Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by NET1 (08-09-2017 23:33:16)
Running from C:\Users\NET1\Desktop\rapports\applications
Windows 7 Ultimate (X64) (2012-07-27 06:57:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1113787428-1424384801-3093382837-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-1113787428-1424384801-3093382837-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1113787428-1424384801-3093382837-1002 - Limited - Enabled)
NET1 (S-1-5-21-1113787428-1424384801-3093382837-1000 - Administrator - Enabled) => C:\Users\NET1
Sashka (S-1-5-21-1113787428-1424384801-3093382837-1003 - Limited - Enabled) => C:\Users\Sashka
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG Antivirus (Disabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Disabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.0 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1113787428-1424384801-3093382837-1000\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Bulgarian (HKLM-x32\...\{AC76BA86-7AD7-1026-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
AVG (HKLM\...\{BA40B3B4-7707-437E-84FF-8C18BE5AD9B6}) (Version: 1.211.2 - AVG Technologies) Hidden
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.4.3014 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.7.0.199 - AVG Technologies)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2013 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Détection de l'application Winamp (HKU\S-1-5-21-1113787428-1424384801-3093382837-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
DisplayLink Core Software (HKLM\...\{E1CD90F5-0972-45C7-A450-7ACF9EF6FB28}) (Version: 4.5.13507.0 - DisplayLink Corp.)
DocBackupAP (HKLM-x32\...\DocBackupAP) (Version: - )
Elements 12 Organizer (HKLM-x32\...\{9D80A7B7-DC01-485D-AE93-710D559B5C56}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FMW 1 (HKLM\...\{F64508FE-73C8-4C27-9CCA-3799C428B70B}) (Version: 1.223.1 - AVG Technologies) Hidden
GLOBUL Connection Manager (HKLM-x32\...\GLOBUL Connection Manager) (Version: 21.005.15.02.250 - Huawei Technologies Co.,Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.10.0 - Intel)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.600 - Oracle)
Logitech SetPoint 6.51 (HKLM\...\sp6) (Version: 6.51.8 - Logitech)
Malwarebytes version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301036}) (Version: 7.02.9753 - Nero AG)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}) (Version: 3.41.9593 - Apache Software Foundation)
Photo Mechanic 5 (HKLM-x32\...\{DE924CF0-B8BB-42BA-BDA0-14535F79DF3F}) (Version: 5.0 - Camera Bits, Inc)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
PowerDirector (HKLM\...\{E8C64028-08E5-4BF0-B1C0-DBAAC6A77DF1}) (Version: 9.00.0000 - CyberLink Corp.) Hidden
PSE12 STI Installer (HKLM-x32\...\{11F9A376-342F-4297-82DA-1F6EA8ED4B6B}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Qualcomm USB Drivers For Windows (HKLM-x32\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.00.25 - QUALCOMM Incorporated)
SEDREAP (HKLM-x32\...\SEDREAP) (Version: - )
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.0.0.08060 - Sony Corporation)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype Web Plugin (HKLM-x32\...\{CD62BCB9-02D2-443F-AC7A-443377DA5B38}) (Version: 7.31.0.56 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.30 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM-x32\...\InstallShield_{607398CF-354B-4E21-B1BC-549424BFD04C}) (Version: 2.00.0003 - Texas Instruments Inc.)
TIPCI (HKLM-x32\...\{607398CF-354B-4E21-B1BC-549424BFD04C}) (Version: 2.00.0003 - Texas Instruments Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VAIO Power Management (HKLM-x32\...\{802889F8-6AF5-45A5-9764-CA5B999E50FC}) (Version: 2.5.0.06250 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.6 - Nullsoft, Inc)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/11/2009 2.0.0010.00002) (HKLM\...\256CD808BFEEBAFFBD9071CA2C9D2D633E524FC9) (Version: 08/11/2009 2.0.0010.00002 - Google, Inc.)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Windows Driver Package - Qualcomm (qcusbnet) Net (07/29/2011 1.0.6.5) (HKLM\...\2F53F0A0FCEDAFD3CCCB1439CAAE0738B4BAFBFB) (Version: 07/29/2011 1.0.6.5 - Qualcomm)
Windows Driver Package - Qualcomm Incorporated (qcusbser) Modem (07/29/2011 2.0.8.7) (HKLM\...\6BF6A4AE61C76DD6CBA31ACB5852032BA320D4E4) (Version: 07/29/2011 2.0.8.7 - Qualcomm Incorporated)
Windows Driver Package - Qualcomm Incorporated (qcusbser) Ports (07/29/2011 2.0.8.7) (HKLM\...\05D0DACD8686BF30FA10AEAD80D777AEDC6B2562) (Version: 07/29/2011 2.0.8.7 - Qualcomm Incorporated)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinRAR 4.01 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers1-x32: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1-x32: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-05-14] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1-x32-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-06-28] (Nero AG)
ContextMenuHandlers1-x32-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers1-x32-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers4-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2009-07-18] (NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-05-14] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0DBE3C95-E818-483B-A9E2-487D29A3A768} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1DD0AAE6-3B25-486E-B8AB-916CD8A0ED40} - System32\Tasks\{93E04AFC-FF5C-4101-8B84-31F821A96001} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.18.59.106/bg/abandoninstall?page=tsProgressBar
Task: {2CF589E0-9EDA-4B17-89BB-D21D3BC7869F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {4A2EE873-885B-409D-A114-86993F0496A0} - \{00D4F15A-7480-4CBC-B9B8-20BFDD373142} -> No File <==== ATTENTION
Task: {4B8E1884-2CDB-46CD-937A-C3776EE5191C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6435A999-ABE9-4732-8C2E-61C40B525D15} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {70672D03-8783-4D57-B0ED-D5574B052462} - System32\Tasks\AdobeAAMUpdater-1.0-NET1-PC-NET1 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {8946A4CD-059C-42A3-A78B-14290E72C25D} - System32\Tasks\{D970188C-77E1-4648-B290-BE350B718D07} => C:\Windows\system32\pcalua.exe -a "C:\Users\NET1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K7LN5DEV\RIDMSC-15669200-US.EXE" -d C:\Users\NET1\Desktop
Task: {936F5149-BC06-4957-8F6B-B4A75D22D9A5} - System32\Tasks\{8329C2B8-BF2F-402A-AD0A-23C5513783EC} => "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.4.0.102/bg/abandoninstall?page=tsProgressBar
Task: {9F9D896E-546F-4D33-962D-6EEE76E46FB3} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {ABB8189B-510C-4662-90E7-C49BB442CCC1} - System32\Tasks\{778873EC-6AC6-487E-8EE4-51C138E5C60D} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.116.259&LastError=12007
Task: {ABD1E9CC-EAFB-4C54-A5A3-EFAD2556880A} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {BE3486A2-A857-4246-B3D4-5F31359E9691} - System32\Tasks\{E4F3E25E-B35B-461E-B279-B7E3FB8E0675} => C:\Windows\system32\pcalua.exe -a C:\Users\NET1\Downloads\out_xf.exe -d C:\Users\NET1\Downloads
Task: {BFD838E9-3B15-4109-A549-B1BA48B2A553} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {D2AB85AA-4770-4FD1-AF49-885DB34436C2} - System32\Tasks\{12CC3C38-A3A6-45D3-84D2-AF2274011541} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {F2D7F7EB-18FA-41F1-B1EB-034CA9FB1DF1} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-05-14] (AVG Technologies CZ, s.r.o.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\NET1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Помощен файл на WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () <==== Cyrillic
Shortcut: C:\Users\NET1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ръководство за конзолната версия на RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () <==== Cyrillic
==================== Loaded Modules (Whitelisted) ==============
2012-07-27 16:33 - 2012-07-27 16:32 - 000655712 _____ () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\ouc.exe
2011-03-14 17:27 - 2011-03-14 17:27 - 000346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2015-01-04 01:02 - 2015-01-04 01:02 - 000066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-04 01:02 - 2015-01-04 01:02 - 000107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2013-05-21 01:17 - 2009-04-17 18:01 - 000247152 _____ () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2017-09-03 18:32 - 2017-08-23 10:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
2017-09-03 18:32 - 2017-08-23 10:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
2016-11-28 16:23 - 2016-11-28 16:22 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-05-14 13:55 - 2017-05-14 13:55 - 000171344 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-05-14 13:56 - 2017-05-14 13:56 - 000999024 _____ () C:\Program Files (x86)\AVG\Antivirus\AvChrome.dll
2017-05-14 13:56 - 2017-05-14 13:56 - 067717632 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2017-05-14 13:56 - 2017-05-14 13:56 - 000178120 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll
2017-05-14 13:56 - 2017-05-14 13:56 - 000224352 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2017-05-14 13:56 - 2017-05-14 13:56 - 000685784 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2012-07-27 16:33 - 2012-07-27 16:32 - 000011362 _____ () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\mingwm10.dll
2012-07-27 16:33 - 2012-07-27 16:32 - 000043008 _____ () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2012-07-27 16:33 - 2012-07-27 16:32 - 002415104 _____ () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\QtCore4.dll
2012-07-27 16:33 - 2012-07-27 16:32 - 001148416 _____ () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\QtNetwork4.dll
2012-07-27 16:33 - 2012-07-27 16:32 - 000835072 _____ () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\QueryStrategy.dll
2012-07-27 16:33 - 2012-07-27 16:32 - 000398336 _____ () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\QtXml4.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1113787428-1424384801-3093382837-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\NET1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AFDAEDE3-F2FE-4790-B8ED-0F430E4A84B0}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{DA58DDA2-6D92-4D08-A01F-BDB682AEBFC1}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{091DDD6A-550C-4328-92BD-E0911F976C98}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{AEA72919-0023-4BD9-AC4F-2963C6938C7F}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{1D9BA706-1E7C-4B5E-B768-067AB9178814}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{C4FB5A05-5B37-49FC-9DD1-775A52155929}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{D8A78983-1403-4DCC-9B2B-61D053D2B35A}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{A99E69CF-7DC2-40FB-BF60-EAF9CA893B43}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{12B58913-ABE9-4203-A0CF-42EE389F3B63}C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [UDP Query User{AAF78E35-F0F0-4E6B-A997-3EA67D0733C0}C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [{E0894C84-9602-4CEA-B0D5-FB7AA32B7175}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{07A3D418-54BC-47C7-8C9E-922E5D9019BB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2AD7ECBA-D521-4BDA-AE63-C88E7E3D52FD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CF8B5751-22B9-42AE-BB1C-F490FB5134CF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{042B5DF7-8308-490F-AC5E-DB2AD0E0E63D}C:\users\sashka\downloads\sky38i.exe] => (Allow) C:\users\sashka\downloads\sky38i.exe
FirewallRules: [UDP Query User{F3CB32C0-19FC-4915-9367-5B4BD780A346}C:\users\sashka\downloads\sky38i.exe] => (Allow) C:\users\sashka\downloads\sky38i.exe
FirewallRules: [{2F92FB09-7C0C-40BE-8C7B-5EEF71C3B141}] => (Allow) C:\Users\Sashka\Downloads\Sky38i.exe
FirewallRules: [{2AB31C8F-16DC-4B2B-9B8D-DEE9BFAD61DE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/07/2017 09:44:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FRST64.exe, version: 20.8.2017.0, time stamp: 0x5998aed0
Faulting module name: FRST64.exe, version: 20.8.2017.0, time stamp: 0x5998aed0
Exception code: 0xc0000005
Fault offset: 0x0000000000026754
Faulting process id: 0xe10
Faulting application start time: 0x01d3281101321156
Faulting application path: C:\Users\NET1\Desktop\rapports\applications\FRST64.exe
Faulting module path: C:\Users\NET1\Desktop\rapports\applications\FRST64.exe
Report Id: ffcd7762-9404-11e7-a84c-816152e6e6ff
Error: (09/02/2017 11:36:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 3.0.0.1169, time stamp: 0x5997224a
Faulting module name: Qt5Core.dll, version: 5.6.2.0, time stamp: 0x594d4411
Exception code: 0xc0000005
Fault offset: 0x001a9fd6
Faulting process id: 0x6e4
Faulting application start time: 0x01d324336753f671
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: bc29ea18-9026-11e7-8e0c-f3a65505c7c4
Error: (04/07/2017 06:37:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (04/07/2017 06:37:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (04/07/2017 11:14:11 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (04/07/2017 11:14:11 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (04/06/2017 06:52:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (04/06/2017 06:52:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (04/05/2017 05:41:18 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (04/05/2017 05:41:18 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
System errors:
=============
Error: (09/08/2017 10:59:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (09/08/2017 10:56:11 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.81, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
Error: (09/08/2017 10:56:01 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.
Error: (09/08/2017 10:52:55 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server:
{A47979D2-C419-11D9-A5B4-001185AD2B89}
Error: (09/08/2017 10:52:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
After starting, the service hung in a start-pending state.
Error: (09/08/2017 10:52:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Network Location Awareness service hung on starting.
Error: (09/08/2017 10:51:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
dlkmdldr
Error: (09/08/2017 10:51:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Internet Connection Sharing (ICS) service hung on starting.
Error: (09/08/2017 10:51:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Network Location Awareness service hung on starting.
Error: (09/08/2017 10:48:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The GLOBUL Connection Manager. OUC service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz
Percentage of memory in use: 50%
Total physical RAM: 4092.98 MB
Available physical RAM: 2026.96 MB
Total Virtual: 8184.11 MB
Available Virtual: 6111.22 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.56 GB) (Free:41.52 GB) NTFS
Drive d: () (Fixed) (Total:368.1 GB) (Free:139.43 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: ECFA3D9E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by NET1 (08-09-2017 23:33:16)
Running from C:\Users\NET1\Desktop\rapports\applications
Windows 7 Ultimate (X64) (2012-07-27 06:57:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1113787428-1424384801-3093382837-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-1113787428-1424384801-3093382837-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1113787428-1424384801-3093382837-1002 - Limited - Enabled)
NET1 (S-1-5-21-1113787428-1424384801-3093382837-1000 - Administrator - Enabled) => C:\Users\NET1
Sashka (S-1-5-21-1113787428-1424384801-3093382837-1003 - Limited - Enabled) => C:\Users\Sashka
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG Antivirus (Disabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Disabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.0 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1113787428-1424384801-3093382837-1000\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Bulgarian (HKLM-x32\...\{AC76BA86-7AD7-1026-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
AVG (HKLM\...\{BA40B3B4-7707-437E-84FF-8C18BE5AD9B6}) (Version: 1.211.2 - AVG Technologies) Hidden
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.4.3014 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.7.0.199 - AVG Technologies)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2013 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Détection de l'application Winamp (HKU\S-1-5-21-1113787428-1424384801-3093382837-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
DisplayLink Core Software (HKLM\...\{E1CD90F5-0972-45C7-A450-7ACF9EF6FB28}) (Version: 4.5.13507.0 - DisplayLink Corp.)
DocBackupAP (HKLM-x32\...\DocBackupAP) (Version: - )
Elements 12 Organizer (HKLM-x32\...\{9D80A7B7-DC01-485D-AE93-710D559B5C56}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FMW 1 (HKLM\...\{F64508FE-73C8-4C27-9CCA-3799C428B70B}) (Version: 1.223.1 - AVG Technologies) Hidden
GLOBUL Connection Manager (HKLM-x32\...\GLOBUL Connection Manager) (Version: 21.005.15.02.250 - Huawei Technologies Co.,Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.10.0 - Intel)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.600 - Oracle)
Logitech SetPoint 6.51 (HKLM\...\sp6) (Version: 6.51.8 - Logitech)
Malwarebytes version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301036}) (Version: 7.02.9753 - Nero AG)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}) (Version: 3.41.9593 - Apache Software Foundation)
Photo Mechanic 5 (HKLM-x32\...\{DE924CF0-B8BB-42BA-BDA0-14535F79DF3F}) (Version: 5.0 - Camera Bits, Inc)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
PowerDirector (HKLM\...\{E8C64028-08E5-4BF0-B1C0-DBAAC6A77DF1}) (Version: 9.00.0000 - CyberLink Corp.) Hidden
PSE12 STI Installer (HKLM-x32\...\{11F9A376-342F-4297-82DA-1F6EA8ED4B6B}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Qualcomm USB Drivers For Windows (HKLM-x32\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.00.25 - QUALCOMM Incorporated)
SEDREAP (HKLM-x32\...\SEDREAP) (Version: - )
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.0.0.08060 - Sony Corporation)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype Web Plugin (HKLM-x32\...\{CD62BCB9-02D2-443F-AC7A-443377DA5B38}) (Version: 7.31.0.56 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.30 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM-x32\...\InstallShield_{607398CF-354B-4E21-B1BC-549424BFD04C}) (Version: 2.00.0003 - Texas Instruments Inc.)
TIPCI (HKLM-x32\...\{607398CF-354B-4E21-B1BC-549424BFD04C}) (Version: 2.00.0003 - Texas Instruments Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VAIO Power Management (HKLM-x32\...\{802889F8-6AF5-45A5-9764-CA5B999E50FC}) (Version: 2.5.0.06250 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.6 - Nullsoft, Inc)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/11/2009 2.0.0010.00002) (HKLM\...\256CD808BFEEBAFFBD9071CA2C9D2D633E524FC9) (Version: 08/11/2009 2.0.0010.00002 - Google, Inc.)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Windows Driver Package - Qualcomm (qcusbnet) Net (07/29/2011 1.0.6.5) (HKLM\...\2F53F0A0FCEDAFD3CCCB1439CAAE0738B4BAFBFB) (Version: 07/29/2011 1.0.6.5 - Qualcomm)
Windows Driver Package - Qualcomm Incorporated (qcusbser) Modem (07/29/2011 2.0.8.7) (HKLM\...\6BF6A4AE61C76DD6CBA31ACB5852032BA320D4E4) (Version: 07/29/2011 2.0.8.7 - Qualcomm Incorporated)
Windows Driver Package - Qualcomm Incorporated (qcusbser) Ports (07/29/2011 2.0.8.7) (HKLM\...\05D0DACD8686BF30FA10AEAD80D777AEDC6B2562) (Version: 07/29/2011 2.0.8.7 - Qualcomm Incorporated)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinRAR 4.01 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers1-x32: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1-x32: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-05-14] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1-x32-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-06-28] (Nero AG)
ContextMenuHandlers1-x32-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers1-x32-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers4-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2009-07-18] (NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-05-14] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0DBE3C95-E818-483B-A9E2-487D29A3A768} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1DD0AAE6-3B25-486E-B8AB-916CD8A0ED40} - System32\Tasks\{93E04AFC-FF5C-4101-8B84-31F821A96001} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.18.59.106/bg/abandoninstall?page=tsProgressBar
Task: {2CF589E0-9EDA-4B17-89BB-D21D3BC7869F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {4A2EE873-885B-409D-A114-86993F0496A0} - \{00D4F15A-7480-4CBC-B9B8-20BFDD373142} -> No File <==== ATTENTION
Task: {4B8E1884-2CDB-46CD-937A-C3776EE5191C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6435A999-ABE9-4732-8C2E-61C40B525D15} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {70672D03-8783-4D57-B0ED-D5574B052462} - System32\Tasks\AdobeAAMUpdater-1.0-NET1-PC-NET1 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {8946A4CD-059C-42A3-A78B-14290E72C25D} - System32\Tasks\{D970188C-77E1-4648-B290-BE350B718D07} => C:\Windows\system32\pcalua.exe -a "C:\Users\NET1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K7LN5DEV\RIDMSC-15669200-US.EXE" -d C:\Users\NET1\Desktop
Task: {936F5149-BC06-4957-8F6B-B4A75D22D9A5} - System32\Tasks\{8329C2B8-BF2F-402A-AD0A-23C5513783EC} => "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.4.0.102/bg/abandoninstall?page=tsProgressBar
Task: {9F9D896E-546F-4D33-962D-6EEE76E46FB3} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {ABB8189B-510C-4662-90E7-C49BB442CCC1} - System32\Tasks\{778873EC-6AC6-487E-8EE4-51C138E5C60D} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.116.259&LastError=12007
Task: {ABD1E9CC-EAFB-4C54-A5A3-EFAD2556880A} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {BE3486A2-A857-4246-B3D4-5F31359E9691} - System32\Tasks\{E4F3E25E-B35B-461E-B279-B7E3FB8E0675} => C:\Windows\system32\pcalua.exe -a C:\Users\NET1\Downloads\out_xf.exe -d C:\Users\NET1\Downloads
Task: {BFD838E9-3B15-4109-A549-B1BA48B2A553} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {D2AB85AA-4770-4FD1-AF49-885DB34436C2} - System32\Tasks\{12CC3C38-A3A6-45D3-84D2-AF2274011541} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {F2D7F7EB-18FA-41F1-B1EB-034CA9FB1DF1} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-05-14] (AVG Technologies CZ, s.r.o.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\NET1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Помощен файл на WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () <==== Cyrillic
Shortcut: C:\Users\NET1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ръководство за конзолната версия на RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () <==== Cyrillic
==================== Loaded Modules (Whitelisted) ==============
2012-07-27 16:33 - 2012-07-27 16:32 - 000655712 _____ () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\ouc.exe
2011-03-14 17:27 - 2011-03-14 17:27 - 000346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2015-01-04 01:02 - 2015-01-04 01:02 - 000066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-04 01:02 - 2015-01-04 01:02 - 000107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2013-05-21 01:17 - 2009-04-17 18:01 - 000247152 _____ () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2017-09-03 18:32 - 2017-08-23 10:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
2017-09-03 18:32 - 2017-08-23 10:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
2016-11-28 16:23 - 2016-11-28 16:22 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-05-14 13:55 - 2017-05-14 13:55 - 000171344 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-05-14 13:56 - 2017-05-14 13:56 - 000999024 _____ () C:\Program Files (x86)\AVG\Antivirus\AvChrome.dll
2017-05-14 13:56 - 2017-05-14 13:56 - 067717632 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2017-05-14 13:56 - 2017-05-14 13:56 - 000178120 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll
2017-05-14 13:56 - 2017-05-14 13:56 - 000224352 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2017-05-14 13:56 - 2017-05-14 13:56 - 000685784 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2012-07-27 16:33 - 2012-07-27 16:32 - 000011362 _____ () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\mingwm10.dll
2012-07-27 16:33 - 2012-07-27 16:32 - 000043008 _____ () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2012-07-27 16:33 - 2012-07-27 16:32 - 002415104 _____ () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\QtCore4.dll
2012-07-27 16:33 - 2012-07-27 16:32 - 001148416 _____ () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\QtNetwork4.dll
2012-07-27 16:33 - 2012-07-27 16:32 - 000835072 _____ () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\QueryStrategy.dll
2012-07-27 16:33 - 2012-07-27 16:32 - 000398336 _____ () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\QtXml4.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1113787428-1424384801-3093382837-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\NET1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AFDAEDE3-F2FE-4790-B8ED-0F430E4A84B0}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{DA58DDA2-6D92-4D08-A01F-BDB682AEBFC1}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{091DDD6A-550C-4328-92BD-E0911F976C98}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{AEA72919-0023-4BD9-AC4F-2963C6938C7F}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{1D9BA706-1E7C-4B5E-B768-067AB9178814}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{C4FB5A05-5B37-49FC-9DD1-775A52155929}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{D8A78983-1403-4DCC-9B2B-61D053D2B35A}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{A99E69CF-7DC2-40FB-BF60-EAF9CA893B43}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{12B58913-ABE9-4203-A0CF-42EE389F3B63}C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [UDP Query User{AAF78E35-F0F0-4E6B-A997-3EA67D0733C0}C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [{E0894C84-9602-4CEA-B0D5-FB7AA32B7175}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{07A3D418-54BC-47C7-8C9E-922E5D9019BB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2AD7ECBA-D521-4BDA-AE63-C88E7E3D52FD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CF8B5751-22B9-42AE-BB1C-F490FB5134CF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{042B5DF7-8308-490F-AC5E-DB2AD0E0E63D}C:\users\sashka\downloads\sky38i.exe] => (Allow) C:\users\sashka\downloads\sky38i.exe
FirewallRules: [UDP Query User{F3CB32C0-19FC-4915-9367-5B4BD780A346}C:\users\sashka\downloads\sky38i.exe] => (Allow) C:\users\sashka\downloads\sky38i.exe
FirewallRules: [{2F92FB09-7C0C-40BE-8C7B-5EEF71C3B141}] => (Allow) C:\Users\Sashka\Downloads\Sky38i.exe
FirewallRules: [{2AB31C8F-16DC-4B2B-9B8D-DEE9BFAD61DE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/07/2017 09:44:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FRST64.exe, version: 20.8.2017.0, time stamp: 0x5998aed0
Faulting module name: FRST64.exe, version: 20.8.2017.0, time stamp: 0x5998aed0
Exception code: 0xc0000005
Fault offset: 0x0000000000026754
Faulting process id: 0xe10
Faulting application start time: 0x01d3281101321156
Faulting application path: C:\Users\NET1\Desktop\rapports\applications\FRST64.exe
Faulting module path: C:\Users\NET1\Desktop\rapports\applications\FRST64.exe
Report Id: ffcd7762-9404-11e7-a84c-816152e6e6ff
Error: (09/02/2017 11:36:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 3.0.0.1169, time stamp: 0x5997224a
Faulting module name: Qt5Core.dll, version: 5.6.2.0, time stamp: 0x594d4411
Exception code: 0xc0000005
Fault offset: 0x001a9fd6
Faulting process id: 0x6e4
Faulting application start time: 0x01d324336753f671
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: bc29ea18-9026-11e7-8e0c-f3a65505c7c4
Error: (04/07/2017 06:37:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (04/07/2017 06:37:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (04/07/2017 11:14:11 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (04/07/2017 11:14:11 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (04/06/2017 06:52:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (04/06/2017 06:52:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (04/05/2017 05:41:18 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (04/05/2017 05:41:18 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
System errors:
=============
Error: (09/08/2017 10:59:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (09/08/2017 10:56:11 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.81, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
Error: (09/08/2017 10:56:01 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.
Error: (09/08/2017 10:52:55 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server:
{A47979D2-C419-11D9-A5B4-001185AD2B89}
Error: (09/08/2017 10:52:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
After starting, the service hung in a start-pending state.
Error: (09/08/2017 10:52:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Network Location Awareness service hung on starting.
Error: (09/08/2017 10:51:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
dlkmdldr
Error: (09/08/2017 10:51:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Internet Connection Sharing (ICS) service hung on starting.
Error: (09/08/2017 10:51:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Network Location Awareness service hung on starting.
Error: (09/08/2017 10:48:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The GLOBUL Connection Manager. OUC service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz
Percentage of memory in use: 50%
Total physical RAM: 4092.98 MB
Available physical RAM: 2026.96 MB
Total Virtual: 8184.11 MB
Available Virtual: 6111.22 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.56 GB) (Free:41.52 GB) NTFS
Drive d: () (Fixed) (Total:368.1 GB) (Free:139.43 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: ECFA3D9E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================