Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Owner (administrator) on OWNER-PC on 24-01-2015 04:28:06
Running from C:\Users\Owner\Downloads
Loaded Profiles: UpdatusUser & Owner (Available profiles: UpdatusUser & Owner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Windows\SysWOW64\afasrv64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Samsung) C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\USIM Editor\iconcs307181.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(RedSky Sp. z o.o.) C:\Users\Owner\AppData\Local\Obrona Block Ads\ObronaBlockAds.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Users\Owner\AppData\Local\Obrona Block Ads\ProxyResetOnKill.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Owner\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12460136 2012-03-29] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2816816 2012-03-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [USBestCR] => C:\Program Files (x86)\USIM Editor\iconcs307181.exe [7374336 2014-10-03] ()
HKLM-x32\...\Run: [WRSVC] => C:\Program Files (x86)\Webroot\WRSA.exe [773256 2015-01-09] (Webroot)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [USBestCR] => C:\Program Files (x86)\USIM Editor\iconcs307181.exe [7374336 2014-10-03] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
HKU\S-1-5-21-1827809378-912741919-3246080145-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-21] (Google Inc.)
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [Epson Stylus NX510(Network)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFIA.EXE [223232 2009-11-04] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [Facebook Update] => C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-22] (Facebook Inc.)
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267] => C:\Program Files (x86)\Google\Chrome\Application \chrome.exe [856904 2015-01-08] (Google Inc.)
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [SoftonicAssistant] => C:\Users\Owner\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe [1829832 2014-11-11] ()
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [Obrona Block Ads ] => C:\Users\Owner\AppData\Local\Obrona Block Ads\ObronaBlockAds.exe [1509336 2014-10-16] (RedSky Sp. z o.o.)
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\MountPoints2: {affc424a-47ea-11e2-9145-c485088e7410} - F:\setup.exe -a
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [260928 2012-02-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [215360 2012-02-25] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk
ShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software , Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk
ShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus .lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-1827809378-912741919-3246080145-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1827809378-912741919-3246080145-1001] => http=127.0.0.1:9880
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\Software\Microsoft\Internet Explorer \Main,Start Page = http://samsung.msn.com
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\Software\Microsoft\Internet Explorer \Main,Default_Page_URL = http://samsung.msn.com
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1827809378-912741919-3246080145-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan \3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer \SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer \SkypeIEPlugin.dll (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1754664 2014-07-31] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\evr7t9fd.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application /pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 -> C:\windows \SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update ;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1827809378-912741919-3246080145-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-1827809378-912741919-3246080145-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-1827809378-912741919-3246080145-1001: @talk.google.com/O1DPlugin -> C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-1827809378-912741919-3246080145-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1827809378-912741919-3246080145-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1827809378-912741919-3246080145-1001: gastecnologia.com.br/sf/bb -> C:\Users\Owner\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-18]
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2013-11-23]
FF HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Owner\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: GBBD Banco do Brasil - C:\Users\Owner\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2014-10-15]
Chrome:
=======
CHR HomePage: Default -> hxxp://samsung.msn.com/
CHR StartupUrls: Default -> "https://mail.google.com/mail/?shva=1#inbox", "hxxp://www.google.com/"
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-29]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-27]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-29]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-29]
CHR Extension: (Webroot Filtering Extension) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dblebgkanaecgapcfefmedflbdhmblog [2013-11-23]
CHR Extension: (Skype Click to Call) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-19]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-29]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dblebgkanaecgapcfefmedflbdhmblog] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.21.crx [2013-12-16]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2012-11-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AfaService; C:\windows\SysWOW64\afasrv64.exe [73728 2014-10-03] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [546104 2014-07-21] (GAS Tecnologia)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [223088 2011-04-26] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-07] ()
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] () [File not signed]
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WRSVC; C:\Program Files (x86)\Webroot\WRSA.exe [773256 2015-01-09] (Webroot)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-07] (Intel® Corporation)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-15] (Malwarebytes Corporation)
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [115680 2015-01-09] (Webroot)
U0 SR; No ImagePath
U2 srservice; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-24 04:28 - 2015-01-24 04:28 - 00025399 _____ () C:\Users\Owner\Downloads\FRST.txt
2015-01-24 04:27 - 2015-01-24 04:28 - 00000000 ____D () C:\FRST
2015-01-24 04:24 - 2015-01-24 04:24 - 02126848 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2015-01-24 04:22 - 2015-01-24 04:22 - 01118208 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2015-01-24 02:17 - 2015-01-24 02:17 - 00282008 _____ () C:\windows\Minidump\012415-27970-01.dmp
2015-01-24 02:17 - 2015-01-24 02:17 - 00000000 ____D () C:\windows\Minidump
2015-01-24 02:16 - 2015-01-24 02:16 - 672640311 _____ () C:\windows\MEMORY.DMP
2015-01-22 23:11 - 2015-01-22 23:11 - 00376184 _____ () C:\Users\Owner\Downloads\Setup.exe
2015-01-18 23:22 - 2015-01-18 23:22 - 00009976 _____ () C:\Users\Owner\Documents\Expenses.xlsx
2015-01-18 18:39 - 2015-01-18 18:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-13 22:14 - 2014-12-18 21:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-13 22:14 - 2014-12-18 19:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-13 22:14 - 2014-12-11 23:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-13 22:14 - 2014-12-11 23:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-01-13 22:14 - 2014-12-11 23:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-01-13 22:14 - 2014-12-11 23:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-01-13 22:14 - 2014-12-11 23:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-01-13 22:14 - 2014-12-11 23:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-01-13 22:14 - 2014-12-11 23:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-01-13 22:14 - 2014-12-11 11:47 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-13 22:14 - 2014-12-05 22:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-13 22:14 - 2014-12-05 21:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-01-13 22:14 - 2014-12-05 21:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2014-12-28 23:38 - 2014-12-28 23:38 - 05288700 _____ () C:\Users\Owner\Downloads\Video.MOV
2014-12-27 04:04 - 2014-12-27 04:04 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-12-27 04:04 - 2014-12-27 04:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-12-27 04:03 - 2014-12-27 04:04 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-27 04:03 - 2014-12-27 04:04 - 00000000 ____D () C:\Program Files\iTunes
2014-12-27 04:03 - 2014-12-27 04:03 - 00000000 ____D () C:\Program Files\iPod
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-24 04:27 - 2012-09-19 19:27 - 00000000 ____D () C:\ProgramData\WRData
2015-01-24 04:21 - 2012-09-21 21:01 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Skype
2015-01-24 04:20 - 2014-01-29 17:38 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-24 04:10 - 2012-05-04 17:00 - 01944094 _____ () C:\windows\WindowsUpdate.log
2015-01-24 03:53 - 2012-09-21 18:33 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001UA.job
2015-01-24 03:14 - 2009-07-13 23:13 - 00782510 _____ () C:\windows\system32\PerfStringBackup.INI
2015-01-24 03:02 - 2013-09-22 16:57 - 00000928 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001UA.job
2015-01-24 02:28 - 2009-07-13 22:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-24 02:28 - 2009-07-13 22:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-24 02:19 - 2014-12-24 05:14 - 00000000 ____D () C:\Users\Owner\AppData\Local\SoftonicAssistant
2015-01-24 02:17 - 2014-01-29 17:38 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-24 02:17 - 2012-05-04 01:03 - 00000828 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-01-24 02:17 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-01-24 02:17 - 2009-07-13 22:51 - 00081044 _____ () C:\windows\setupact.log
2015-01-24 02:16 - 2010-11-20 21:47 - 00109580 _____ () C:\windows\PFRO.log
2015-01-24 02:14 - 2014-12-24 05:15 - 00000000 ____D () C:\Users\Owner\AppData\Local\Obrona Block Ads
2015-01-24 01:53 - 2014-10-15 17:58 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2015-01-24 01:51 - 2014-12-09 15:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2015-01-24 01:51 - 2014-06-30 00:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-23 22:53 - 2012-09-21 18:33 - 00000856 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001Core.job
2015-01-23 22:11 - 2013-09-22 16:57 - 00000906 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001Core.job
2015-01-23 22:05 - 2012-05-04 01:03 - 00000830 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-01-19 18:05 - 2013-02-10 11:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-19 18:05 - 2012-09-19 16:10 - 00000000 ____D () C:\ProgramData\Skype
2015-01-16 14:00 - 2013-08-15 02:01 - 00000000 ____D () C:\windows\system32\MRT
2015-01-16 13:47 - 2012-09-19 18:51 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-15 17:41 - 2014-01-29 17:39 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-09 16:05 - 2012-09-19 19:27 - 00154760 _____ (Webroot) C:\windows\SysWOW64\WRusr.dll
2015-01-09 16:05 - 2012-09-19 19:27 - 00115680 _____ (Webroot) C:\windows\system32\Drivers\WRkrn.sys
2015-01-09 16:05 - 2012-09-19 19:27 - 00105320 _____ (Webroot) C:\windows\system32\WRusr.dll
2015-01-06 04:36 - 2010-11-20 21:27 - 00298120 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-12-27 04:04 - 2013-07-06 22:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-12-27 04:03 - 2012-09-22 10:16 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-27 04:02 - 2014-07-22 22:36 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
==================== Files in the root of some directories =======
2012-09-19 19:27 - 2013-12-11 18:07 - 10395072 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe
2014-10-15 17:58 - 2014-10-15 17:59 - 0018170 _____ () C:\Users\Owner\AppData\Roaming\unins000.dat
2014-10-15 17:58 - 2014-10-15 17:58 - 0813217 _____ () C:\Users\Owner\AppData\Roaming\unins000.exe
2013-07-09 17:55 - 2013-07-09 17:55 - 0044218 _____ () C:\Users\Owner\AppData\Local\RAContactHistory.xml
2012-05-04 02:26 - 2012-05-04 02:27 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-05-04 02:22 - 2012-05-04 02:22 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-05-04 02:24 - 2012-05-04 02:25 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-05-04 02:22 - 2012-05-04 02:24 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-05-04 02:25 - 2012-05-04 02:26 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-15 18:26
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Owner at 2015-01-24 04:29:03
Running from C:\Users\Owner\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{48DB5914-8772-472D-B8DF-E2092BE598F6}) (Version: 10.3.181.34 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
Amazon Kindle (HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.5216 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
Easy File Share (HKLM-x32\...\{12F81925-F3C1-40DB-91F7-777817974319}) (Version: 1.2.4 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{EDE7A262-DB20-4432-A630-2ACEE186C416}) (Version: 1.0 - Samsung Electronics CO., LTD.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics CO., LTD.)
Easy Software Manager (HKLM-x32\...\{DE256D8B-D971-456D-BC02-CB64DA24F115}) (Version: 1.2.10.7 - Samsung Electronics Co., Ltd.)
Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.20 - Samsung Electronics Co., Ltd.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
Epson CreativeZone (HKLM-x32\...\{E6C82F8F-2031-4825-8CC3-98C5960875C1}) (Version: - )
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON NX510 Series Printer Uninstall (HKLM\...\EPSON NX510 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
ETDWare PS/2-X64 10.7.12.6_WHQL (HKLM\...\Elantech) (Version: 10.7.12.6 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 5.4.3.920 - Foxit Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{93F34C5C-ACAA-48F3-9B26-70359A117F12}) (Version: 3.0.12.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.11.0.1 - )
MotoHelper 2.0.51 Driver 5.1.0 (HKLM-x32\...\MotoHelper) (Version: 2.0.51 - Motorola)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
MOTOROLA MEDIA LINK (HKLM-x32\...\{378397D6-FD32-4092-A854-6A75CB7EDA46}) (Version: 1.5.2060.2 - Motorola)
Motorola Mobile Drivers Installation 5.1.0 (Version: 5.1.0 - Motorola Inc.) Hidden
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA Graphics Driver 296.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.01 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.11.1111 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.1111 - NVIDIA Corporation)
OBRONA BlockAds (HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\ObronaBlockAds) (Version: 1.1.31 - OBRONA BlockAds / Red Sky LLC) <==== ATTENTION
Pandora (HKLM-x32\...\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1) (Version: 2.0.8 - PANDORA MEDIA, INC.)
Pandora (x32 Version: 2.0.8 - PANDORA MEDIA, INC.) Hidden
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6608 - Realtek Semiconductor Corp.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.2.4 - Samsung)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Softonic Assistant (HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\SoftonicAssistant) (Version: 0.1.6 - Softonic International S.A.) <==== ATTENTION
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.5 - )
USIM Editor 1.0.28.0 (HKLM-x32\...\Card Reader Driver and USIM Editor Program_is1) (Version: - )
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.6.44 - Webroot)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version: - WildTangent) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Owner\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Owner\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
20-12-2014 01:50:27 Windows Update
24-12-2014 05:00:31 Windows Update
30-12-2014 19:54:37 Windows Update
04-01-2015 00:54:20 Windows Update
09-01-2015 17:09:00 Windows Update
13-01-2015 17:31:24 Windows Update
16-01-2015 13:46:52 Windows Update
20-01-2015 16:46:30 Windows Update
23-01-2015 22:16:49 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0627E337-7936-47E8-9892-A20951A13B68} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-04-15] (CyberLink)
Task: {1CC1A648-BB3F-42AF-AB16-C358CEEB4AEE} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-04-24] (Samsung Electronics Co., Ltd.)
Task: {1CC495A7-ECD0-4E7E-ACB3-954D9F3B2943} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.)
Task: {22743BB0-14E7-429B-A606-14823DC35106} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-04-26] ()
Task: {2423AAAD-5D87-4E51-A53C-A31694C15685} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001Core => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-21] (Google Inc.)
Task: {248E2ADC-0EC0-4D3B-9207-4312785D7DF1} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-05-08] (Samsung Electronics Co., Ltd.)
Task: {28F69776-E7CA-46F4-8094-D7E1212FFBC3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001UA => C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-22] (Facebook Inc.)
Task: {4A7BCFB7-35B9-4099-87C8-314F86AB984A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {579CF7CF-0B88-4064-933A-1B39C96D4141} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2012-03-12] (Samsung Electronics Co., Ltd.)
Task: {650E59E5-EF48-4C97-AD85-B498B96DF6BD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001UA => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-21] (Google Inc.)
Task: {6C50547A-7382-4EE6-B0C8-ABD67153BD0A} - System32\Tasks\Easy Software Manager Agent => C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe [2012-02-27] (Samsung)
Task: {6EF43FE3-DBFA-4F0B-959F-A7759C849639} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {7228033E-BEE8-49A9-9A94-7336D87A479F} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-04-26] ()
Task: {7EC5EA08-5D45-4AF0-AD16-6F86C2970937} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-04-26] ()
Task: {862AC710-6295-4C6B-B83B-2938EE2A9D37} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-01-27] (SEC)
Task: {8A1BBE8C-1E44-4B8A-A53E-701EB3F4E3F8} - System32\Tasks\{346BA7DC-9478-4F4F-9B96-275B98889E53} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.116&LastError=12007
Task: {98FA8D44-ACA1-4F43-8596-65C4A8F7260C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001Core => C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-22] (Facebook Inc.)
Task: {AF96E162-47A7-4340-9B8F-3070E5530C05} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-24] (Intel Corporation)
Task: {B8DB5DDA-F177-4E30-9066-B632F198DB89} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2012-05-01] (Samsung Electronics Co., Ltd.)
Task: {C00EB348-4711-40C7-8C2E-C53E05010092} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-24] (Intel Corporation)
Task: {CF4946FE-E39E-4324-82E3-E77F8DCF42DF} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-04-26] ()
Task: {D7F2E344-73A9-453E-9929-3B97259A8FA2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29] (Google Inc.)
Task: {D9B66071-7298-45B1-A37E-34B057C5F722} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29] (Google Inc.)
Task: {E845D815-CCAD-4934-8244-3EFF1C42C54F} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2012-01-31] (Samsung Electronics)
Task: {FF36C5C9-E53A-4F40-B73F-110BDC2072B8} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe [2012-04-03] (Samsung Electronics)
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001Core.job => C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001UA.job => C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001Core.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001UA.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Loaded Modules (whitelisted) =============
2014-10-03 08:13 - 2014-10-03 08:13 - 00073728 _____ () C:\windows\SysWOW64\afasrv64.exe
2012-05-04 01:03 - 2012-02-07 20:03 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2011-04-26 14:23 - 2011-04-26 14:23 - 00223088 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
2011-04-26 14:22 - 2011-04-26 14:22 - 00681840 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
2012-05-04 02:24 - 2009-12-01 01:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-05-04 01:16 - 2012-02-13 00:02 - 00031624 _____ () C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
2014-10-03 08:13 - 2014-10-03 08:13 - 07374336 _____ () C:\Program Files (x86)\USIM Editor\iconcs307181.exe
2014-10-14 07:00 - 2014-10-14 07:00 - 00008192 _____ () C:\Users\Owner\AppData\Local\Obrona Block Ads\ProxyResetOnKill.exe
2012-02-14 20:22 - 2012-01-05 03:24 - 00094208 _____ () C:\windows\system32\IccLibDll_x64.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-06-16 21:40 - 2011-06-16 21:40 - 00128336 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll
2011-06-16 21:39 - 2011-06-16 21:39 - 00023872 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll
2011-06-16 21:41 - 2011-06-16 21:41 - 00465632 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll
2011-06-16 21:40 - 2011-06-16 21:40 - 00045368 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll
2011-06-16 21:40 - 2011-06-16 21:40 - 00034128 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll
2012-05-04 01:25 - 2012-02-07 20:00 - 00755280 _____ () C:\Program Files (x86)\Samsung\Easy Software Manager\SWMFuncDLL.dll
2012-05-04 01:16 - 2006-08-11 21:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2012-05-04 01:16 - 2011-02-16 10:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2015-01-15 17:40 - 2015-01-08 18:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-15 17:40 - 2015-01-08 18:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2014-10-08 07:03 - 2014-10-08 07:03 - 00879104 _____ () C:\Users\Owner\AppData\Local\Obrona Block Ads\platforms\qwindows.dll
2014-10-08 07:01 - 2014-10-08 07:01 - 00021504 _____ () C:\Users\Owner\AppData\Local\Obrona Block Ads\imageformats\qgif.dll
2012-09-21 20:32 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2012-09-21 20:32 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2012-05-04 01:24 - 2011-09-08 04:40 - 01645056 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2009-11-01 23:20 - 2009-11-01 23:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-01 23:23 - 2009-11-01 23:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-05-04 01:03 - 2012-02-07 19:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-01-15 17:40 - 2015-01-08 18:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-15 17:40 - 2015-01-08 18:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
2015-01-15 17:40 - 2015-01-08 18:35 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\windows\System32:9F798C5A_Bb.gbp
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-1827809378-912741919-3246080145-500 - Administrator - Disabled)
Guest (S-1-5-21-1827809378-912741919-3246080145-501 - Limited - Disabled)
Owner (S-1-5-21-1827809378-912741919-3246080145-1001 - Administrator - Enabled) => C:\Users\Owner
UpdatusUser (S-1-5-21-1827809378-912741919-3246080145-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/24/2015 02:17:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/23/2015 10:05:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 80166137
Error: (01/23/2015 10:05:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 80166137
Error: (01/23/2015 10:05:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/23/2015 10:05:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 80165123
Error: (01/23/2015 10:05:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 80165123
Error: (01/23/2015 10:05:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/22/2015 11:48:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1045
Error: (01/22/2015 11:48:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1045
Error: (01/22/2015 11:48:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (01/24/2015 02:17:10 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000024 (0x00000000001904fb, 0xfffff8800b677248, 0xfffff8800b676aa0, 0xfffff80003072190)C:\windows\MEMORY.DMP012415-27970-01
Error: (01/24/2015 02:17:09 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:14:16 AM on 1/24/2015 was unexpected.
Error: (01/19/2015 06:05:41 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The NVIDIA Update Service Daemon service hung on starting.
Error: (01/19/2015 05:59:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (01/05/2015 00:34:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (12/27/2014 02:15:20 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :20" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.70 did not allow the name to be claimed by
this computer.
Error: (12/27/2014 02:15:20 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :0" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.70 did not allow the name to be claimed by
this computer.
Error: (12/27/2014 02:15:20 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{205A111B-88FA-4A80-93DD-185C11613E66} because another computer on the network has the same name. The server could not start.
Error: (12/27/2014 02:14:51 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :20" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.70 did not allow the name to be claimed by
this computer.
Error: (12/27/2014 02:14:51 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :0" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.70 did not allow the name to be claimed by
this computer.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 41%
Total physical RAM: 5923.54 MB
Available physical RAM: 3483.62 MB
Total Pagefile: 11845.26 MB
Available Pagefile: 8867.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:675.14 GB) (Free:575.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 10A444CC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=675.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=23.4 GB) - (Type=27)
==================== End Of Log ============================
Ran by Owner (administrator) on OWNER-PC on 24-01-2015 04:28:06
Running from C:\Users\Owner\Downloads
Loaded Profiles: UpdatusUser & Owner (Available profiles: UpdatusUser & Owner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Windows\SysWOW64\afasrv64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Samsung) C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\USIM Editor\iconcs307181.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(RedSky Sp. z o.o.) C:\Users\Owner\AppData\Local\Obrona Block Ads\ObronaBlockAds.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Users\Owner\AppData\Local\Obrona Block Ads\ProxyResetOnKill.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Owner\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12460136 2012-03-29] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2816816 2012-03-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [USBestCR] => C:\Program Files (x86)\USIM Editor\iconcs307181.exe [7374336 2014-10-03] ()
HKLM-x32\...\Run: [WRSVC] => C:\Program Files (x86)\Webroot\WRSA.exe [773256 2015-01-09] (Webroot)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [USBestCR] => C:\Program Files (x86)\USIM Editor\iconcs307181.exe [7374336 2014-10-03] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
HKU\S-1-5-21-1827809378-912741919-3246080145-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-21] (Google Inc.)
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [Epson Stylus NX510(Network)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFIA.EXE [223232 2009-11-04] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [Facebook Update] => C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-22] (Facebook Inc.)
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267] => C:\Program Files (x86)\Google\Chrome\Application \chrome.exe [856904 2015-01-08] (Google Inc.)
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [SoftonicAssistant] => C:\Users\Owner\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe [1829832 2014-11-11] ()
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [Obrona Block Ads ] => C:\Users\Owner\AppData\Local\Obrona Block Ads\ObronaBlockAds.exe [1509336 2014-10-16] (RedSky Sp. z o.o.)
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\MountPoints2: {affc424a-47ea-11e2-9145-c485088e7410} - F:\setup.exe -a
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [260928 2012-02-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [215360 2012-02-25] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk
ShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software , Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk
ShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus .lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-1827809378-912741919-3246080145-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1827809378-912741919-3246080145-1001] => http=127.0.0.1:9880
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\Software\Microsoft\Internet Explorer \Main,Start Page = http://samsung.msn.com
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\Software\Microsoft\Internet Explorer \Main,Default_Page_URL = http://samsung.msn.com
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-1827809378-912741919-3246080145-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1827809378-912741919-3246080145-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan \3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer \SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer \SkypeIEPlugin.dll (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1754664 2014-07-31] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\evr7t9fd.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application /pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 -> C:\windows \SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update ;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1827809378-912741919-3246080145-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-1827809378-912741919-3246080145-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-1827809378-912741919-3246080145-1001: @talk.google.com/O1DPlugin -> C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-1827809378-912741919-3246080145-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1827809378-912741919-3246080145-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1827809378-912741919-3246080145-1001: gastecnologia.com.br/sf/bb -> C:\Users\Owner\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-18]
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2013-11-23]
FF HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Owner\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: GBBD Banco do Brasil - C:\Users\Owner\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2014-10-15]
Chrome:
=======
CHR HomePage: Default -> hxxp://samsung.msn.com/
CHR StartupUrls: Default -> "https://mail.google.com/mail/?shva=1#inbox", "hxxp://www.google.com/"
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-29]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-27]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-29]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-29]
CHR Extension: (Webroot Filtering Extension) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dblebgkanaecgapcfefmedflbdhmblog [2013-11-23]
CHR Extension: (Skype Click to Call) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-19]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-29]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dblebgkanaecgapcfefmedflbdhmblog] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.21.crx [2013-12-16]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2012-11-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AfaService; C:\windows\SysWOW64\afasrv64.exe [73728 2014-10-03] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [546104 2014-07-21] (GAS Tecnologia)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [223088 2011-04-26] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-07] ()
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] () [File not signed]
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WRSVC; C:\Program Files (x86)\Webroot\WRSA.exe [773256 2015-01-09] (Webroot)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-07] (Intel® Corporation)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-15] (Malwarebytes Corporation)
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [115680 2015-01-09] (Webroot)
U0 SR; No ImagePath
U2 srservice; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-24 04:28 - 2015-01-24 04:28 - 00025399 _____ () C:\Users\Owner\Downloads\FRST.txt
2015-01-24 04:27 - 2015-01-24 04:28 - 00000000 ____D () C:\FRST
2015-01-24 04:24 - 2015-01-24 04:24 - 02126848 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2015-01-24 04:22 - 2015-01-24 04:22 - 01118208 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2015-01-24 02:17 - 2015-01-24 02:17 - 00282008 _____ () C:\windows\Minidump\012415-27970-01.dmp
2015-01-24 02:17 - 2015-01-24 02:17 - 00000000 ____D () C:\windows\Minidump
2015-01-24 02:16 - 2015-01-24 02:16 - 672640311 _____ () C:\windows\MEMORY.DMP
2015-01-22 23:11 - 2015-01-22 23:11 - 00376184 _____ () C:\Users\Owner\Downloads\Setup.exe
2015-01-18 23:22 - 2015-01-18 23:22 - 00009976 _____ () C:\Users\Owner\Documents\Expenses.xlsx
2015-01-18 18:39 - 2015-01-18 18:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-13 22:14 - 2014-12-18 21:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-13 22:14 - 2014-12-18 19:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-13 22:14 - 2014-12-11 23:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-13 22:14 - 2014-12-11 23:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-01-13 22:14 - 2014-12-11 23:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-01-13 22:14 - 2014-12-11 23:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-01-13 22:14 - 2014-12-11 23:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-01-13 22:14 - 2014-12-11 23:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-01-13 22:14 - 2014-12-11 23:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-01-13 22:14 - 2014-12-11 11:47 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-13 22:14 - 2014-12-05 22:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-13 22:14 - 2014-12-05 21:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-01-13 22:14 - 2014-12-05 21:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2014-12-28 23:38 - 2014-12-28 23:38 - 05288700 _____ () C:\Users\Owner\Downloads\Video.MOV
2014-12-27 04:04 - 2014-12-27 04:04 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-12-27 04:04 - 2014-12-27 04:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-12-27 04:03 - 2014-12-27 04:04 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-27 04:03 - 2014-12-27 04:04 - 00000000 ____D () C:\Program Files\iTunes
2014-12-27 04:03 - 2014-12-27 04:03 - 00000000 ____D () C:\Program Files\iPod
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-24 04:27 - 2012-09-19 19:27 - 00000000 ____D () C:\ProgramData\WRData
2015-01-24 04:21 - 2012-09-21 21:01 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Skype
2015-01-24 04:20 - 2014-01-29 17:38 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-24 04:10 - 2012-05-04 17:00 - 01944094 _____ () C:\windows\WindowsUpdate.log
2015-01-24 03:53 - 2012-09-21 18:33 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001UA.job
2015-01-24 03:14 - 2009-07-13 23:13 - 00782510 _____ () C:\windows\system32\PerfStringBackup.INI
2015-01-24 03:02 - 2013-09-22 16:57 - 00000928 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001UA.job
2015-01-24 02:28 - 2009-07-13 22:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-24 02:28 - 2009-07-13 22:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-24 02:19 - 2014-12-24 05:14 - 00000000 ____D () C:\Users\Owner\AppData\Local\SoftonicAssistant
2015-01-24 02:17 - 2014-01-29 17:38 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-24 02:17 - 2012-05-04 01:03 - 00000828 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-01-24 02:17 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-01-24 02:17 - 2009-07-13 22:51 - 00081044 _____ () C:\windows\setupact.log
2015-01-24 02:16 - 2010-11-20 21:47 - 00109580 _____ () C:\windows\PFRO.log
2015-01-24 02:14 - 2014-12-24 05:15 - 00000000 ____D () C:\Users\Owner\AppData\Local\Obrona Block Ads
2015-01-24 01:53 - 2014-10-15 17:58 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2015-01-24 01:51 - 2014-12-09 15:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2015-01-24 01:51 - 2014-06-30 00:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-23 22:53 - 2012-09-21 18:33 - 00000856 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001Core.job
2015-01-23 22:11 - 2013-09-22 16:57 - 00000906 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001Core.job
2015-01-23 22:05 - 2012-05-04 01:03 - 00000830 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-01-19 18:05 - 2013-02-10 11:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-19 18:05 - 2012-09-19 16:10 - 00000000 ____D () C:\ProgramData\Skype
2015-01-16 14:00 - 2013-08-15 02:01 - 00000000 ____D () C:\windows\system32\MRT
2015-01-16 13:47 - 2012-09-19 18:51 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-15 17:41 - 2014-01-29 17:39 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-09 16:05 - 2012-09-19 19:27 - 00154760 _____ (Webroot) C:\windows\SysWOW64\WRusr.dll
2015-01-09 16:05 - 2012-09-19 19:27 - 00115680 _____ (Webroot) C:\windows\system32\Drivers\WRkrn.sys
2015-01-09 16:05 - 2012-09-19 19:27 - 00105320 _____ (Webroot) C:\windows\system32\WRusr.dll
2015-01-06 04:36 - 2010-11-20 21:27 - 00298120 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-12-27 04:04 - 2013-07-06 22:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-12-27 04:03 - 2012-09-22 10:16 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-27 04:02 - 2014-07-22 22:36 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
==================== Files in the root of some directories =======
2012-09-19 19:27 - 2013-12-11 18:07 - 10395072 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe
2014-10-15 17:58 - 2014-10-15 17:59 - 0018170 _____ () C:\Users\Owner\AppData\Roaming\unins000.dat
2014-10-15 17:58 - 2014-10-15 17:58 - 0813217 _____ () C:\Users\Owner\AppData\Roaming\unins000.exe
2013-07-09 17:55 - 2013-07-09 17:55 - 0044218 _____ () C:\Users\Owner\AppData\Local\RAContactHistory.xml
2012-05-04 02:26 - 2012-05-04 02:27 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-05-04 02:22 - 2012-05-04 02:22 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-05-04 02:24 - 2012-05-04 02:25 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-05-04 02:22 - 2012-05-04 02:24 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-05-04 02:25 - 2012-05-04 02:26 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-15 18:26
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Owner at 2015-01-24 04:29:03
Running from C:\Users\Owner\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{48DB5914-8772-472D-B8DF-E2092BE598F6}) (Version: 10.3.181.34 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
Amazon Kindle (HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.5216 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
Easy File Share (HKLM-x32\...\{12F81925-F3C1-40DB-91F7-777817974319}) (Version: 1.2.4 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{EDE7A262-DB20-4432-A630-2ACEE186C416}) (Version: 1.0 - Samsung Electronics CO., LTD.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics CO., LTD.)
Easy Software Manager (HKLM-x32\...\{DE256D8B-D971-456D-BC02-CB64DA24F115}) (Version: 1.2.10.7 - Samsung Electronics Co., Ltd.)
Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.20 - Samsung Electronics Co., Ltd.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
Epson CreativeZone (HKLM-x32\...\{E6C82F8F-2031-4825-8CC3-98C5960875C1}) (Version: - )
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON NX510 Series Printer Uninstall (HKLM\...\EPSON NX510 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
ETDWare PS/2-X64 10.7.12.6_WHQL (HKLM\...\Elantech) (Version: 10.7.12.6 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 5.4.3.920 - Foxit Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{93F34C5C-ACAA-48F3-9B26-70359A117F12}) (Version: 3.0.12.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.11.0.1 - )
MotoHelper 2.0.51 Driver 5.1.0 (HKLM-x32\...\MotoHelper) (Version: 2.0.51 - Motorola)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
MOTOROLA MEDIA LINK (HKLM-x32\...\{378397D6-FD32-4092-A854-6A75CB7EDA46}) (Version: 1.5.2060.2 - Motorola)
Motorola Mobile Drivers Installation 5.1.0 (Version: 5.1.0 - Motorola Inc.) Hidden
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA Graphics Driver 296.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.01 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.11.1111 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.1111 - NVIDIA Corporation)
OBRONA BlockAds (HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\ObronaBlockAds) (Version: 1.1.31 - OBRONA BlockAds / Red Sky LLC) <==== ATTENTION
Pandora (HKLM-x32\...\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1) (Version: 2.0.8 - PANDORA MEDIA, INC.)
Pandora (x32 Version: 2.0.8 - PANDORA MEDIA, INC.) Hidden
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6608 - Realtek Semiconductor Corp.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.2.4 - Samsung)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Softonic Assistant (HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\SoftonicAssistant) (Version: 0.1.6 - Softonic International S.A.) <==== ATTENTION
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.5 - )
USIM Editor 1.0.28.0 (HKLM-x32\...\Card Reader Driver and USIM Editor Program_is1) (Version: - )
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.6.44 - Webroot)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version: - WildTangent) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Owner\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Owner\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1827809378-912741919-3246080145-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
20-12-2014 01:50:27 Windows Update
24-12-2014 05:00:31 Windows Update
30-12-2014 19:54:37 Windows Update
04-01-2015 00:54:20 Windows Update
09-01-2015 17:09:00 Windows Update
13-01-2015 17:31:24 Windows Update
16-01-2015 13:46:52 Windows Update
20-01-2015 16:46:30 Windows Update
23-01-2015 22:16:49 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0627E337-7936-47E8-9892-A20951A13B68} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-04-15] (CyberLink)
Task: {1CC1A648-BB3F-42AF-AB16-C358CEEB4AEE} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-04-24] (Samsung Electronics Co., Ltd.)
Task: {1CC495A7-ECD0-4E7E-ACB3-954D9F3B2943} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.)
Task: {22743BB0-14E7-429B-A606-14823DC35106} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-04-26] ()
Task: {2423AAAD-5D87-4E51-A53C-A31694C15685} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001Core => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-21] (Google Inc.)
Task: {248E2ADC-0EC0-4D3B-9207-4312785D7DF1} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-05-08] (Samsung Electronics Co., Ltd.)
Task: {28F69776-E7CA-46F4-8094-D7E1212FFBC3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001UA => C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-22] (Facebook Inc.)
Task: {4A7BCFB7-35B9-4099-87C8-314F86AB984A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {579CF7CF-0B88-4064-933A-1B39C96D4141} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2012-03-12] (Samsung Electronics Co., Ltd.)
Task: {650E59E5-EF48-4C97-AD85-B498B96DF6BD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001UA => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-21] (Google Inc.)
Task: {6C50547A-7382-4EE6-B0C8-ABD67153BD0A} - System32\Tasks\Easy Software Manager Agent => C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe [2012-02-27] (Samsung)
Task: {6EF43FE3-DBFA-4F0B-959F-A7759C849639} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {7228033E-BEE8-49A9-9A94-7336D87A479F} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-04-26] ()
Task: {7EC5EA08-5D45-4AF0-AD16-6F86C2970937} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-04-26] ()
Task: {862AC710-6295-4C6B-B83B-2938EE2A9D37} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-01-27] (SEC)
Task: {8A1BBE8C-1E44-4B8A-A53E-701EB3F4E3F8} - System32\Tasks\{346BA7DC-9478-4F4F-9B96-275B98889E53} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.116&LastError=12007
Task: {98FA8D44-ACA1-4F43-8596-65C4A8F7260C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001Core => C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-22] (Facebook Inc.)
Task: {AF96E162-47A7-4340-9B8F-3070E5530C05} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-24] (Intel Corporation)
Task: {B8DB5DDA-F177-4E30-9066-B632F198DB89} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2012-05-01] (Samsung Electronics Co., Ltd.)
Task: {C00EB348-4711-40C7-8C2E-C53E05010092} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-24] (Intel Corporation)
Task: {CF4946FE-E39E-4324-82E3-E77F8DCF42DF} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-04-26] ()
Task: {D7F2E344-73A9-453E-9929-3B97259A8FA2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29] (Google Inc.)
Task: {D9B66071-7298-45B1-A37E-34B057C5F722} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29] (Google Inc.)
Task: {E845D815-CCAD-4934-8244-3EFF1C42C54F} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2012-01-31] (Samsung Electronics)
Task: {FF36C5C9-E53A-4F40-B73F-110BDC2072B8} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe [2012-04-03] (Samsung Electronics)
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001Core.job => C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001UA.job => C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001Core.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1827809378-912741919-3246080145-1001UA.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Loaded Modules (whitelisted) =============
2014-10-03 08:13 - 2014-10-03 08:13 - 00073728 _____ () C:\windows\SysWOW64\afasrv64.exe
2012-05-04 01:03 - 2012-02-07 20:03 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2011-04-26 14:23 - 2011-04-26 14:23 - 00223088 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
2011-04-26 14:22 - 2011-04-26 14:22 - 00681840 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
2012-05-04 02:24 - 2009-12-01 01:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-05-04 01:16 - 2012-02-13 00:02 - 00031624 _____ () C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
2014-10-03 08:13 - 2014-10-03 08:13 - 07374336 _____ () C:\Program Files (x86)\USIM Editor\iconcs307181.exe
2014-10-14 07:00 - 2014-10-14 07:00 - 00008192 _____ () C:\Users\Owner\AppData\Local\Obrona Block Ads\ProxyResetOnKill.exe
2012-02-14 20:22 - 2012-01-05 03:24 - 00094208 _____ () C:\windows\system32\IccLibDll_x64.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-06-16 21:40 - 2011-06-16 21:40 - 00128336 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll
2011-06-16 21:39 - 2011-06-16 21:39 - 00023872 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll
2011-06-16 21:41 - 2011-06-16 21:41 - 00465632 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll
2011-06-16 21:40 - 2011-06-16 21:40 - 00045368 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll
2011-06-16 21:40 - 2011-06-16 21:40 - 00034128 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll
2012-05-04 01:25 - 2012-02-07 20:00 - 00755280 _____ () C:\Program Files (x86)\Samsung\Easy Software Manager\SWMFuncDLL.dll
2012-05-04 01:16 - 2006-08-11 21:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2012-05-04 01:16 - 2011-02-16 10:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2015-01-15 17:40 - 2015-01-08 18:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-15 17:40 - 2015-01-08 18:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2014-10-08 07:03 - 2014-10-08 07:03 - 00879104 _____ () C:\Users\Owner\AppData\Local\Obrona Block Ads\platforms\qwindows.dll
2014-10-08 07:01 - 2014-10-08 07:01 - 00021504 _____ () C:\Users\Owner\AppData\Local\Obrona Block Ads\imageformats\qgif.dll
2012-09-21 20:32 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2012-09-21 20:32 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2012-05-04 01:24 - 2011-09-08 04:40 - 01645056 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2009-11-01 23:20 - 2009-11-01 23:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-01 23:23 - 2009-11-01 23:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-05-04 01:03 - 2012-02-07 19:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-01-15 17:40 - 2015-01-08 18:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-15 17:40 - 2015-01-08 18:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
2015-01-15 17:40 - 2015-01-08 18:35 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\windows\System32:9F798C5A_Bb.gbp
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-1827809378-912741919-3246080145-500 - Administrator - Disabled)
Guest (S-1-5-21-1827809378-912741919-3246080145-501 - Limited - Disabled)
Owner (S-1-5-21-1827809378-912741919-3246080145-1001 - Administrator - Enabled) => C:\Users\Owner
UpdatusUser (S-1-5-21-1827809378-912741919-3246080145-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/24/2015 02:17:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/23/2015 10:05:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 80166137
Error: (01/23/2015 10:05:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 80166137
Error: (01/23/2015 10:05:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/23/2015 10:05:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 80165123
Error: (01/23/2015 10:05:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 80165123
Error: (01/23/2015 10:05:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/22/2015 11:48:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1045
Error: (01/22/2015 11:48:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1045
Error: (01/22/2015 11:48:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (01/24/2015 02:17:10 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000024 (0x00000000001904fb, 0xfffff8800b677248, 0xfffff8800b676aa0, 0xfffff80003072190)C:\windows\MEMORY.DMP012415-27970-01
Error: (01/24/2015 02:17:09 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:14:16 AM on 1/24/2015 was unexpected.
Error: (01/19/2015 06:05:41 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The NVIDIA Update Service Daemon service hung on starting.
Error: (01/19/2015 05:59:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (01/05/2015 00:34:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (12/27/2014 02:15:20 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :20" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.70 did not allow the name to be claimed by
this computer.
Error: (12/27/2014 02:15:20 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :0" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.70 did not allow the name to be claimed by
this computer.
Error: (12/27/2014 02:15:20 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{205A111B-88FA-4A80-93DD-185C11613E66} because another computer on the network has the same name. The server could not start.
Error: (12/27/2014 02:14:51 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :20" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.70 did not allow the name to be claimed by
this computer.
Error: (12/27/2014 02:14:51 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :0" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.70 did not allow the name to be claimed by
this computer.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 41%
Total physical RAM: 5923.54 MB
Available physical RAM: 3483.62 MB
Total Pagefile: 11845.26 MB
Available Pagefile: 8867.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:675.14 GB) (Free:575.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 10A444CC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=675.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=23.4 GB) - (Type=27)
==================== End Of Log ============================