4-9e44-6431509e6a3f
     
    Error: (10/09/2014 06:55:27 AM) (Source: Winlogon) (EventID: 4103) (User: )
    Description: 0x800700050x00000000
     
    Error: (10/09/2014 05:58:46 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: eu4.exe1.0.0.05386f553eu4.exe1.0.0.05386f553c00000050041563636e801cfe37071f9d929C:\Program Files\Europa Universalis IV Wealth of Nations\eu4.exeC:\Program Files\Europa Universalis IV Wealth of Nations\eu4.exe90b7a171-4f68-11e4-9d34-6431509e6a3f
     
    Error: (10/09/2014 00:43:25 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Users\MAGMAM\Desktop\GMT.KZ_FIFA_15_Ultimate_Team_Edition\FIFA 15 Ultimate Team Edition\fifa15.exe
     
    Error: (10/09/2014 00:00:21 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Users\MAGMAM\Desktop\GMT.KZ_FIFA_15_Ultimate_Team_Edition\FIFA 15 Ultimate Team Edition\fifa15.exe
     
    Error: (10/08/2014 11:54:17 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: eu4.exe1.0.0.05386f553eu4.exe1.0.0.05386f553c000000500415636257801cfe2d6571ae8e5C:\Program Files\Europa Universalis IV Wealth of Nations\eu4.exeC:\Program Files\Europa Universalis IV Wealth of Nations\eu4.exea5c6771e-4f35-11e4-9d34-6431509e6a3f
     
    Error: (10/08/2014 09:59:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 7161195
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™ i3-2310M CPU @ 2.10GHz
    Percentage of memory in use: 89%
    Total physical RAM: 3014.37 MB
    Available physical RAM: 323.61 MB
    Total Pagefile: 6027.02 MB
    Available Pagefile: 2562.39 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1887.28 MB
     
    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:275.89 GB) (Free:14.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (HP_RECOVERY) (Fixed) (Total:16.9 GB) (Free:0.1 GB) NTFS
    Drive e: (HP_TOOLS) (Fixed) (Total:5 GB) (Free:0.18 GB) NTFS
    Drive g: (Europa Universal) (CDROM) (Total:1.33 GB) (Free:0 GB) CDFS
    Drive i: (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive j: (TW_ROME_II) (CDROM) (Total:9.47 GB) (Free:0 GB) CDFS
    Drive k: (GTA IV Disc 1) (CDROM) (Total:7.03 GB) (Free:0 GB) UDF
    Drive l: (GTA IV Disc 2) (CDROM) (Total:6.81 GB) (Free:0 GB) UDF
    Drive m: (20130605_1740) (CDROM) (Total:5.66 GB) (Free:0 GB) CDFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 4166D6A8)
    Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=275.9 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=16.9 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=5 GB) - (Type=07 NTFS)
     
    ==================== End Of Log ==========================


    #4 ComputerEngineer

    ComputerEngineer

      Authentic Member

    • Authentic Member
    • PipPip
    • 35 posts

    Posted 09 October 2014 - 12:15 AM

    I might be posting 2 posts instead of one from now on, cuz it's really difficult for me to type on my laptop for now. Just wanted to say that I will uninstall my torrent but I'm downloading a big file right now and I already exceeded 80% of it, so, I'll uninstall it right after the file is Downloaded. Also, I don't know why your first program got problems with my laptop, the first time I used it, after scanning for some time, it turned my screen blue then restarted my laptop. The second time I tried it, it kept scanning for a longer time, then suddenly the avast was closed, and therefore, program closed, do I need to close my Antivirus before using that program ?!.

    Edited by ComputerEngineer, 09 October 2014 - 12:27 AM.


    #5 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 09 October 2014 - 04:05 AM

    Morning

     

    Sometimes running aswMBR will bluescreen, could be your Anti Virus, I am looking at AVG Running

    http://www.bleepingc...lware-programs/

     

     

    I see a lot of junk installed as far as bogus toolbars and search engines

     

    Did you set this proxy ?

    ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #6 ComputerEngineer

    ComputerEngineer

      Authentic Member

    • Authentic Member
    • PipPip
    • 35 posts

    Posted 09 October 2014 - 05:09 PM

    Good Afternoon,

    I disabled both AVG and my anti-malware and tried twice and Avast still aborted..

    No, I never did, and I don't usually use proxy.

    #7 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 09 October 2014 - 05:59 PM

    Thats fine, we can worry about running aswMBR a bit later, lets clean you up, run this in order listed please

     

     

    Download MiniToolBox and save it to your desktop,  right click on it and select RUN AS ADMINISTRATOR
     
    Checkmark the following boxes:
    •  
    • Flush DNS 
    • Reset IE Proxy Settings 
     
     
    Click Go and post the result (Result.txt) that pops up. A copy of result.txt will be saved in the same directory the tool is run.
     
     
     
     
    ======================================================================
     
     
     

     
    -AdwCleaner-by Xplode
     
    Click on this link to download : ADWCleaner
    Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.
     
    Do not click on any links in the top Advertisment.
     
    •  
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Scan.
    • After the scan is complete click on "Clean"
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
     
     
     
    ===============================================================================
     
     
    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    •  
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
     
     
     
    ===============================================================================
     
    Download Malwarebytes' Anti-Malware  to your desktop. 
     
    •  
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
     
     
    MBAMDashboard_zpsddef9b5f.gif
     
    •  
    • On the Dashboard click on Update Now
    • Go to the Setting Tab
    • Under Setting go to Detection and Protection
    • Under PUP and PUM make sure both are set to show Treat Detections as Malware
    • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
    • Then on the Dashboard click on Scan
    • Make sure to select THREAT SCAN
    • Then click on Scan
    • When the scan is finished and the log pops up...select Copy to Clipboard
    • Please paste the log back into this thread for review
    • Exit Malwarebytes
     
     

     



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #8 ComputerEngineer

    ComputerEngineer

      Authentic Member

    • Authentic Member
    • PipPip
    • 35 posts

    Posted 09 October 2014 - 08:20 PM

    MiniToolBox by Farbar  Version: 21-07-2014
    Ran by MAGMAM (administrator) on 10-10-2014 at 02:51:47
    Running from "C:\Users\MAGMAM\Desktop"
    Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
    Boot Mode: Normal
    ***************************************************************************
     
    ========================= Flush DNS: ===================================
     
    Windows IP Configuration
     
    Successfully flushed the DNS Resolver Cache.
     
    "Reset IE Proxy Settings": IE Proxy Settings were reset.
     
    **** End of log ****
     
     
    # AdwCleaner v3.017 - Report created 10/10/2014 at 03:00:35
    # Updated 12/01/2014 by Xplode
    # Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
    # Username : MAGMAM - MAGMAM-PC
    # Running from : C:\Users\MAGMAM\Desktop\Games and progs\AdwCleaner.exe
    # Option : Clean
     
    ***** [ Services ] *****
     
    Service Deleted : hshld
    [#] Service Deleted : hsstrayservice
    Service Deleted : hsswd
     
    ***** [ Files / Folders ] *****
     
    Folder Deleted : C:\ProgramData\apn
    Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
    Folder Deleted : C:\ProgramData\AVG Security Toolbar
    Folder Deleted : C:\ProgramData\hotspot shield
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
    Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
    Folder Deleted : C:\Program Files\GreenTree Applications
    Folder Deleted : C:\Program Files\hotspot shield
    Folder Deleted : C:\Program Files\MyPC Backup
    Folder Deleted : C:\Program Files\SimilarSites
    Folder Deleted : C:\Program Files\TornTV.com
    Folder Deleted : C:\Windows\system32\hotspot shield
    Folder Deleted : C:\Users\MAGMAM\AppData\Local\filetypeassistant
    Folder Deleted : C:\Users\MAGMAM\AppData\Local\genienext
    Folder Deleted : C:\Users\MAGMAM\AppData\Local\Mobogenie
    Folder Deleted : C:\Users\MAGMAM\AppData\Local\SwvUpdater
    Folder Deleted : C:\Users\MAGMAM\AppData\Local\vghd
    Folder Deleted : C:\Users\MAGMAM\AppData\Local\Temp\apn
    Folder Deleted : C:\Users\MAGMAM\AppData\Local\Temp\hotspot shield
    Folder Deleted : C:\Users\MAGMAM\AppData\Local\Temp\CT1561552
    Folder Deleted : C:\Users\MAGMAM\AppData\LocalLow\Mysearchdial
    Folder Deleted : C:\Users\MAGMAM\AppData\Roaming\DefaultTab
    Folder Deleted : C:\Users\MAGMAM\AppData\Roaming\hotspot shield
    Folder Deleted : C:\Users\MAGMAM\AppData\Roaming\thinstall
    Folder Deleted : C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
    Folder Deleted : C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
    Folder Deleted : C:\Users\MAGMAM\Documents\Mobogenie
    Folder Deleted : C:\Users\123321\AppData\Local\Temp\apn
    Folder Deleted : C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\CT1561552
    Folder Deleted : C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
    Folder Deleted : C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    File Deleted : C:\END
    File Deleted : C:\Users\MAGMAM\Desktop\TornTV.lnk
    File Deleted : C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\invalidprefs.js
    File Deleted : C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\user.js
     
    ***** [ Shortcuts ] *****
     
     
    ***** [ Registry ] *****
     
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
    Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Key Deleted : HKCU\Software\1ClickDownload
    Key Deleted : HKCU\Software\anchorfree
    Key Deleted : HKCU\Software\FLEXnet
    Key Deleted : HKCU\Software\InstallCore
    Key Deleted : HKCU\Software\SoftonicToolbar
    Key Deleted : HKCU\Software\UpdateStar
    Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
    Key Deleted : HKLM\Software\Default Tab
    Key Deleted : HKLM\Software\DefaultTab
    Key Deleted : HKLM\Software\hotspotshield
    Key Deleted : HKLM\Software\InstallCore
    Key Deleted : HKLM\Software\mysearchdial
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
     
    ***** [ Browsers ] *****
     
    -\\ Internet Explorer v11.0.9600.17280
     
     
    -\\ Mozilla Firefox v27.0.1 (en-US)
     
    [ File : C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\prefs.js ]
     
    Line Deleted : user_pref("CT1561552.FF19Solved", "true");
    Line Deleted : user_pref("CT1561552.UserID", "UN72445566723117303");
    Line Deleted : user_pref("CT1561552.dum", "2");
    Line Deleted : user_pref("CT1561552.fullUserID", "UN72445566723117303.IN.20141006024806");
    Line Deleted : user_pref("CT1561552.installDate", "06/10/2014 02:48:16");
    Line Deleted : user_pref("CT1561552.installSessionId", "-1");
    Line Deleted : user_pref("CT1561552.installSp", "FALSE");
    Line Deleted : user_pref("CT1561552.installerVersion", "1.11.0.11");
    Line Deleted : user_pref("CT1561552.searchRevert", "false");
    Line Deleted : user_pref("CT1561552.searchUninstallUserMode", "4");
    Line Deleted : user_pref("CT1561552.searchUserMode", "4");
    Line Deleted : user_pref("CT1561552.toolbarInstallDate", "06-10-2014 02:48:09");
    Line Deleted : user_pref("CT1561552.versionFromInstaller", "10.34.0.3");
    Line Deleted : user_pref("CT1561552.xpeMode", "1");
    Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
    Line Deleted : user_pref("browser.search.order.1", "Mysearchdial");
    Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
    Line Deleted : user_pref("extensions.Softonic.cntry", "BH");
    Line Deleted : user_pref("extensions.Softonic.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,182856413[...]
    Line Deleted : user_pref("extensions.Softonic.hdrMd5", "");
    Line Deleted : user_pref("extensions.Softonic.lastB", "hxxp://mysearch.avg.com?cid={D9444AAD-89CD-4199-B024-73EC10916BD1}&mid=6bce5ce22d7947d39831b9ea824161c4-df9ce6dce916111b504e34f7134076bab6351bc4&lang=en&ds=AVG&[...]
    Line Deleted : user_pref("extensions.Softonic.lastVrsnTs", "");
    Line Deleted : user_pref("extensions.Softonic.pnu_base", "{\"newVrsn\":\"231\",\"lastVrsn\":\"231\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
    Line Deleted : user_pref("extensions.Softonic.sg", "{smplGrp}");
    Line Deleted : user_pref("extensions.enabledAddons", "ffxtlbra%40softonic.com:1.6.0,%7B285ACFBB-8E53-4feb-90E6-F02A128927F3%7D:1.2.6,%7Bf9d03c26-0575-497e-821d-f7956d23e0ca%7D:3.2,%7B972ce4c6-7e08-4474-a285-3208198c[...]
     
    -\\ Google Chrome v39.0.2171.13
     
    [ File : C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\preferences ]
     
     
    [ File : C:\Users\123321\AppData\Local\Google\Chrome\User Data\Default\preferences ]
     
     
    *************************
     
    AdwCleaner[R0].txt - [30928 octets] - [22/01/2014 07:41:31]
    AdwCleaner[R1].txt - [8901 octets] - [10/10/2014 02:58:56]
    AdwCleaner[S0].txt - [24217 octets] - [22/01/2014 07:47:16]
    AdwCleaner[S1].txt - [9100 octets] - [10/10/2014 03:00:35]
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [9160 octets] ##########
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.3.2 (10.09.2014:1)
    OS: Windows 7 Ultimate x86
    Ran by MAGMAM on Fri 10/10/2014 at  3:17:51.00
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
    ~~~ Services
     
     
     
    ~~~ Registry Values
     
    Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\software informer
     
     
     
    ~~~ Registry Keys
     
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update rightsurf
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util rightsurf
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateRightSurf_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateRightSurf_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilRightSurf_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilRightSurf_RASMANCS
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7BF28D31-16C0-443C-8DF8-B8A6ABDBD87D}
     
     
     
    ~~~ Files
     
    Successfully deleted: [File] C:\Windows\System32\Tasks\YourFile DownloaderUpdate
    Successfully deleted: [File] "C:\Users\MAGMAM\appdata\local\google\chrome\user data\default\local storage\http_search.softonic.com_0.localstorage"
    Successfully deleted: [File] "C:\Users\MAGMAM\appdata\local\google\chrome\user data\default\local storage\http_search.softonic.com_0.localstorage-journal"
     
     
     
    ~~~ Folders
     
    Successfully deleted: [Folder] "C:\ProgramData\hotspot shield"
    Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
    Successfully deleted: [Folder] "C:\Users\MAGMAM\AppData\Roaming\software informer"
    Successfully deleted: [Folder] "C:\Users\MAGMAM\appdata\locallow\sitefinder"
    Successfully deleted: [Folder] "C:\Program Files\software informer"
    Successfully deleted: [Folder] "C:\Program Files\wisen wizard"
    Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
     
     
     
    ~~~ Chrome
     
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
    Successfully deleted: [Folder] C:\Users\MAGMAM\appdata\local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
     
     
     
    ~~~ Event Viewer Logs were cleared
     
     
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Fri 10/10/2014 at  3:24:06.70
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
    Malwarebytes Anti-Malware
    www.malwarebytes.org
     
    Scan Date: 10/10/2014
    Scan Time: 03:33:46 am
    Logfile: 
    Administrator: Yes
     
    Version: 2.00.2.1012
    Malware Database: v2014.10.10.01
    Rootkit Database: v2014.10.08.01
    License: Premium
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled
     
    OS: Windows 7 Service Pack 1
    CPU: x86
    File System: NTFS
    User: MAGMAM
     
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 350417
    Time Elapsed: 35 min, 8 sec
     
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled
     
    Processes: 0
    (No malicious items detected)
     
    Modules: 0
    (No malicious items detected)
     
    Registry Keys: 15
    PUP.Optional.Alnaddy.A, HKU\S-1-5-21-357385200-1680055637-319585916-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}, Quarantined, [13f60310d8a4bc7ad3fd1abbf1114ab6], 
    PUP.Optional.Alnaddy.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}, Quarantined, [13f60310d8a4bc7ad3fd1abbf1114ab6], 
    PUP.Optional.Vonteera.A, HKU\S-1-5-21-357385200-1680055637-319585916-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{437B9306-2FDE-4054-A3C9-6B49507C12D0}, Quarantined, [be4b2ce71963df577f20597cec16a15f], 
    PUP.Optional.StartPage.A, HKU\S-1-5-21-357385200-1680055637-319585916-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{598AC71E-BE58-3981-B78A-5C138F423AD6}, Quarantined, [7a8f0d0616663afc613d95402ed49a66], 
    PUP.Optional.StartPage.A, HKU\S-1-5-21-357385200-1680055637-319585916-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{598AC71E-BE58-3981-B78A-5C138F423AD6}, Quarantined, [7a8f0d0616663afc613d95402ed49a66], 
    PUP.Optional.StartPage.A, HKU\S-1-5-21-357385200-1680055637-319585916-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{598AC71E-BE58-3981-B78A-5C138F423AD6}, Quarantined, [7a8f0d0616663afc613d95402ed49a66], 
    PUP.Optional.Volaro.A, HKLM\SOFTWARE\Volaro Updater, Quarantined, [e722080ba3d9d2647836aad364a05da3], 
    PUP.Optional.Vonteera.A, HKLM\SOFTWARE\Vonteera, Quarantined, [25e4ae65c1bb7cba08a391ec2cd853ad], 
    PUP.Optional.Vonteera.A, HKLM\SOFTWARE\CLASSES\APPID\Vonteera.DLL, Quarantined, [7b8e64af9fddb77fd7a852c8a36028d8], 
    PUP.Optional.DiVapton.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\cmfpfjjciophcbhnhnpbadhmdmfgceic, Quarantined, [b950957e95e721151ff4d84f4bb854ac], 
    PUP.Optional.NoVooIT.A, HKU\S-1-5-21-357385200-1680055637-319585916-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\NoVooIT, Quarantined, [907968ab8bf11a1cb0ca75a515ee32ce], 
    PUP.Optional.Volaro.A, HKU\S-1-5-21-357385200-1680055637-319585916-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Volaro, Quarantined, [f0197b98403c9f97ddd2a8d50202d927], 
    PUP.Optional.Vonteera.A, HKU\S-1-5-21-357385200-1680055637-319585916-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Vonteera, Quarantined, [b8519a79a1db2115802c7d00f2121de3], 
    PUP.Optional.Vonteera.A, HKU\S-1-5-21-357385200-1680055637-319585916-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Vonteera Safe ads, Quarantined, [3acfa86b324a6acc0f6f63b7d132867a], 
    PUP.Optional.SuperFish.A, HKU\S-1-5-21-357385200-1680055637-319585916-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Quarantined, [16f345ce7dffa88ec5f23de814efb34d], 
     
    Registry Values: 0
    (No malicious items detected)
     
    Registry Data: 0
    (No malicious items detected)
     
    Folders: 4
    PUP.Optional.SqueakyChocolate.A, C:\Program Files\SqueakyChocolate, Quarantined, [7693868d205cb383a9f3c7409172b947], 
    PUP.Optional.ARHome.A, C:\Users\MAGMAM\AppData\Roaming\ARHome, Quarantined, [48c1c251abd1d75f864b91769a696799], 
    PUP.Optional.FileTypeAssistant, C:\Program Files\File Type Assistant, Quarantined, [3acf8e85dd9f8fa79966c2473ac960a0], 
    PUP.Optional.FileTypeAssistant, C:\Program Files\File Type Assistant\temp, Quarantined, [3acf8e85dd9f8fa79966c2473ac960a0], 
     
    Files: 12
    PUP.Optional.Amonetize.A, C:\$RECYCLE.BIN\S-1-5-21-357385200-1680055637-319585916-1000\$RKXKJGD.exe, Quarantined, [4fba20f32f4d6bcb86093efe7e82bc44], 
    PUP.Optional.Ext, C:\Users\MAGMAM\AppData\Roaming\ext.crx, Quarantined, [0efb9281512b0c2a52e5d14971922cd4], 
    PUP.Optional.SmileysWeLove.A, C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi, Quarantined, [8089b063a8d4c96da3c962c64eb52bd5], 
    PUP.Optional.Softonic.A, C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\ffxtlbra@softonic.com.xpi, Quarantined, [21e8ba596616b185fdb03d3f0202cb35], 
    PUP.Optional.Vonteera.A, C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jfhbklndhffnahdploecdffbedhgjnce_0.localstorage, Quarantined, [31d838db007cbe78e5cba8d5df2526da], 
    PUP.Optional.Conduit.A, C:\Users\MAGMAM\AppData\Local\Temp\conduitinstaller.exe, Quarantined, [18f151c22c50231378e15a25d13328d8], 
    PUP.Optional.ARHome.A, C:\Users\MAGMAM\AppData\Roaming\ARHome\uninstall.exe, Quarantined, [48c1c251abd1d75f864b91769a696799], 
    PUP.Optional.FileTypeAssistant, C:\Program Files\File Type Assistant\tsassist.id, Quarantined, [3acf8e85dd9f8fa79966c2473ac960a0], 
    PUP.Optional.FileTypeAssistant, C:\Program Files\File Type Assistant\tsassist.pci, Quarantined, [3acf8e85dd9f8fa79966c2473ac960a0], 
    PUP.Optional.FileTypeAssistant, C:\Program Files\File Type Assistant\unins000.dat, Quarantined, [3acf8e85dd9f8fa79966c2473ac960a0], 
    PUP.Optional.FileTypeAssistant, C:\Program Files\File Type Assistant\unins000.msg, Quarantined, [3acf8e85dd9f8fa79966c2473ac960a0], 
    PUP.Optional.ArabyOnline.A, C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://www.arabyonline.com/?src=117");), Replaced,[6e9b93800775d660629be26cdf267c84]
     
    Physical Sectors: 0
    (No malicious items detected)
     
     
    (end)


    #9 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 10 October 2014 - 12:50 AM

    Good, lots of junk removed.  Go ahead and run a new scan with FRST, be sure to checkmark Additions and post both new logs please and lets see if there is anything else to remove



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #10 ComputerEngineer

    ComputerEngineer

      Authentic Member

    • Authentic Member
    • PipPip
    • 35 posts

    Posted 10 October 2014 - 01:47 PM

    .Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-10-2014 01

    Ran by MAGMAM (administrator) on MAGMAM-PC on 10-10-2014 22:02:15
    Running from C:\Users\MAGMAM\Desktop
    Loaded Profile: MAGMAM (Available profiles: MAGMAM & 123321)
    Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
    (Microsoft Corporation) C:\Windows\System32\audiodg.exe
    (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgfws.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (Ginger Software) C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe
    (Hewlett-Packard Company) C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
    () C:\ProgramData\MobileBrServ\mbbService.exe
    (Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
    () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
    (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
    (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    (Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
    (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
    (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
    (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
    (Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
    (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
    () C:\Program Files\WebcamMax\wcmmon.exe
    (BitTorrent Inc.) C:\Users\MAGMAM\AppData\Roaming\uTorrent\uTorrent.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
    (Ginger Software) C:\Program Files\Ginger\GingerServices\GingerServices.exe
    (Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\taskmgr.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    (Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
    (Microsoft Corporation) C:\Windows\System32\osk.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
    HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-18] (Renesas Electronics Corporation)
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2444016 2013-10-30] (Synaptics Incorporated)
    HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
    HKLM\...\Run: [MobileBroadband] => C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [408576 2011-03-29] (Vodafone)
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
    HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [296520 2014-09-17] (RealNetworks, Inc.)
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [3125976 2013-09-23] (Disc Soft Ltd)
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Run: [WebcamMaxAutoRun] => C:\Program Files\WebcamMax\wcmmon.exe [1038848 2011-07-17] ()
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Run: [uTorrent] => C:\Users\MAGMAM\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-03] (BitTorrent Inc.)
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Run: [SpeedConnectStartUp] => C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe [618192 2010-04-21] (CBS Software)
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Run: [GoogleChromeAutoLaunch_6116CBA5655B8B1266EAB4041CDFAAA1] => C:\Program Files\Google\Chrome\Application\chrome.exe [856904 2014-10-07] (Google Inc.)
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
    HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [646144 2014-06-18] (Microsoft Corporation)
    HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [646144 2014-06-18] (Microsoft Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ginger.lnk
    ShortcutTarget: Ginger.lnk -> C:\Windows\Installer\{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}\GingerClientStartu_3C297780F1D34554B9F292E4DAC788DA.exe (Flexera Software LLC)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
    ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
    Startup: C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
    ShortcutTarget: PalTalk.lnk -> C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mefeedia.com/mena?v=3.42
    URLSearchHook: HKLM - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
    SearchScopes: HKLM - DefaultScope value is missing.
    SearchScopes: HKCU - 5055E17DDD094F28BDB7DB89B6D45BC5 URL = http://search.qvo6.c...X&ts=1376413680
    BHO: Ginger Grammar & Spell Checker -> {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} -> C:\Program Files\Ginger\GingerIEAddin\adxloader.dll No File
    BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 83.136.58.190 62.209.25.155
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default
    FF Keyword.URL: user_pref("keyword.URL", "");
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
    FF Plugin: @real.com/nppl3260;version=17.0.13.2 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.13 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
    FF Plugin: @real.com/nprpplugin;version=17.0.13.2 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: gingersoftware.com/gingerPlugin -> C:\Program Files\Ginger\GingerServices\GingerServicesProxy.dll (Ginger Software)
    FF SearchPlugin: C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\searchplugins\ZenSearch.xml
    FF Extension: WinToFlash Suggestor - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2012-05-25]
    FF Extension: BonanzaDeals - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi [2013-12-29]
    FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-09-17]
    FF HKLM\...\Firefox\Extensions: [chknq@jrkbwgoi.org] - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\extensions\chknq@jrkbwgoi.org
    FF HKLM\...\Firefox\Extensions: [adapter@gingersoftware.com] - C:\Program Files\Ginger\Mozilla\adapter@gingersoftware.com
    FF Extension: Ginger - C:\Program Files\Ginger\Mozilla\adapter@gingersoftware.com [2014-07-04]
    FF HKLM\...\Firefox\Extensions: [firefox@gingersoftware.2.0.0.74.com] - C:\Program Files\Ginger\Mozilla\firefox@gingersoftware.2.0.0.74.com
    FF Extension: Ginger - Grammar and Spell Checker - C:\Program Files\Ginger\Mozilla\firefox@gingersoftware.2.0.0.74.com [2014-05-18]
    FF HKLM\...\Firefox\Extensions: [{9D2AA73B-6049-4799-B8AC-925723370070}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF Extension: No Name - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\extensions\ffxtlbra@softonic.com.xpi [Not Found]
    FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
     
    Chrome: 
    =======
    CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\39.0.2171.13\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.13\ppGoogleNaClPluginChrome.dll No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\39.0.2171.13\pdf.dll ()
    CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
    CHR CustomProfile: C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Ask Search) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg [2014-09-17]
    CHR Extension: (Google Docs) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-02]
    CHR Extension: (Google Drive) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-02]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
    CHR Extension: (YouTube) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-02]
    CHR Extension: (Google Search) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-02]
    CHR Extension: (Skype Click to Call) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-11]
    CHR Extension: (AVG Secure Search) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-10-10]
    CHR Extension: (Google Wallet) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
    CHR Extension: (Gmail) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-02]
    CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
     
    ========================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S2 AIPS; C:\Program Files\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed]
    R2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1417160 2014-08-25] (AVG Technologies CZ, s.r.o.)
    R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
    R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
    S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2013-11-07] (Intel Corporation)
    R3 Disc Soft Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [654552 2013-09-23] (Disc Soft Ltd)
    R2 GingerUpdateService; C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe [280976 2014-09-09] (Ginger Software)
    R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-05-21] (Hewlett-Packard Company)
    R3 ICCS; C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
    R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
    R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [230240 2013-09-18] ()
    R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-07-26] (Nitro PDF Software)
    R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-30] ()
    S2 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-09-17] (RealNetworks, Inc.)
    R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-30] () [File not signed]
    R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1805624 2014-03-31] (AVG)
    R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [35640 2014-03-31] (AVG)
    R2 VmbService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [9216 2011-03-29] (Vodafone) [File not signed]
    S3 wxpSvc; C:\Program Files\webcamXP5\wService.exe [5221184 2013-11-17] (Moonware Studios)
    S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-02] (Wondershare)
    R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2957312 2012-06-20] (Qualcomm Atheros Communications, Inc.)
    R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
    R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [68352 2013-08-27] (Baidu, Inc.)
    R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [24704 2013-10-15] (Disc Soft Ltd)
    R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [39624 2014-05-17] (AnchorFree Inc.)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-10-10] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
    R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
    R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
    R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [62336 2010-12-11] (Renesas Electronics Corporation)
    R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [141440 2010-12-11] (Renesas Electronics Corporation)
    R0 phylock; C:\Windows\System32\drivers\phylock.sys [29232 2013-08-19] (TeraByte, Inc.)
    R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1826784 2012-11-28] ()
    S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-07-24] (AnchorFree Inc)
    R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2014-05-17] (Anchorfree Inc.)
    S3 TBIMount; C:\Windows\System32\drivers\tbimount.sys [414128 2013-12-27] (TeraByte, Inc.)
    R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2014-02-10] (TuneUp Software)
    R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows ® Win 7 DDK provider)
    R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [195968 2012-01-07] (Jungo)
    R2 XilinxPC4Driver; C:\Windows\System32\drivers\xpc4drvr.sys [16000 2012-01-07] (Xilinx, Inc.) [File not signed]
    S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
    S3 catchme; \??\C:\Users\MAGMAM\AppData\Local\Temp\catchme.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    U3 aswMBR; \??\C:\Users\MAGMAM\AppData\Local\Temp\aswMBR.sys [X]
    U3 aswVmm; \??\C:\Users\MAGMAM\AppData\Local\Temp\aswVmm.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-10-10 06:20 - 2014-10-10 06:20 - 00000427 _____ () C:\Users\MAGMAM\Desktop\aa.txt
    2014-10-10 03:24 - 2014-10-10 03:24 - 00002777 _____ () C:\Users\MAGMAM\Desktop\JRT.txt
    2014-10-10 03:15 - 2014-10-09 11:46 - 01705755 _____ (Thisisu) C:\Users\MAGMAM\Desktop\JRT_NEW.exe
    2014-10-10 02:51 - 2014-10-10 02:51 - 00000528 _____ () C:\Users\MAGMAM\Desktop\Result.txt
    2014-10-10 02:50 - 2014-10-10 02:50 - 00401920 _____ (Farbar) C:\Users\MAGMAM\Desktop\MiniToolBox.exe
    2014-10-09 07:34 - 2014-10-09 07:51 - 00043266 _____ () C:\Users\MAGMAM\Desktop\Addition.txt
    2014-10-09 07:32 - 2014-10-10 22:04 - 00024430 _____ () C:\Users\MAGMAM\Desktop\FRST.txt
    2014-10-09 07:24 - 2014-10-10 22:03 - 00000000 ____D () C:\FRST
    2014-10-09 06:55 - 2014-10-09 06:55 - 00186152 _____ () C:\Windows\Minidump\100914-56253-01.dmp
    2014-10-09 06:31 - 2014-10-09 06:31 - 01101312 _____ (Farbar) C:\Users\MAGMAM\Desktop\FRST.exe
    2014-10-09 06:27 - 2014-10-09 06:28 - 05185536 _____ (AVAST Software) C:\Users\MAGMAM\Desktop\aswMBR.exe
    2014-10-08 10:02 - 2014-10-08 10:02 - 00000000 ____D () C:\ProgramData\Avg_Update_0614i
    2014-10-08 05:03 - 2014-10-08 05:03 - 00026224 _____ () C:\Users\MAGMAM\Desktop\DDS.txt
    2014-10-08 04:39 - 2014-10-08 04:40 - 00147840 _____ () C:\Windows\Minidump\100814-32885-01.dmp
    2014-10-07 08:52 - 2014-10-07 08:52 - 00000000 ____D () C:\Users\123321\AppData\Local\Avg
    2014-10-06 04:34 - 2014-10-06 21:17 - 00000000 ____D () C:\Users\MAGMAM\Desktop\GMT.KZ_FIFA_15_Ultimate_Team_Edition
    2014-10-06 02:46 - 2014-10-06 02:46 - 00001078 _____ () C:\Users\Public\Desktop\Hotspot Shield.lnk
    2014-10-06 02:36 - 2014-05-17 04:33 - 00039624 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
    2014-10-06 02:09 - 2014-10-06 02:10 - 08052240 _____ () C:\Users\MAGMAM\Desktop\HSS-3.42-install-hss.exe
    2014-10-05 22:00 - 2014-10-05 22:00 - 00000000 ____D () C:\Users\123321\AppData\Roaming\Acapela Group
    2014-10-05 21:59 - 2014-10-05 21:59 - 00000000 ____D () C:\Users\123321\AppData\Roaming\Vodafone
    2014-10-05 21:59 - 2014-10-05 21:59 - 00000000 ____D () C:\Users\123321\AppData\Roaming\AVG2014
    2014-10-05 21:59 - 2014-10-05 21:59 - 00000000 ____D () C:\Users\123321\AppData\Local\VirtualStore
    2014-10-05 21:59 - 2014-10-05 21:59 - 00000000 ____D () C:\Users\123321\AppData\Local\Avg2014
    2014-10-05 20:00 - 2014-10-05 20:01 - 09083136 _____ () C:\Users\MAGMAM\Documents\DJ Sharaz - Shake It, Bake It, Booty Quake It _ Facebook.mp4
    2014-10-03 08:32 - 2014-10-03 08:32 - 00001021 _____ () C:\Users\Public\Desktop\ReMouse Micro.lnk
    2014-10-03 08:32 - 2014-10-03 08:32 - 00000000 ____D () C:\Users\MAGMAM\Documents\AutomaticSolution Software
    2014-10-03 08:32 - 2014-10-03 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReMouse Micro
    2014-10-03 08:32 - 2014-10-03 08:32 - 00000000 ____D () C:\Program Files\ReMouse Micro
    2014-10-03 08:28 - 2014-10-03 08:29 - 01006592 _____ (AutomaticSolution Software ) C:\Users\MAGMAM\Desktop\ReMouseMicro-Setup.exe
    2014-10-01 02:20 - 2014-10-01 02:22 - 09303162 _____ () C:\Users\MAGMAM\Documents\Benjo Tabora _ Facebook.mp4
    2014-09-30 21:28 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2014-09-24 04:47 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-09-23 06:18 - 2014-09-23 06:20 - 12443664 _____ () C:\Users\MAGMAM\Documents\Nova 106.9 _ Facebook.mp4
    2014-09-20 03:46 - 2014-09-30 23:40 - 00000000 ____D () C:\Users\MAGMAM\Documents\New folder
    2014-09-20 00:47 - 2014-09-20 00:47 - 00002509 _____ () C:\Users\Public\Desktop\Skype.lnk
    2014-09-20 00:47 - 2014-09-20 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2014-09-20 00:47 - 2014-09-20 00:47 - 00000000 ____D () C:\Program Files\Common Files\Skype
    2014-09-19 01:52 - 2014-09-19 01:52 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
    2014-09-19 01:52 - 2014-09-19 01:52 - 00001048 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
    2014-09-17 20:15 - 2014-09-17 20:15 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\RealNetworks
    2014-09-17 20:13 - 2014-09-17 20:13 - 00001012 _____ () C:\Users\Public\Desktop\RealPlayer Cloud.lnk
    2014-09-17 20:13 - 2014-09-17 20:13 - 00000000 ____D () C:\ProgramData\RealNetworks
    2014-09-17 20:13 - 2014-09-17 20:13 - 00000000 ____D () C:\Program Files\RealNetworks
    2014-09-17 20:12 - 2014-09-17 20:12 - 00000000 ____D () C:\Program Files\Common Files\xing shared
    2014-09-14 23:28 - 2014-09-14 23:28 - 00000000 ____D () C:\Users\MAGMAM\Documents\My Received Files
    2014-09-14 03:41 - 2014-09-14 03:44 - 00000748 _____ () C:\console.log
    2014-09-14 01:51 - 2014-09-14 01:51 - 00001941 _____ () C:\Users\MAGMAM\Desktop\Paltalk Messenger.lnk
    2014-09-14 01:51 - 2014-09-14 01:51 - 00001216 _____ () C:\Users\MAGMAM\Desktop\Upgrade to Paltalk Extreme.lnk
    2014-09-14 01:51 - 2014-09-14 01:51 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
    2014-09-14 01:50 - 2014-09-14 01:51 - 00000000 ____D () C:\Program Files\Paltalk Messenger
    2014-09-14 01:41 - 2014-09-14 01:42 - 01758592 _____ (AVM Software Inc.) C:\Users\MAGMAM\Desktop\pal_install_ar_r109860_a3000.exe
    2014-09-12 21:17 - 2014-09-12 21:17 - 00003072 _____ () C:\Users\MAGMAM\AppData\Roaming\chrome-extension.localstorage
    2014-09-12 21:17 - 2014-09-12 21:17 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\VolIE
    2014-09-12 21:16 - 2014-09-12 21:12 - 08651384 _____ (Bitberry Software ) C:\Users\MAGMAM\Downloads\FinalMediaPlayer2014U1Setup.exe
    2014-09-12 02:35 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-09-12 02:35 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-09-12 02:35 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-09-12 02:35 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-09-12 02:35 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-09-12 02:35 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-09-12 02:35 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-09-12 02:35 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-09-12 02:35 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-09-12 02:35 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-09-12 02:35 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-09-12 02:35 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-09-12 02:35 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-09-12 02:35 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-09-12 02:35 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-09-12 02:35 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-09-12 02:35 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-09-12 02:35 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-09-12 02:35 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-09-12 02:35 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-09-12 02:35 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-09-12 02:35 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-09-12 02:35 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-09-12 02:35 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-09-12 02:35 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-09-12 02:34 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-09-12 02:34 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-09-12 02:34 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-09-12 02:34 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-09-12 02:34 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-09-12 02:32 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-09-11 15:54 - 2014-09-11 15:54 - 00002292 _____ () C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Best VPN Soft Special Offer.lnk
    2014-09-11 15:54 - 2014-09-11 15:54 - 00002268 _____ () C:\Users\MAGMAM\Desktop\Best VPN Soft Special Offer.lnk
    2014-09-11 15:54 - 2014-09-11 15:54 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hotspot Shield v2.88 Elite Final Full
    2014-09-11 15:54 - 2014-09-11 15:54 - 00000000 ____D () C:\Program Files\S.P.D
    2014-09-11 04:04 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-09-11 04:04 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-09-11 04:01 - 2014-09-05 03:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-09-11 04:01 - 2014-09-05 03:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-09-11 04:01 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2014-09-11 04:01 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-10-10 22:05 - 2013-08-02 17:53 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\uTorrent
    2014-10-10 21:52 - 2014-05-19 09:09 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-10-10 21:44 - 2013-08-02 14:34 - 00000830 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-10-10 21:41 - 2014-05-19 22:53 - 00000000 ____D () C:\Users\MAGMAM\Desktop\others
    2014-10-10 21:33 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
    2014-10-10 21:27 - 2013-08-02 22:52 - 01245496 _____ () C:\Windows\WindowsUpdate.log
    2014-10-10 21:16 - 2013-08-07 17:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-10-10 21:13 - 2013-10-15 02:49 - 00000000 ____D () C:\Users\MAGMAM\AppData\Local\CrashDumps
    2014-10-10 21:08 - 2013-08-02 14:34 - 00000826 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-10-10 21:05 - 2013-08-02 14:06 - 00000000 ____D () C:\ProgramData\MFAData
    2014-10-10 20:55 - 2013-08-03 18:28 - 00000388 _____ () C:\Windows\Tasks\Final Media Player Update Checker.job
    2014-10-10 04:37 - 2013-09-23 15:41 - 00000000 ___RD () C:\Users\MAGMAM\Dropbox
    2014-10-10 04:37 - 2013-09-23 15:36 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Dropbox
    2014-10-10 04:36 - 2013-08-11 18:01 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Skype
    2014-10-10 04:30 - 2014-03-12 07:42 - 00317120 _____ () C:\Windows\PFRO.log
    2014-10-10 04:30 - 2014-02-23 01:00 - 00020713 _____ () C:\Windows\setupact.log
    2014-10-10 04:30 - 2013-08-02 13:45 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
    2014-10-10 04:30 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-10-10 03:01 - 2014-01-22 07:30 - 00000000 ____D () C:\AdwCleaner
    2014-10-10 02:58 - 2013-08-03 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vonteera
    2014-10-10 00:29 - 2013-08-02 14:44 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-10-09 07:23 - 2013-10-25 19:37 - 00000000 ____D () C:\Users\MAGMAM\Desktop\Games and progs
    2014-10-09 07:03 - 2014-06-13 12:43 - 00000000 ____D () C:\Program Files\netcut
    2014-10-09 06:55 - 2014-06-01 12:23 - 00000000 ____D () C:\Windows\Minidump
    2014-10-09 06:54 - 2013-08-03 11:03 - 00000000 ____D () C:\Windows\PCHEALTH
    2014-10-09 06:27 - 2014-02-19 23:19 - 00000000 ____D () C:\Users\MAGMAM\Desktop\arduino-1.0.5-linux32
    2014-10-08 19:03 - 2014-01-31 03:17 - 00000286 _____ () C:\Windows\Tasks\WinZipDriverUpdater_UPDATES.job
    2014-10-08 17:15 - 2013-10-15 02:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer
    2014-10-07 22:52 - 2013-12-08 17:01 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Notepad++
    2014-10-07 11:13 - 2014-06-28 02:44 - 00000000 ____D () C:\Windows\rescache
    2014-10-07 08:54 - 2014-04-26 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2014-10-07 08:52 - 2014-04-28 09:27 - 00000000 ____D () C:\Users\MAGMAM\AppData\Local\AVG
    2014-10-07 08:00 - 2013-11-14 15:22 - 00000000 ____D () C:\ProgramData\AVG2014
    2014-10-06 23:37 - 2013-10-17 09:22 - 00000000 ____D () C:\Users\MAGMAM\Documents\FIFA 14
    2014-10-06 02:20 - 2009-07-14 06:34 - 00028768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-10-06 02:20 - 2009-07-14 06:34 - 00028768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-10-06 01:52 - 2014-01-16 10:15 - 00000000 ____D () C:\Users\123321\AppData\Local\CrashDumps
    2014-10-05 22:00 - 2014-01-14 10:32 - 00121648 _____ () C:\Users\123321\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-10-05 21:59 - 2014-01-14 10:32 - 00001246 __RSH () C:\Users\123321\ntuser.pol
    2014-10-05 21:59 - 2014-01-14 10:32 - 00000000 ____D () C:\Users\123321
    2014-10-01 22:30 - 2013-08-15 20:26 - 00735104 _____ () C:\Windows\system32\perfh015.dat
    2014-10-01 22:30 - 2013-08-15 20:26 - 00723764 _____ () C:\Windows\system32\prfh0816.dat
    2014-10-01 22:30 - 2013-08-15 20:26 - 00719346 _____ () C:\Windows\system32\perfh019.dat
    2014-10-01 22:30 - 2013-08-15 20:26 - 00708626 _____ () C:\Windows\system32\prfh0416.dat
    2014-10-01 22:30 - 2013-08-15 20:26 - 00156622 _____ () C:\Windows\system32\perfc015.dat
    2014-10-01 22:30 - 2013-08-15 20:26 - 00153656 _____ () C:\Windows\system32\prfc0816.dat
    2014-10-01 22:30 - 2013-08-15 20:26 - 00151592 _____ () C:\Windows\system32\perfc019.dat
    2014-10-01 22:30 - 2013-08-15 20:26 - 00148406 _____ () C:\Windows\system32\prfc0416.dat
    2014-10-01 22:30 - 2013-08-14 19:44 - 00651428 _____ () C:\Windows\system32\perfh01F.dat
    2014-10-01 22:30 - 2013-08-14 19:44 - 00140750 _____ () C:\Windows\system32\perfc01F.dat
    2014-10-01 22:30 - 2010-11-20 23:01 - 07055438 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\th-TH
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ru-RU
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ro-RO
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-PT
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-BR
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fr-FR
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\bg-BG
    2014-09-25 05:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ar-SA
    2014-09-24 05:16 - 2013-08-07 17:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2014-09-24 05:16 - 2013-08-07 17:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2014-09-20 00:53 - 2013-09-23 15:41 - 00000982 _____ () C:\Users\MAGMAM\Desktop\Dropbox.lnk
    2014-09-20 00:53 - 2013-09-23 15:37 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2014-09-20 00:47 - 2013-08-11 18:01 - 00000000 ___RD () C:\Program Files\Skype
    2014-09-20 00:47 - 2013-08-11 18:00 - 00000000 ____D () C:\ProgramData\Skype
    2014-09-20 00:05 - 2009-07-14 06:33 - 00443504 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-09-18 02:03 - 2013-08-02 14:03 - 00121648 _____ () C:\Users\MAGMAM\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-09-17 20:13 - 2013-08-02 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
    2014-09-17 20:12 - 2014-01-25 18:26 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\system32\rmoc3260.dll
    2014-09-17 20:12 - 2013-08-02 22:53 - 00000000 ____D () C:\Program Files\Real
    2014-09-17 20:12 - 2013-08-02 22:46 - 00000000 ____D () C:\ProgramData\Real
    2014-09-17 20:11 - 2014-01-25 18:25 - 00505416 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
    2014-09-17 20:11 - 2014-01-25 18:25 - 00353864 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
    2014-09-17 20:11 - 2013-08-02 22:54 - 00278600 _____ (Progressive Networks) C:\Windows\system32\pncrt.dll
    2014-09-16 18:03 - 2014-05-18 03:46 - 00000000 ____D () C:\Program Files\Ginger
    2014-09-16 18:03 - 2014-05-18 03:40 - 00029326 _____ () C:\GingerSetupHelper.log
    2014-09-16 18:03 - 2014-05-18 03:40 - 00004238 _____ () C:\GingerSetup.log
    2014-09-16 18:01 - 2014-07-04 03:57 - 00002949 _____ () C:\Users\Public\Desktop\Ginger.lnk
    2014-09-16 18:01 - 2014-07-04 03:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ginger
    2014-09-14 03:50 - 2013-10-22 23:44 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Paltalk
    2014-09-12 21:17 - 2013-08-03 18:28 - 00001067 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\FinalMediaPlayer.lnk
    2014-09-12 21:17 - 2013-08-03 18:28 - 00001061 _____ () C:\Users\MAGMAM\Desktop\FinalMediaPlayer.lnk
    2014-09-12 21:17 - 2013-08-03 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalMediaPlayer
    2014-09-12 21:17 - 2013-08-03 18:28 - 00000000 ____D () C:\Program Files\FinalMediaPlayer
    2014-09-12 15:08 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
    2014-09-12 02:33 - 2013-08-03 11:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-09-12 02:32 - 2013-08-15 15:10 - 00000000 ____D () C:\Windows\system32\MRT
    2014-09-12 02:14 - 2013-08-03 10:57 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-09-12 02:13 - 2014-05-01 03:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
     
    Some content of TEMP:
    ====================
    C:\Users\MAGMAM\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoefa6q.dll
    C:\Users\MAGMAM\AppData\Local\Temp\FinalMediaPlayerSetup.exe
    C:\Users\MAGMAM\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
    C:\Users\MAGMAM\AppData\Local\Temp\lowproc.exe
    C:\Users\MAGMAM\AppData\Local\Temp\npp.6.6.9.Installer.exe
    C:\Users\MAGMAM\AppData\Local\Temp\Quarantine.exe
    C:\Users\MAGMAM\AppData\Local\Temp\stubhelper.dll
    C:\Users\MAGMAM\AppData\Local\Temp\tmpFF01.tmp.exe
    C:\Users\MAGMAM\AppData\Local\Temp\xmlUpdater.exe
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => MD5 is legit
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2014-10-07 07:57
     
    ==================== End Of Log ============================
     
     
     
    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-10-2014 01
    Ran by MAGMAM at 2014-10-10 22:05:56
    Running from C:\Users\MAGMAM\Desktop
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
    FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
    1AVMonitor version 1.8.8.90 (HKLM\...\{B1D0FF50-8C97-45A2-84A7-05E1C05395F8}_is1) (Version: 1.8.8.90 - PCWinSoft Systems)
    Abdio Free MP4 Player (Free) (HKLM\...\Abdio Free MP4 Player (Free)) (Version: Abdio Free MP4 Player - Abdio Free MP4 Player)
    Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Adobe Flash Player ActiveX Free Download Packages (HKCU\...\Adobe Flash Player ActiveX Free Download Packages) (Version:  - ) <==== ATTENTION
    Adobe Flash Player Plugin Free Download Packages (HKCU\...\Adobe Flash Player Plugin Free Download Packages) (Version:  - ) <==== ATTENTION
    AFPL Ghostscript 8.14 (HKLM\...\AFPL Ghostscript 8.14) (Version:  - )
    AFPL Ghostscript Fonts (HKLM\...\AFPL Ghostscript Fonts) (Version:  - )
    Age of Empires Online (HKLM\...\GFWL_{4D530FA3-9B89-4186-98B7-F51000008100}) (Version: 1.0.0000.129 - Microsoft Studios)
    Age of Empires Online (Version: 1.0.0000.129 - Microsoft Studios) Hidden
    AMD APP SDK Runtime (Version: 2.5.793.1 - Advanced Micro Devices Inc.) Hidden
    AMD Catalyst Install Manager (HKLM\...\{71CBB584-683D-33FC-1CE3-95414DC3B8C9}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Arduino (HKLM\...\Arduino) (Version: 1.0.5-r2 - Arduino LLC)
    AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
    AVG 2014 (Version: 14.0.4040 - AVG Technologies) Hidden
    AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
    AVG PC TuneUp 2014 (en-US) (Version: 14.0.1001.489 - AVG) Hidden
    AVG PC TuneUp 2014 (HKLM\...\AVG PC TuneUp) (Version: 14.0.1001.392 - AVG)
    AVG PC TuneUp 2014 (Version: 14.0.1001.392 - AVG) Hidden
    Bandicam (HKLM\...\Bandicam) (Version: 1.9.2.455 - Bandisoft.com)
    Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - Bandisoft.com)
    Battlefield BC2 (HKLM\...\Battlefield BC2_is1) (Version:  - )
    Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
    CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
    C-Free 5.0 Professional (HKLM\...\C-Free 5.0_is1) (Version:  - Program Arts)
    Cheat Engine 6.3 (HKLM\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
    Cisco Networking Academy curriculum 4.0.0.2 (HKLM\...\Cisco Networking Academy curriculum_is1) (Version:  - Cisco Systems, Inc.)
    Cisco Packet Tracer 6.0 (HKLM\...\Cisco Packet Tracer 6.0_is1) (Version:  - Cisco Systems, Inc.)
    DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 2.0.0.0159 - Disc Soft Ltd)
    Deep Shredder 12 UCI (HKLM\...\{14B6295D-6D03-4635-A17F-76AB10C74EF0}_is1) (Version:  - Stefan Meyer-Kahlen)
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
    Digilent Software (HKLM\...\Digilent Software) (Version: 1.0.189 - Digilent, Inc.)
    Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
    Dxtory version 2.0.119 (HKLM\...\Dxtory2.0_is1) (Version: 2.0.119 - Dxtory Software)
    EasyNP2 version 56.2.0.38 (HKLM\...\{45D0CE08-14DE-4F94-AE24-6151BBE6FA90}_is1) (Version: 56.2.0.38 - EasyNP2, Inc.)
    Europa Universalis IV Wealth of Nations (HKLM\...\Europa Universalis IV Wealth of Nations_is1) (Version:  - )
    F3_ActiveX_1.0.0.1 (HKLM\...\{C61B1BD6-1B74-499B-8CC1-AEB4F7BDD878}_is1) (Version: 1.0.0.1 - )
    ffdshow v1.2.4422 [2012-04-09] (HKLM\...\ffdshow_is1) (Version: 1.2.4422.0 - FreeCodecPack)
    FIFA 13 (HKLM\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.5.0.0 - Electronic Arts)
    FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
    Final Media Player 2014 (HKLM\...\FinalMediaPlayer_is1) (Version: 2014.08.04.00 - Bitberry Software) <==== ATTENTION
    GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version:  - )
    Ginger (HKLM\...\InstallShield_{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}) (Version: 3.5.223 - Ginger Software)
    Ginger (Version: 3.5.223 - Ginger Software) Hidden
    Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.13 - Google Inc.)
    Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
    Google Web Designer (HKLM\...\{811767F4-C586-4673-A41F-E9D767497222}) (Version: 1.0.5.0 - Google Inc.)
    GPL Ghostscript (HKLM\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
    Grand Theft Auto IV (HKLM\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
    GSview 4.6 (HKLM\...\GSview 4.6) (Version:  - )
    Haali Media Splitter (HKLM\...\HaaliMkx) (Version:  - FreeCodecPack)
    Hearts of Iron III - Their Finest Hour version 4.02 (HKLM\...\{25D080C2-19A4-427D-A12A-979D674B57F8}}_is1) (Version: 4.02 - Paradox Interactive)
    Hearts of Iron III (HKLM\...\{D0106CC2-E34B-4FA3-B6B6-91F0ACEA2CC3}) (Version:  - )
    Hotspot Shield v2.88 Elite Final Full (HKLM\...\Hotspot Shield v2.88 Elite Final Full) (Version: Full - S.P.D.)
    HP Support Solutions Framework (HKLM\...\{D2F04839-0AD0-4F06-A6B5-6DFF05E27B67}) (Version: 11.50.0019 - Hewlett-Packard Company)
    Image for Windows 2.87 Trial (HKLM\...\Image for Windows (V2)_is1) (Version:  - TeraByte Unlimited)
    Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
    Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
    Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    ISO Image Burner 1.1 (HKLM\...\{B2B123D3-E780-4EB0-B540-18F5FCC6EFE9}_is1) (Version:  - ISOImageBurner.com)
    Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
    Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
    JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
    Lagarith Lossless Codec (1.3.27) (HKLM\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    MathType 6 (HKLM\...\DSMT6) (Version: 6.7 - Design Science, Inc.)
    Mawareeth (HKLM\...\ST6UNST #1) (Version:  - )
    Metal Player version 4.0.4.2 (HKLM\...\{EF752F37-DA27-4E1D-8E83-BDF5FBB5E773}_is1) (Version: 4.0.4.2 - Abyssalsoft)
    Microsoft .NET Framework 4.5.1 (ARA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (DAN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (dansk) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1030) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (PTB) (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (PTG) (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (RUS) (Version: 4.5.50938 - Корпорация Майкрософт) Hidden
    Microsoft .NET Framework 4.5.1 (TRK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (Türkçe) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (Русский) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1049) (Version: 4.5.50938 - Корпорация Майкрософт)
    Microsoft .NET Framework 4.5.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
    Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
    Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing Tools 2013 Preview - English (HKLM\...\{20150000-001F-0409-0000-0000000FF1CE}) (Version: 15.0.4128.1014 - Microsoft Corporation)
    Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Rise Of Nations (HKLM\...\RiseOfNations 1.0) (Version:  - Microsoft)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
    Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.10.00.03 - Huawei Technologies Co.,Ltd)
    Mozilla Firefox 27.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
    Nitro Reader 3 (HKLM\...\{F5451D00-B448-4E9A-82DC-1929F4F1910D}) (Version: 3.5.6.5 - Nitro)
    Notepad++ (HKLM\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
    Notepad++ Free Download Packages (HKCU\...\Notepad++ Free Download Packages) (Version:  - ) <==== ATTENTION
    Paltalk Messenger  11.4 (HKLM\...\Paltalk Messenger) (Version: 11.4.564.16415 - AVM Software Inc.)
    Password Reveal Pro (HKLM\...\Password Reveal Pro) (Version: 2.0 - Camtech 2000)
    PFConfig 1.0.296 (HKLM\...\PFConfig) (Version: 1.0.296 - Portforward.com)
    Polyglot 3000 (Version 3.74) (HKLM\...\Polyglot 3000_is1) (Version:  - Likasoft)
    RAR Password Recovery 3.1.0.0 (HKLM\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version:  - Anypasskey Studio)
    RealDownloader (Version: 17.0.13 - RealNetworks, Inc.) Hidden
    RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
    RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.13 - RealNetworks)
    RealPlayer Free Download Packages (HKCU\...\RealPlayer Free Download Packages) (Version:  - ) <==== ATTENTION
    Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
    RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
    ReMouse Micro (HKLM\...\ReMouse Micro_is1) (Version: Micro V3.5 - AutomaticSolution Software)
    Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
    Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
    Rockstar Games Social Club (HKLM\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
    Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    SiRFDemo (HKLM\...\{D8207FF4-0A8C-4D36-9682-36E04AE96C52}) (Version: 3.87 - SiRF Technology, Inc.)
    Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
    Skype™ 6.20 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
    Software Informer 1.4.1152.0 (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
    SpeedConnect Internet Accelerator v.8.0 (HKLM\...\SpeedConnect Internet Accelerator v.8.0_is1) (Version:  - CBS Software)
    SpotAuditor 4.8.3 (HKLM\...\SpotAuditor_is1) (Version:  - Nsasoft LLC.)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
    TBIView 4.34 - TBIMount 1.12 (HKLM\...\TBIView_is1) (Version:  - TeraByte Unlimited)
    TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
    TeXstudio 2.6.6 (HKLM\...\TeXstudio_is1) (Version: 2.6.6 - Benito van der Zander)
    Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
    UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
    Visual CertExam Suite (HKLM\...\Visual CertExam Suite_is1) (Version:  - Avanset)
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Vodafone Mobile Broadband Lite (HKLM\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.2.102.30707 - Vodafone)
    WebcamMax (HKLM\...\WebcamMax) (Version: 7.8.1.6.MultiLanguage - )
    webcamXP 5 (HKLM\...\wLite) (Version: 5.7.3.0 - Moonware Studios)
    Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
    WinEdt (HKLM\...\WinEdt) (Version: 5.3 - Aleksander Simonic (WinEdt Team))
    WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
    WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
    WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DE}) (Version: 18.0.10661 - WinZip Computing, S.L. )
    WinZip Driver Updater (HKLM\...\{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1) (Version: 1.0.648.15384 - WinZip Computing, S.L. (WinZip Computing))
    Wireshark 1.10.7 (32-bit) (HKLM\...\Wireshark) (Version: 1.10.7 - The Wireshark developer community, http://www.wireshark.org)
    Wise Game Booster 1.25 (HKLM\...\Wise Game Booster_is1) (Version: 1.25 - WiseCleaner.com, Inc.)
    Wolfram Mathematica 7 for Students (M-WIN-G 7.0.0 1148361) (HKLM\...\M-WIN-G 7.0.0 1148361_is1) (Version: 7.0.0 - Wolfram Research, Inc.)
    Wolfram Notebook Indexer 2.0 (HKLM\...\{C260343B-6282-42A2-939F-1FF7E503F608}) (Version: 2.17.34091 - Wolfram Research)
    World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
    World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
    YTD Video Downloader 4.7.2 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.2 - GreenTree Applications SRL)
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-357385200-1680055637-319585916-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
     
    ==================== Restore Points  =========================
     
    09-10-2014 05:03:40 ##IDS_ERROR_1717##
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-14 04:04 - 2014-02-22 15:48 - 00000221 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    127.0.0.1 anchorfree.net
    127.0.0.1 rss2search.com
    127.0.0.1 techbrowsing.com
    127.0.0.1 box.anchorfree.net
    127.0.0.1 www.mefeedia.com
    127.0.0.3 www.anchorfree.net
    127.0.0.2 www.mefeedia.com
     
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {00930A1C-91A8-43B1-B153-FA26661FDA09} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe
    Task: {0B8ED058-DDD9-401C-A60B-A1B73CF07462} - System32\Tasks\{F9E8B480-0130-4639-9251-234ADBB6749B} => c:\program files\safari\safari.exe [2012-04-25] (Apple Inc.)
    Task: {0E74DBB0-681B-49F9-9DAC-4D0D1496201E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-357385200-1680055637-319585916-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
    Task: {10A9A994-0741-4F7A-9404-9AC5ADE96173} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
    Task: {25A72911-7AF1-44AA-B80C-63F445B031E6} - System32\Tasks\ZenSearch\Updater\ZenSearch updater => C:\Program Files\ZenSearch Updater\updater.exe
    Task: {32A487DC-4C14-468E-802E-037EDDB070F1} - \ProgramUpdateCheck No Task File <==== ATTENTION
    Task: {35579CCB-C347-4DCD-8AFE-DD0E277EFD32} - \YourFile DownloaderUpdate No Task File <==== ATTENTION
    Task: {45B0FCE3-50C4-487D-B015-E586311BBA15} - System32\Tasks\{1B59953F-7F05-433D-AFE5-9C8CB4FACE76} => C:\Users\MAGMAM\Desktop\CCNA\ccna exploration\Material-explorations\Exploration4_English.exe
    Task: {4AB24492-9611-43AC-B26E-BEC7F8A4A270} - System32\Tasks\WinZipDriverUpdaterRunAtStartup => C:\Program Files\WinZip Driver Updater\winzipdu.exe [2013-07-11] (WinZip Computing, S.L. (WinZip Computing))
    Task: {6BFAF740-2428-4AF2-830C-B0569BC7F13F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {788F288F-664F-4872-9812-68D402BC3B82} - System32\Tasks\Volaro Update => C:\Program Files\Volaro\Updater\Updater.exe <==== ATTENTION
    Task: {792A63FB-28F6-47A8-804A-8828571140ED} - System32\Tasks\Final Media Player Update Checker => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe [2013-03-25] (Bitberry Software)
    Task: {8538B6E7-2673-4977-8124-60D53A3B9BCB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-02] (Google Inc.)
    Task: {864A9D0D-800D-4EAC-ABFD-5E1D34312040} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
    Task: {8B943A65-3E35-42BD-95CD-406FA6FBD9F1} - System32\Tasks\DTReg => C:\Users\MAGMAM\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION
    Task: {A22380EA-AB8E-437D-84D3-E2DE195F58F7} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-357385200-1680055637-319585916-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
    Task: {B15518A1-E7D9-4DD6-9BA2-C80302E2BC3E} - \4CEFD9B73D6C-1CRMOI2 No Task File <==== ATTENTION
    Task: {B3FB2531-2C7E-4B89-95F8-B293B9C81367} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe [2014-03-31] (AVG)
    Task: {B55C7C44-D769-43FA-9FFB-84734DCE8A77} - System32\Tasks\{6CEB5F5B-1868-4D0B-B451-04E6C7328601} => C:\Users\MAGMAM\Desktop\CCNA\ccna exploration\Material-explorations\Exploration4_English.exe
    Task: {B7D59E5D-2092-45BD-8DB9-09BA073D8F59} - \ProgramRefresh-ATFST No Task File <==== ATTENTION
    Task: {BA11A3C7-01AF-44DF-A43E-1FC2614D7BE5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
    Task: {BB81308C-E3B0-4B5F-BB16-C1D9C2DA032E} - System32\Tasks\Real Player online update program => C:\Program Files\Real\RealPlayer\update\realsched.exe [2014-09-17] (RealNetworks, Inc.)
    Task: {BF044A32-0885-43EE-9674-A490CE31CC51} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-357385200-1680055637-319585916-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2014-07-30] (RealNetworks, Inc.)
    Task: {C1906E5B-EAA2-445D-A32C-AFE24DCCA3D8} - System32\Tasks\WinZipDriverUpdater_UPDATES => C:\Program Files\WinZip Driver Updater\winzipdu.exe [2013-07-11] (WinZip Computing, S.L. (WinZip Computing))
    Task: {C5F21D01-C598-4720-A0F7-EC3140A1497C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-357385200-1680055637-319585916-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
    Task: {C6BD5F12-6F14-444B-B3E8-DE8EC07CC652} - System32\Tasks\Baidu PC Faster Update => $szInstallingDir\Updater.exe
    Task: {D48E5441-8209-481C-AFCB-D2825C0BBEBF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-02] (Google Inc.)
    Task: {FE5B67A9-DAC3-4E5B-B12E-4D57B4192CC2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-357385200-1680055637-319585916-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
    Task: {FF5F4481-109E-4901-8868-C16BBE2E9B04} - System32\Tasks\Games\UpdateCheck_S-1-5-21-357385200-1680055637-319585916-1000
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\Final Media Player Update Checker.job => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\WinZipDriverUpdater_UPDATES.job => C:\Program Files\WinZip Driver Updater\winzipdu.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2013-09-18 00:54 - 2013-09-18 00:54 - 00230240 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
    2014-07-30 01:17 - 2014-07-30 01:17 - 00039568 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    2014-07-30 04:04 - 2014-07-30 04:04 - 00023552 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
    2014-03-31 13:21 - 2014-03-31 13:21 - 00568120 _____ () C:\Program Files\AVG\AVG PC TuneUp\avgreplibx.dll
    2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
    2014-09-12 14:22 - 2014-09-12 14:22 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\60e3de33f3b7204f87483b97989a13b6\IsdiInterop.ni.dll
    2013-08-07 03:46 - 2011-01-12 17:56 - 00058880 _____ () C:\Program Files\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
    2010-01-09 19:18 - 2010-01-09 19:18 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-01-21 00:34 - 2010-01-21 00:34 - 08793952 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
    2012-12-14 02:02 - 2012-12-14 02:02 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
    2011-07-17 06:56 - 2011-07-17 06:56 - 01038848 _____ () C:\Program Files\WebcamMax\wcmmon.exe
    2014-10-10 00:28 - 2014-10-07 06:22 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.13\libglesv2.dll
    2014-10-10 00:28 - 2014-10-07 06:22 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.13\libegl.dll
    2014-10-10 00:28 - 2014-10-07 06:22 - 09008456 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.13\pdf.dll
    2014-10-10 00:28 - 2014-10-07 06:22 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.13\ffmpegsumo.dll
    2014-10-10 00:28 - 2014-10-07 06:22 - 14902600 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.13\PepperFlash\pepflashplayer.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
    AlternateDataStreams: C:\ProgramData\TEMP:07F6D9E4
    AlternateDataStreams: C:\ProgramData\TEMP:6FE816BE
    AlternateDataStreams: C:\ProgramData\TEMP:CB9FA647
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
     
    ========================= Accounts: ==========================
     
    123321 (S-1-5-21-357385200-1680055637-319585916-1001 - Administrator - Enabled) => C:\Users\123321
    Administrator (S-1-5-21-357385200-1680055637-319585916-500 - Administrator - Disabled)
    Guest (S-1-5-21-357385200-1680055637-319585916-501 - Limited - Disabled)
    MAGMAM (S-1-5-21-357385200-1680055637-319585916-1000 - Administrator - Enabled) => C:\Users\MAGMAM
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Generic Bluetooth Adapter
    Description: Generic Bluetooth Adapter
    Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
    Manufacturer: GenericAdapter
    Service: BTHUSB
    Problem: : Windows has stopped this device because it has reported problems. (Code 43)
    Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 
     
    Name: HP Integrated Bluetooth module
    Description: HP Integrated Bluetooth module
    Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
    Manufacturer: HP
    Service: BTHUSB
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (10/10/2014 09:12:47 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: aswMBR.exe, version: 1.0.1.2041, time stamp: 0x539e8df7
    Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
    Exception code: 0xc0000005
    Fault offset: 0x00052d37
    Faulting process id: 0x1d08
    Faulting application start time: 0xaswMBR.exe0
    Faulting application path: aswMBR.exe1
    Faulting module path: aswMBR.exe2
    Report Id: aswMBR.exe3
     
    Error: (10/10/2014 08:55:35 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: AIPS.exe, version: 1.0.0.1, time stamp: 0x4e31d62e
    Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
    Exception code: 0xc0000005
    Fault offset: 0x00039342
    Faulting process id: 0x6d0
    Faulting application start time: 0xAIPS.exe0
    Faulting application path: AIPS.exe1
    Faulting module path: AIPS.exe2
    Report Id: AIPS.exe3
     
    Error: (10/10/2014 08:54:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 17463922
     
    Error: (10/10/2014 08:54:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 17463922
     
    Error: (10/10/2014 08:54:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (10/10/2014 04:03:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 14914
     
    Error: (10/10/2014 04:03:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 14914
     
    Error: (10/10/2014 04:03:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (10/10/2014 04:03:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 13853
     
    Error: (10/10/2014 04:03:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 13853
     
     
    System errors:
    =============
    Error: (10/10/2014 08:56:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Arp Intelligent Protection Service service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (10/10/2014 08:55:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
     
    Error: (10/10/2014 08:54:50 PM) (Source: Server) (EventID: 2505) (User: )
    Description: The server could not bind to the transport \Device\NetBT_Tcpip_{7D02B2D8-4A6D-423F-9874-ECF283BB2542} because another computer on the network has the same name.  The server could not start.
     
    Error: (10/10/2014 04:03:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.
     
    Error: (10/10/2014 04:02:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wlidsvc service.
     
    Error: (10/10/2014 09:56:49 AM) (Source: DCOM) (EventID: 10001) (User: )
    Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
     
    Error: (10/10/2014 04:37:50 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {005A3A96-BAC4-4B0A-94EA-C0CE100EA736}
     
    Error: (10/10/2014 04:37:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The RealPlayer Cloud Service service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (10/10/2014 04:31:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
     
    Error: (10/10/2014 04:30:31 AM) (Source: BTHUSB) (EventID: 17) (User: )
    Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
     
     
    Microsoft Office Sessions:
    =========================
    Error: (10/10/2014 09:12:47 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: aswMBR.exe1.0.1.2041539e8df7ntdll.dll6.1.7601.18247521ea91cc000000500052d371d0801cfe4bcd8da01e0C:\Users\MAGMAM\Desktop\aswMBR.exeC:\Windows\SYSTEM32\ntdll.dll6b0d3e8a-50b1-11e4-8d69-6431509e6a3f
     
    Error: (10/10/2014 08:55:35 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: AIPS.exe1.0.0.14e31d62eole32.dll6.1.7601.175144ce7b96fc0000005000393426d001cfe4322d9ee98aC:\Program Files\netcut\services\AIPS.exeC:\Windows\system32\ole32.dll03c2e4f8-50af-11e4-8d69-6431509e6a3f
     
    Error: (10/10/2014 08:54:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 17463922
     
    Error: (10/10/2014 08:54:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 17463922
     
    Error: (10/10/2014 08:54:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (10/10/2014 04:03:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 14914
     
    Error: (10/10/2014 04:03:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 14914
     
    Error: (10/10/2014 04:03:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (10/10/2014 04:03:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 13853
     
    Error: (10/10/2014 04:03:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 13853
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™ i3-2310M CPU @ 2.10GHz
    Percentage of memory in use: 71%
    Total physical RAM: 3014.37 MB
    Available physical RAM: 847.48 MB
    Total Pagefile: 6573.82 MB
    Available Pagefile: 2650.03 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1910.7 MB
     
    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:275.89 GB) (Free:13.62 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (HP_RECOVERY) (Fixed) (Total:16.9 GB) (Free:0.1 GB) NTFS
    Drive e: (HP_TOOLS) (Fixed) (Total:5 GB) (Free:0.18 GB) NTFS
    Drive g: (Europa Universal) (CDROM) (Total:1.33 GB) (Free:0 GB) CDFS
    Drive i: (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive j: (TW_ROME_II) (CDROM) (Total:9.47 GB) (Free:0 GB) CDFS
    Drive k: (GTA IV Disc 1) (CDROM) (Total:7.03 GB) (Free:0 GB) UDF
    Drive l: (GTA IV Disc 2) (CDROM) (Total:6.81 GB) (Free:0 GB) UDF
    Drive m: (20130605_1740) (CDROM) (Total:5.66 GB) (Free:0 GB) CDFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 4166D6A8)
    Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=275.9 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=16.9 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=5 GB) - (Type=07 NTFS)
     
    ==================== End Of Log ============================

    Edited by ComputerEngineer, 10 October 2014 - 02:16 PM.

      Advertisements

    Register to Remove


    #11 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 10 October 2014 - 04:17 PM

    Hi,

     

    This is your computer and I really cant tell you what to do with it, I can just advise.  You or someone that you authorize to use this computer is installing all kinds of garbage, all those free programs bring other bundled software with them, not nice.

     

     

     
    Open notepad (Start --> All Programs --> Accessories --> Notepad).
    Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
    Save it to the same directory as FRST or FRST64 as fixlist.txt. (it has to be right next to FRST or FRST64) either in a directory you saved FRST or FRST64 or on your desktop if thats where you saved it.
    You can use your mouse to drag Fixlist right next to FRST or FRST64, either above or below it but not on top of it.
     
    Start
    CloseProcesses:
    (BitTorrent Inc.) C:\Users\MAGMAM\AppData\Roaming\uTorrent\uTorrent.exe
    C:\Users\MAGMAM\AppData\Roaming\uTorrent
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Run: [uTorrent] => C:\Users\MAGMAM\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-03] (BitTorrent Inc.)
    SearchScopes: HKCU - 5055E17DDD094F28BDB7DB89B6D45BC5 URL = http://search.qvo6.c...X&ts=1376413680
    FF SearchPlugin: C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\searchplugins\ZenSearch.xml
    FF Extension: WinToFlash Suggestor - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2012-05-25]
    FF Extension: BonanzaDeals - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi [2013-12-29]
    FF HKLM\...\Firefox\Extensions: [chknq@jrkbwgoi.org] - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\extensions\chknq@jrkbwgoi.org
    FF Extension: No Name - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\extensions\ffxtlbra@softonic.com.xpi [Not Found]
    CHR Extension: (Ask Search) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg [2014-09-17]
    2014-10-10 02:58 - 2013-08-03 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vonteera
    2014-10-09 06:54 - 2013-08-03 11:03 - 00000000 ____D () C:\Windows\PCHEALTH
    2014-10-10 22:05 - 2013-08-02 17:53 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\uTorrent
    2014-09-11 15:54 - 2014-09-11 15:54 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hotspot Shield v2.88 Elite Final Full
    2014-09-12 21:17 - 2013-08-03 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalMediaPlayer
    2014-09-12 21:17 - 2013-08-03 18:28 - 00000000 ____D () C:\Program Files\FinalMediaPlayer
    C:\Program Files\ZenSearch Updater
    Task: {25A72911-7AF1-44AA-B80C-63F445B031E6} - System32\Tasks\ZenSearch\Updater\ZenSearch updater => C:\Program Files\ZenSearch Updater\updater.exe
    Task: {32A487DC-4C14-468E-802E-037EDDB070F1} - \ProgramUpdateCheck No Task File <==== ATTENTION
    Task: {35579CCB-C347-4DCD-8AFE-DD0E277EFD32} - \YourFile DownloaderUpdate No Task File <==== ATTENTION
    Task: {788F288F-664F-4872-9812-68D402BC3B82} - System32\Tasks\Volaro Update => C:\Program Files\Volaro\Updater\Updater.exe <==== ATTENTION
    Task: {792A63FB-28F6-47A8-804A-8828571140ED} - System32\Tasks\Final Media Player Update Checker => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe [2013-03-25] (Bitberry Software)
    Task: {B15518A1-E7D9-4DD6-9BA2-C80302E2BC3E} - \4CEFD9B73D6C-1CRMOI2 No Task File <==== ATTENTION
    Task: {B7D59E5D-2092-45BD-8DB9-09BA073D8F59} - \ProgramRefresh-ATFST No Task File <==== ATTENTION
    Hosts:
    EmptyTemp:
    End
    
     
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
     
    Then open FRST or FRST64 and click on fix
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #12 ComputerEngineer

    ComputerEngineer

      Authentic Member

    • Authentic Member
    • PipPip
    • 35 posts

    Posted 10 October 2014 - 10:06 PM

    No problem, I will take care of these free software, thanks for the advice.
     
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-10-2014 01
    Ran by MAGMAM at 2014-10-11 05:42:59 Run:1
    Running from C:\Users\MAGMAM\Desktop
    Loaded Profiles: MAGMAM &  (Available profiles: MAGMAM & 123321)
    Boot Mode: Normal
     
    ==============================================
     
    Content of fixlist:
    *****************
    Start
    CloseProcesses:
    (BitTorrent Inc.) C:\Users\MAGMAM\AppData\Roaming\uTorrent\uTorrent.exe
    C:\Users\MAGMAM\AppData\Roaming\uTorrent
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\...\Run: [uTorrent] => C:\Users\MAGMAM\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-03] (BitTorrent Inc.)
    SearchScopes: HKCU - 5055E17DDD094F28BDB7DB89B6D45BC5 URL = http://search.qvo6.c...X&ts=1376413680
    FF SearchPlugin: C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\searchplugins\ZenSearch.xml
    FF Extension: WinToFlash Suggestor - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2012-05-25]
    FF Extension: BonanzaDeals - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi [2013-12-29]
    FF HKLM\...\Firefox\Extensions: [chknq@jrkbwgoi.org] - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\extensions\chknq@jrkbwgoi.org
    FF Extension: No Name - C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\extensions\ffxtlbra@softonic.com.xpi [Not Found]
    CHR Extension: (Ask Search) - C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg [2014-09-17]
    2014-10-10 02:58 - 2013-08-03 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vonteera
    2014-10-09 06:54 - 2013-08-03 11:03 - 00000000 ____D () C:\Windows\PCHEALTH
    2014-10-10 22:05 - 2013-08-02 17:53 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\uTorrent
    2014-09-11 15:54 - 2014-09-11 15:54 - 00000000 ____D () C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hotspot Shield v2.88 Elite Final Full
    2014-09-12 21:17 - 2013-08-03 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalMediaPlayer
    2014-09-12 21:17 - 2013-08-03 18:28 - 00000000 ____D () C:\Program Files\FinalMediaPlayer
    C:\Program Files\ZenSearch Updater
    Task: {25A72911-7AF1-44AA-B80C-63F445B031E6} - System32\Tasks\ZenSearch\Updater\ZenSearch updater => C:\Program Files\ZenSearch Updater\updater.exe
    Task: {32A487DC-4C14-468E-802E-037EDDB070F1} - \ProgramUpdateCheck No Task File <==== ATTENTION
    Task: {35579CCB-C347-4DCD-8AFE-DD0E277EFD32} - \YourFile DownloaderUpdate No Task File <==== ATTENTION
    Task: {788F288F-664F-4872-9812-68D402BC3B82} - System32\Tasks\Volaro Update => C:\Program Files\Volaro\Updater\Updater.exe <==== ATTENTION
    Task: {792A63FB-28F6-47A8-804A-8828571140ED} - System32\Tasks\Final Media Player Update Checker => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe [2013-03-25] (Bitberry Software)
    Task: {B15518A1-E7D9-4DD6-9BA2-C80302E2BC3E} - \4CEFD9B73D6C-1CRMOI2 No Task File <==== ATTENTION
    Task: {B7D59E5D-2092-45BD-8DB9-09BA073D8F59} - \ProgramRefresh-ATFST No Task File <==== ATTENTION
    Hosts:
    EmptyTemp:
    End
    *****************
     
    Processes closed successfully.
    [5884] C:\Users\MAGMAM\AppData\Roaming\uTorrent\uTorrent.exe => Process closed successfully.
    C:\Users\MAGMAM\AppData\Roaming\uTorrent => Moved successfully.
    HKU\S-1-5-21-357385200-1680055637-319585916-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
    "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\5055E17DDD094F28BDB7DB89B6D45BC5" => Key deleted successfully.
    "HKCR\CLSID\5055E17DDD094F28BDB7DB89B6D45BC5" => Key not found.
    C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\searchplugins\ZenSearch.xml => Moved successfully.
    C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi => Moved successfully.
    C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi => Moved successfully.
    HKLM\Software\Mozilla\Firefox\Extensions\\chknq@jrkbwgoi.org => value deleted successfully.
    C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\extensions\ffxtlbra@softonic.com.xpi => not found.
    C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg => Moved successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vonteera => Moved successfully.
    C:\Windows\PCHEALTH => Moved successfully.
    "C:\Users\MAGMAM\AppData\Roaming\uTorrent" => File/Directory not found.
    C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hotspot Shield v2.88 Elite Final Full => Moved successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalMediaPlayer => Moved successfully.
    C:\Program Files\FinalMediaPlayer => Moved successfully.
    C:\Program Files\ZenSearch Updater => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{25A72911-7AF1-44AA-B80C-63F445B031E6}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25A72911-7AF1-44AA-B80C-63F445B031E6}" => Key deleted successfully.
    C:\Windows\System32\Tasks\ZenSearch\Updater\ZenSearch updater => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ZenSearch\Updater\ZenSearch updater" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{32A487DC-4C14-468E-802E-037EDDB070F1}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32A487DC-4C14-468E-802E-037EDDB070F1}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProgramUpdateCheck" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{35579CCB-C347-4DCD-8AFE-DD0E277EFD32}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35579CCB-C347-4DCD-8AFE-DD0E277EFD32}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YourFile DownloaderUpdate" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{788F288F-664F-4872-9812-68D402BC3B82}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{788F288F-664F-4872-9812-68D402BC3B82}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Volaro Update => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Volaro Update" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{792A63FB-28F6-47A8-804A-8828571140ED}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{792A63FB-28F6-47A8-804A-8828571140ED}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Final Media Player Update Checker => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Final Media Player Update Checker" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B15518A1-E7D9-4DD6-9BA2-C80302E2BC3E}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B15518A1-E7D9-4DD6-9BA2-C80302E2BC3E}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4CEFD9B73D6C-1CRMOI2" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7D59E5D-2092-45BD-8DB9-09BA073D8F59}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7D59E5D-2092-45BD-8DB9-09BA073D8F59}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProgramRefresh-ATFST" => Key deleted successfully.
    C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
    Hosts was reset successfully.
    EmptyTemp: => Removed 3.3 GB temporary data.
     
     
    The system needed a reboot. 
     
    ==== End of Fixlog ====


    #13 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 11 October 2014 - 04:49 AM

    In lieu or running aswMBR, lets run this one instead

     

    Please download TDSSKiller.zip
    •  
    • Extract it to your desktop
    • Double click TDSSKiller.exe
    • when the window opens, click on Change Parameters
    • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
    • click OK
    • Press Start Scan
    •  
    • As we are only looking for a log of what is on the machine right now > choose to skip whatever is found
    • Then click Continue > Reboot now
     
    • Copy and paste the log in your next reply
    •  
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)
     
     


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #14 ComputerEngineer

    ComputerEngineer

      Authentic Member

    • Authentic Member
    • PipPip
    • 35 posts

    Posted 11 October 2014 - 06:29 AM

    This webpage has a redirect loop

     

    It won't download.



    #15 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 11 October 2014 - 07:22 AM

    My link should take you here

    http://support.kaspe...lity#TDSSKiller

     

    When you click on either TDSS Zip or EXE file is should take you to a license agreement, if you except the license agreement is should let you download it



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    Related Topics



    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users