Logi - prosze o sprawdzenie

Wszystko co dotyczy bezpieczeństwa systemów oraz walki z malware, w szczególności analiza logów
Julek1

Użytkownik
Posty: 1
Rejestracja: 29 sty 2017, 21:32

Logi - prosze o sprawdzenie

Post29 sty 2017, 21:43

Witam,
laptopik swoje przeżył, a system razem z nim. Muli, zwłaszcza po włączeniu i lubi się restartować od czasu do czasu.
Proszę o sprawdzenie :) i z góry dziękuję
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-01-2017
Ran by Julie (administrator) on JULIE-PC (29-01-2017 21:41:25)
Running from C:\Users\Julie\Documents\Downloads
Loaded Profiles: Julie (Available Profiles: Julie)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: Dostępne tylko dla zarejestrowanych użytkowników

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-18] (AVAST Software)
HKU\S-1-5-21-205321054-2532699342-3797739094-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-205321054-2532699342-3797739094-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-205321054-2532699342-3797739094-1000\...\MountPoints2: {06cb7acf-2c01-11e2-855e-001377f37a30} - G:\AutoRun.exe
HKU\S-1-5-21-205321054-2532699342-3797739094-1000\...\MountPoints2: {31c3ec77-abeb-11e2-80e7-001377f37a30} - G:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-205321054-2532699342-3797739094-1000\...\MountPoints2: {404c40aa-ec1b-11e4-8a42-001377f37a30} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-205321054-2532699342-3797739094-1000\...\MountPoints2: {41066c65-1920-11e2-80d5-001377f37a30} - G:\AutoRun.exe
HKU\S-1-5-21-205321054-2532699342-3797739094-1000\...\MountPoints2: {41066c77-1920-11e2-80d5-001377f37a30} - G:\AutoRun.exe
HKU\S-1-5-21-205321054-2532699342-3797739094-1000\...\MountPoints2: {7853f1df-3621-11e2-8027-001377f37a30} - G:\AutoRun.exe
HKU\S-1-5-21-205321054-2532699342-3797739094-1000\...\MountPoints2: {aed7a2ef-1a9c-11e2-8039-001377f37a30} - G:\AutoRun.exe
HKU\S-1-5-21-205321054-2532699342-3797739094-1000\...\MountPoints2: {b9ba9f95-3f26-11e4-b6e3-001377f37a30} - G:\HTC_Sync_Manager_PC.exe
AppInit_DLLs: c:\progra~2\browse~1\261070~1.41\{c16c1~1\browse~1.dll => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-08-30] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CD726262-7D30-4E4E-A24B-0963994C24B8}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników
HKU\S-1-5-21-205321054-2532699342-3797739094-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników
SearchScopes: HKU\S-1-5-21-205321054-2532699342-3797739094-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=118716&tt=0313_3&babsrc=SP_ss&mntrId=b07b71df0000000000000024d24108c6
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
BHO: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll [2011-02-09] (ALLCinema Ltd.)
Toolbar: HKU\S-1-5-21-205321054-2532699342-3797739094-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} hxxp://www.mks.com.pl/skaner/SkanerOnline.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF DefaultProfile: rxtcx11a.default-1424091113984
FF ProfilePath: C:\Users\Julie\AppData\Roaming\Mozilla\Firefox\Profiles\rxtcx11a.default-1424091113984 [2016-05-03]
FF HKLM\...\Firefox\Extensions: [statuswinks@StatusWinks] - C:\Users\Julie\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks
FF Extension: (Smiley Bar for Facebook) - C:\Users\Julie\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks [2013-01-15] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-12]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-11-12]
FF HKU\S-1-5-21-205321054-2532699342-3797739094-1000\...\Firefox\Extensions: [statuswinks@StatusWinks] - C:\Users\Julie\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-20] ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-12-10] (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-205321054-2532699342-3797739094-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Julie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome:
=======
CHR HomePage: Default -> hxxp://search.babylon.com/?affID=118716 ... 24d24108c6
CHR StartupUrls: Default -> "hxxp://search.babylon.com/?affID=118716&tt=0313_3&babsrc=HP_ss&mntrId=b07b71df0000000000000024d24108c6","hxxp://aboutblank/"
CHR Profile: C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default [2017-01-29]
CHR Extension: (Google Drive) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Anvi Ad Blocker) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmdncfkfmmfilkajiagdnacfcjilbljn [2014-06-27]
CHR Extension: (Google Search) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (busuu.com) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\epadnjldocmkadjbopkanclaamocokoo [2014-04-08]
CHR Extension: (Google Docs Offline) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (MagicScroll eBook Reader) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2014-01-06]
CHR Extension: (AdBlock) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-29]
CHR Extension: (Who Viewed My Facebook Profile?) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgpmneeaagjaicfmnkopjibgmbfdihde [2014-02-23]
CHR Extension: (Anvi AdBlock) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kppcbdfilodknoglpjofcnebiggbdflo [2014-06-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-29]
CHR Extension: (Gmail) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [hgojaaaiddhmiiakpejiklijbalpckih] - C:\Users\Julie\AppData\Roaming\StatusWinks\statuswinks.crx [2012-11-05]
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-10-19]
CHR HKLM\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2012-10-19]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-30] (AVAST Software)
S3 fussvc; C:\Program Files\Windows Kits\8.0\App Certification Kit\fussvc.exe [133632 2012-07-25] (Microsoft Corporation) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation) [File not signed]
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [3004416 2007-11-07] (Microsoft Corporation)
S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [94208 2012-07-25] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe -service [X]
S2 MBAMScheduler; "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe" [X]
S2 NAUpdate; "C:\Program Files\Nero\Update\NASvc.exe" [X]
S2 Update Deal Keeper; "C:\Program Files\Deal Keeper\updateDealKeeper.exe" [X]
S2 Util Deal Keeper; "C:\Program Files\Deal Keeper\bin\utilDealKeeper.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-08-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-10-18] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [21104 2012-12-14] (Malwarebytes Corporation) [File not signed]
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2010-12-23] (Samsung Electronics) [File not signed]
R3 VMC326; C:\Windows\System32\Drivers\VMC326.sys [237696 2009-08-10] (Vimicro Corporation)
S3 VSPerfDrv100; C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [48128 2009-12-08] (Microsoft Corporation) [File not signed]
S3 VSPerfDrv110; C:\Program Files\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\VSPerfDrv110.sys [55416 2012-07-13] (Microsoft Corporation)
R1 {55dce8ba-9dec-4013-937e-adbf9317d990}Gw; C:\Windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw.sys [52880 2014-08-06] (StdLib)
S3 ALSysIO; \??\C:\Users\Julie\AppData\Local\Temp\ALSysIO.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-29 21:41 - 2017-01-29 21:41 - 00000000 ____D C:\FRST
2016-12-31 15:40 - 2016-12-31 15:40 - 00000000 ___RD C:\Users\Julie\Favorites
2016-12-31 15:14 - 2016-12-31 15:14 - 00000174 ___SH C:\Users\Public\Desktop\desktop.ini
2016-12-31 15:14 - 2016-12-31 15:14 - 00000000 __RHD C:\Users\Public\Desktop

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-29 21:26 - 2010-11-20 22:01 - 00875564 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-29 21:26 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-01-29 21:20 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-31 15:41 - 2016-12-19 20:56 - 01633663 ____H C:\Users\Julie\AppData\Local\IconCache.db
2016-12-31 15:40 - 2012-10-18 08:13 - 00000000 ___RD C:\Users\Julie\Desktop
2016-12-31 15:40 - 2012-10-18 08:13 - 00000000 ____D C:\Users\Julie
2016-12-31 15:18 - 2013-11-26 20:36 - 00000000 ____D C:\Users\Julie\AppData\Roaming\ViberPC
2016-12-31 15:17 - 2012-10-18 08:25 - 00000000 __SHD C:\Windows\Installer
2016-12-31 15:16 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files
2016-12-31 15:15 - 2012-10-18 16:55 - 00000000 __SHD C:\System Volume Information
2016-12-31 15:14 - 2016-12-18 23:06 - 00000000 ___RD C:\Users\Public
2016-12-31 15:13 - 2012-10-18 16:56 - 00000000 ____D C:\Windows\Prefetch
2016-12-31 15:13 - 2012-10-18 08:13 - 00000000 ___RD C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-31 15:13 - 2012-10-18 08:13 - 00000000 ____D C:\Users\Julie\AppData\Roaming
2016-12-31 15:12 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\Tasks

==================== Files in the root of some directories =======

2016-12-18 21:21 - 2016-12-18 21:21 - 7680000 _____ () C:\Program Files\GUT819E.tmp
2013-04-29 23:05 - 2013-11-24 19:38 - 0003584 _____ () C:\Users\Julie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-01 17:01 - 2013-02-13 17:52 - 0000088 __RSH () C:\ProgramData\A0D8531A03.sys
2013-02-01 17:01 - 2013-02-13 17:54 - 0003140 ___SH () C:\ProgramData\KGyGaAvL.sys

Some files in TEMP:
====================
2013-01-28 23:20 - 2013-01-28 23:20 - 0248008 _____ (Ask.com) C:\Users\Julie\AppData\Local\Temp\AskSLib.dll
2012-10-18 10:54 - 2012-10-18 10:55 - 2832992 _____ () C:\Users\Julie\AppData\Local\Temp\AVG.exe
2013-12-27 23:26 - 2013-12-27 23:26 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit13FD.tmp.exe
2014-01-13 17:34 - 2014-01-13 17:34 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit157F.tmp.exe
2015-06-04 17:01 - 2015-06-04 17:01 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit16E3.tmp.exe
2014-11-14 23:36 - 2014-11-14 23:36 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit24F9.tmp.exe
2014-07-26 09:40 - 2014-07-26 09:40 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit2683.tmp.exe
2015-05-16 21:51 - 2015-05-16 21:51 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit2F00.tmp.exe
2015-01-05 23:56 - 2015-01-05 23:56 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit3051.tmp.exe
2013-05-02 16:53 - 2013-05-02 16:53 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit3365.tmp.exe
2015-05-09 21:25 - 2015-05-09 21:26 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit3CD8.tmp.exe
2015-02-04 21:23 - 2015-02-04 21:23 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit3E9E.tmp.exe
2013-08-26 17:55 - 2013-08-26 17:55 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit3F05.tmp.exe
2014-04-05 22:58 - 2014-04-05 22:58 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit3F12.tmp.exe
2014-05-03 10:55 - 2014-05-03 10:55 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit407A.tmp.exe
2014-07-21 18:30 - 2014-07-21 18:30 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit4165.tmp.exe
2015-03-23 20:15 - 2015-03-23 20:15 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit4572.tmp.exe
2015-01-24 22:13 - 2015-01-24 22:13 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit4887.tmp.exe
2015-07-09 21:52 - 2015-07-09 21:52 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit4C0.tmp.exe
2014-01-06 00:44 - 2014-01-06 00:44 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit4C5B.tmp.exe
2015-06-30 18:44 - 2015-06-30 18:44 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit4C82.tmp.exe
2014-12-21 18:20 - 2014-12-21 18:20 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit514D.tmp.exe
2014-09-04 18:53 - 2014-09-04 18:53 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit529D.tmp.exe
2014-09-28 10:05 - 2014-09-28 10:05 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit52E9.tmp.exe
2015-04-21 22:17 - 2015-04-21 22:17 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit53CE.tmp.exe
2013-09-23 19:27 - 2013-09-23 19:27 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit5489.tmp.exe
2013-08-18 22:06 - 2013-08-18 22:06 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit581E.tmp.exe
2014-09-18 20:42 - 2014-09-18 20:42 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit59AC.tmp.exe
2015-03-31 22:18 - 2015-03-31 22:18 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit5E8D.tmp.exe
2013-06-02 19:36 - 2013-06-02 19:36 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit5EEB.tmp.exe
2014-08-24 10:40 - 2014-08-24 10:40 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit5F76.tmp.exe
2015-04-30 22:37 - 2015-04-30 22:37 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit69CE.tmp.exe
2014-05-15 10:13 - 2014-05-15 10:13 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit6CA8.tmp.exe
2014-03-08 21:36 - 2014-03-08 21:36 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit6CB1.tmp.exe
2015-03-13 23:45 - 2015-03-13 23:45 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit6CB5.tmp.exe
2014-10-21 15:08 - 2014-10-21 15:08 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit723A.tmp.exe
2014-04-17 08:20 - 2014-04-17 08:20 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit7355.tmp.exe
2014-07-15 19:36 - 2014-07-15 19:36 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit777C.tmp.exe
2013-08-30 23:29 - 2013-08-30 23:29 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit7899.tmp.exe
2013-10-05 20:03 - 2013-10-05 20:03 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit7913.tmp.exe
2013-06-28 18:29 - 2013-06-28 18:29 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit7AC9.tmp.exe
2013-12-13 16:32 - 2013-12-13 16:32 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit8132.tmp.exe
2014-12-14 14:13 - 2014-12-14 14:13 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit813F.tmp.exe
2015-02-23 12:55 - 2015-02-23 12:55 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit82B2.tmp.exe
2013-06-14 23:39 - 2013-06-14 23:39 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit87B2.tmp.exe
2014-02-09 10:48 - 2014-02-09 10:48 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit941A.tmp.exe
2014-05-07 21:38 - 2014-05-07 21:38 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit9986.tmp.exe
2015-08-09 21:33 - 2015-08-09 21:33 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\Bit9BA6.tmp.exe
2014-03-31 20:48 - 2014-03-31 20:48 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitA34C.tmp.exe
2013-05-12 17:17 - 2013-05-12 17:17 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitA4CD.tmp.exe
2014-08-14 19:55 - 2014-08-14 19:55 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitA556.tmp.exe
2014-08-04 20:00 - 2014-08-04 20:00 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitA878.tmp.exe
2015-06-16 19:55 - 2015-06-16 19:55 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitAA02.tmp.exe
2015-01-21 20:36 - 2015-01-21 20:36 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitAA5F.tmp.exe
2015-08-09 17:39 - 2015-08-09 17:39 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitAAA0.tmp.exe
2013-11-10 18:11 - 2013-11-10 18:11 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitAAFE.tmp.exe
2014-09-17 20:16 - 2014-09-17 20:16 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitAB27.tmp.exe
2014-01-20 19:16 - 2014-01-20 19:16 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitAC47.tmp.exe
2014-03-16 11:49 - 2014-03-16 11:49 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitAC6.tmp.exe
2014-10-07 16:57 - 2014-10-07 16:57 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitAD00.tmp.exe
2015-01-01 23:06 - 2015-01-01 23:06 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitB086.tmp.exe
2013-10-15 19:01 - 2013-10-15 19:01 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitB345.tmp.exe
2013-08-10 15:39 - 2013-08-10 15:39 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitB5B.tmp.exe
2015-05-25 22:23 - 2015-05-25 22:23 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitB939.tmp.exe
2014-11-22 22:24 - 2014-11-22 22:24 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitBB23.tmp.exe
2014-03-24 10:59 - 2014-03-24 10:59 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitBC60.tmp.exe
2014-05-23 17:34 - 2014-05-23 17:34 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitC520.tmp.exe
2014-11-30 20:47 - 2014-11-30 20:47 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitC5DF.tmp.exe
2013-05-04 20:37 - 2013-05-04 20:37 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitCB12.tmp.exe
2014-02-01 16:45 - 2014-02-01 16:45 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitCB6C.tmp.exe
2015-03-04 21:47 - 2015-03-04 21:47 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitCB9E.tmp.exe
2013-11-17 22:14 - 2013-11-17 22:14 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitCC12.tmp.exe
2014-11-05 19:46 - 2014-11-05 19:46 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitD11D.tmp.exe
2014-06-11 19:38 - 2014-06-11 19:38 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitD1C6.tmp.exe
2014-04-25 20:37 - 2014-04-25 20:37 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitD4F7.tmp.exe
2014-05-27 20:30 - 2014-05-27 20:30 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitD5B2.tmp.exe
2013-11-28 18:27 - 2013-11-28 18:27 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitD78F.tmp.exe
2013-09-24 19:50 - 2013-09-24 19:50 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitDD1C.tmp.exe
2013-10-23 19:54 - 2013-10-23 19:54 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitDE78.tmp.exe
2015-07-27 22:02 - 2015-07-27 22:02 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitE03E.tmp.exe
2014-06-29 18:48 - 2014-06-29 18:48 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitE3AD.tmp.exe
2015-06-05 20:45 - 2015-06-05 20:45 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitE45A.tmp.exe
2014-01-21 19:31 - 2014-01-21 19:31 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitE4C3.tmp.exe
2013-09-16 10:26 - 2013-09-16 10:26 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitEC04.tmp.exe
2014-02-28 16:37 - 2014-02-28 16:37 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitEDB.tmp.exe
2013-09-07 18:43 - 2013-09-07 18:43 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitF230.tmp.exe
2015-01-13 22:04 - 2015-01-13 22:04 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitF6E0.tmp.exe
2015-04-12 21:39 - 2015-04-12 21:39 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitF7F9.tmp.exe
2015-07-19 19:49 - 2015-07-19 19:49 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitFAF3.tmp.exe
2014-06-03 22:07 - 2014-06-03 22:07 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitFBCF.tmp.exe
2013-11-02 00:08 - 2013-11-02 00:08 - 9526184 _____ () C:\Users\Julie\AppData\Local\Temp\BitFFE.tmp.exe
2012-10-18 10:07 - 2012-10-18 10:07 - 0069632 _____ () C:\Users\Julie\AppData\Local\Temp\ConResEn.dll
2015-12-06 14:33 - 2015-12-06 14:33 - 0071168 _____ () C:\Users\Julie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgierdd.dll
2015-12-12 10:55 - 2015-12-12 10:55 - 0071168 _____ () C:\Users\Julie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppas44l.dll
2013-10-07 20:35 - 2013-10-07 20:35 - 0027136 _____ () C:\Users\Julie\AppData\Local\Temp\e1fcjtfi.dll
2013-02-12 22:24 - 2013-02-12 22:24 - 16472944 _____ (Adobe Systems Incorporated) C:\Users\Julie\AppData\Local\Temp\fp_pl_pfs_installer.exe
2012-10-19 09:15 - 2012-10-18 10:55 - 0894920 _____ (AVG Technologies) C:\Users\Julie\AppData\Local\Temp\GenericWndApi.dll
2014-08-07 20:34 - 2016-02-07 18:14 - 0030720 _____ (Irfan Skiljan, IrfanView) C:\Users\Julie\AppData\Local\Temp\iv_uninstall.exe
2014-07-02 17:08 - 2014-07-02 17:08 - 0921512 _____ (Oracle Corporation) C:\Users\Julie\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
2015-03-09 17:25 - 2015-03-09 17:25 - 0561576 _____ (Oracle Corporation) C:\Users\Julie\AppData\Local\Temp\jre-8u40-windows-au.exe
2015-05-01 00:37 - 2015-05-01 00:37 - 0562272 _____ (Oracle Corporation) C:\Users\Julie\AppData\Local\Temp\jre-8u45-windows-au.exe
2015-06-12 23:21 - 2015-06-12 23:21 - 0563808 _____ (Oracle Corporation) C:\Users\Julie\AppData\Local\Temp\jre-8u51-windows-au.exe
2010-03-16 03:11 - 2010-03-16 03:11 - 0149352 ____R (Microsoft Corporation) C:\Users\Julie\AppData\Local\Temp\ose00000.exe
2012-10-19 07:21 - 2012-10-19 07:21 - 2962432 _____ (SweetIM Technologies Lt) C:\Users\Julie\AppData\Local\Temp\SIMEEI2Installer.exe
2012-10-19 07:22 - 2012-10-19 07:22 - 3380216 _____ (SweetIM Technologies Lt) C:\Users\Julie\AppData\Local\Temp\SIMEEIInstaller.exe
2013-06-19 13:31 - 2016-07-13 19:47 - 40312832 _____ (Skype Technologies S.A.) C:\Users\Julie\AppData\Local\Temp\SkypeSetup.exe
2012-11-03 18:42 - 2013-08-04 21:04 - 0107293 _____ () C:\Users\Julie\AppData\Local\Temp\t.dll
2014-11-19 19:10 - 2007-11-29 18:05 - 0501024 _____ (Corel Corporation) C:\Users\Julie\AppData\Local\Temp\Uninst.exe
2013-01-15 16:41 - 2013-01-15 16:43 - 0378008 _____ (Babylon Ltd.) C:\Users\Julie\AppData\Local\Temp\uninst1.exe
2012-10-19 09:15 - 2012-10-18 10:55 - 0922056 _____ () C:\Users\Julie\AppData\Local\Temp\UNINSTALL.EXE
2012-01-26 14:03 - 2012-01-26 14:03 - 1821192 _____ (Microsoft Corporation) C:\Users\Julie\AppData\Local\Temp\vcredist_x86.exe
2013-01-08 02:20 - 2013-01-08 02:21 - 22912657 _____ () C:\Users\Julie\AppData\Local\Temp\vlc-2.0.4-win32.exe
2012-10-19 07:22 - 2012-10-19 07:22 - 22617148 _____ () C:\Users\Julie\AppData\Local\Temp\WhiteLabelSetup.exe
2012-11-02 10:08 - 2012-11-02 10:08 - 0118784 _____ () C:\Users\Julie\AppData\Local\Temp\xmlUpdater.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-18 23:25

==================== End of FRST.txt ============================


Addition

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-01-2017
Ran by Julie (29-01-2017 21:42:39)
Running from C:\Users\Julie\Documents\Downloads
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2012-10-18 07:12:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-205321054-2532699342-3797739094-500 - Administrator - Disabled)
Guest (S-1-5-21-205321054-2532699342-3797739094-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-205321054-2532699342-3797739094-1007 - Limited - Enabled)
Julie (S-1-5-21-205321054-2532699342-3797739094-1000 - Administrator - Enabled) => C:\Users\Julie

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.0.1.152 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
ALLPlayer V5.X (HKLM\...\ALLPlayer_is1) (Version: - ALLCinema Ltd.)
Avast Free Antivirus (HKLM\...\avast) (Version: 12.3.2280 - AVAST Software)
Blend for Visual Studio 2012 (Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Common Desktop Agent (Version: 1.53.0 - OEM) Hidden
Crystal Reports for Visual Studio (Version: 12.51.0.240 - SAP) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.4.0316 - DT Soft Ltd)
Dotfuscator and Analytics Community Edition (Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
IIS 8.0 Express (HKLM\...\{B8FFB7D6-6ABD-47C3-8BAD-86FF5D8F3EDC}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
K-Lite Mega Codec Pack 9.4.0 (HKLM\...\KLiteCodecPack_is1) (Version: 9.4.0 - )
LocalESPC (Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (Version: 8.59.25584 - Microsoft) Hidden
Malwarebytes Anti-Malware wersja 1.70.0.1100 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
Microsoft .NET Compact Framework 2.0 SP2 (HKLM\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Compact Framework 3.5 (HKLM\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Device Emulator version 3.0 - ENU (HKLM\...\{B32E7732-B2FB-3FD0-81AC-6025B1104C66}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM\...\Microsoft Document Explorer 2008) (Version: - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{45A8F8FF-ED9B-40B2-B923-94F46FCF6135}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{D9DA2981-3298-4F1A-9192-F2CF5BD91145}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{83C7F964-AC58-4104-B613-B4D0F61DA8CD}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{79B49428-E9B0-4479-A0FA-3EFF8AFA9F07}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{CD920828-2B95-49A4-8BFD-1D34BCBF5A27}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 for Devices ENU (HKLM\...\{241F2BF7-69EB-42A4-9156-96B2426C7504}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 ENU (HKLM\...\{773AC1E4-5F27-4DF6-A932-7FDDE35C069D}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.2 (HKLM\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 1.2.0.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x86) (HKLM\...\{C6DD625F-4B61-4561-8286-87CA0275CEA1}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM\...\{97CE8B73-AA5A-4987-A1BE-50DD1A187478}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x86) (HKLM\...\{F990B526-8F7C-46E0-B1F1-6C893A8B478F}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) (HKLM\...\{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (HKLM\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2008 Professional Edition - ENU (HKLM\...\Microsoft Visual Studio 2008 Professional Edition - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Premium - ENU (HKLM\...\Microsoft Visual Studio 2010 Premium - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.31125 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM\...\{e238e1a0-7fbd-4146-a4ac-d48badcdf3ae}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Web Authoring Component (HKLM\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{E43AC95E-66B0-4CEC-AADD-C9BFEF5A4C0A}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{1F4DF099-EA5C-482D-9901-C0A8B539B417}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (HKLM\...\{05EC21B8-4593-3037-A781-A6B5AFFCB19D}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{842FAF7C-50EF-4463-9B8F-6222E1384D7D}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{64c5b887-b5ee-42b8-8596-78905a6b5f1f}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Tools (HKLM\...\{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (HKLM\...\{B268E9A1-04A9-40D0-9866-846BE2B74BA7}) (Version: 6.1.5288.17011 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Namuga 1.3M Webcam (HKLM\...\{71A51B59-E7D3-11DB-A386-005056C00008}) (Version: 1.00.0000 - Vimicro Corporation)
Nero 2014 (HKLM\...\{CFF19D4A-F26D-4C6C-8535-A7C9107C9027}) (Version: 15.0.07100 - Nero AG)
Nero Info (HKLM\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Notepad++ (HKLM\...\Notepad++) (Version: 6.7.1 - Notepad++ Team)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
Oracle VM VirtualBox 4.2.0 (HKLM\...\{B1EFA7FE-13DF-4BEF-9A40-7FF5569BB984}) (Version: 4.2.0 - Oracle Corporation)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PreEmptive Analytics Visual Studio Components (Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisite installer (Version: 15.0.0005 - Nero AG) Hidden
Prerequisites for SSDT (HKLM\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5923 - Realtek Semiconductor Corp.)
Samsung Easy Printer Manager (HKLM\...\Samsung Easy Printer Manager) (Version: 1.00.62.00 - Samsung Electronics Co., Ltd.)
Samsung ML-1670 Series (HKLM\...\Samsung ML-1670 Series) (Version: - Samsung Electronics Co., Ltd.)
Service Pack 1 for SQL Server 2008 (KB968369) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
VC Runtimes MSI (Version: 9.0.21022 - Microsoft) Hidden
Viber (HKU\S-1-5-21-205321054-2532699342-3797739094-1000\...\Viber) (Version: 5.2.0.2546 - Viber Media Inc)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN)
Watchtower Library 2012 - wydanie polskie (HKLM\...\{111DF68E-FB48-4D1B-825E-B2561B499AC6}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
WCF Data Services 5.0 (for OData v3) Primary Components (Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Winamp (HKLM\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (HKLM\...\B7541EC5F72AA713F557569278EB6273725F5607) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Mobile 5.0 SDK R2 for Pocket PC (HKLM\...\{6C9F6D23-E9AD-43C9-B43A-011562AAF876}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Smartphone (HKLM\...\{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{04EBE69E-2DED-44F6-9854-9A3988F751ED}\InprocServer32 -> C:\Users\Julie\AppData\Local\Dropbox\Update\1.3.51.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Julie\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Julie\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Julie\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{2027D000-8CEB-4191-9620-15DD2561855F}\InprocServer32 -> C:\Users\Julie\AppData\Local\Dropbox\Update\1.3.57.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Julie\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Julie\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Julie\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Julie\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Julie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Julie\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Julie\AppData\Roaming\Dropbox\bin\Dropbox.exe => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CC2217C-F468-4A39-87E9-AF3D663D5D2E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-205321054-2532699342-3797739094-1000UA => C:\Users\Julie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-15] (Facebook Inc.)
Task: {24942337-94C2-495B-B6AC-FCE52CB46307} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe
Task: {28B70E2B-2022-421B-8E05-879FE7656579} - System32\Tasks\{06576BC7-F363-4884-9F8F-F89A15ACBE4D} => Chrome.exe hxxp://ui.skype.com/ui/0/7.8.64.102/en/ ... rogressBar
Task: {4D2EDAC1-3CB9-4FA5-9C67-B0E9A8BEFEFE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-08-28] (Google Inc.)
Task: {7E40D40B-8ACB-47AE-9D4E-C08DD9B0AEA2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-30] (AVAST Software)
Task: {B8F526FC-E93F-43ED-9803-BC0BB57E6D4C} - System32\Tasks\ASP => C:\Program Files\RCP\systweakasp.exe
Task: {BDF77398-FD93-4CB8-A3EF-5824E5DEC65E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-29] (AVAST Software)
Task: {C4B7EABF-A34B-4A18-AA91-3D92FF6C846F} - System32\Tasks\AdobeAAMUpdater-1.0-Julie-PC-Julie => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {C8A8628C-3B5B-4551-B2A4-E498970EA22F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-08-28] (Google Inc.)
Task: {FA5E6AE7-54E9-4BE3-A7BD-8DC7DCAE763E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-205321054-2532699342-3797739094-1000Core => C:\Users\Julie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-15] (Facebook Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-205321054-2532699342-3797739094-1000Core.job => C:\Users\Julie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-205321054-2532699342-3797739094-1000UA.job => C:\Users\Julie\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-08-30 00:16 - 2016-08-30 00:16 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-30 00:16 - 2016-08-30 00:16 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-01-29 21:23 - 2017-01-29 21:23 - 04377600 _____ () C:\Program Files\AVAST Software\Avast\defs\17012901\algo.dll
2012-10-31 20:07 - 2011-01-27 09:33 - 00026624 _____ () C:\Windows\System32\ssb7mlm.dll
2012-12-07 17:27 - 2012-12-07 17:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2016-07-12 11:41 - 2016-07-12 11:41 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-12-18 22:27 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-18 22:27 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-12-18 22:18 - 2016-12-18 22:18 - 17833560 _____ () C:\Users\Julie\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.186\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2013-10-24 13:21 - 00001755 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-205321054-2532699342-3797739094-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ALLUpdate => "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Julie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\Julie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: ROC_ROC_NT => "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1D9C750E-A5A9-4F98-A945-B6BC2C284283}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{CFF7FA6F-93CE-46F5-8AA0-0C828F844FF5}] => C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{EA6F5E97-CD0C-43AA-BC43-CA09225B292A}] => C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{C2A5932C-8042-44CA-9A55-EBC07D003245}] => C:\Windows\System32\msiexec.exe
FirewallRules: [{1BD8CED9-1901-41C0-ADE5-4C7F83ED7A2B}] => C:\Windows\System32\msiexec.exe
FirewallRules: [{65D1F4CC-924D-4B13-AB7F-3C368CEF3942}] => C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{4FF4EF01-9B90-4741-9896-2E6B74E03D19}] => C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [TCP Query User{2E094C01-6DDA-47FE-AD82-8502EBED82EF}C:\program files\winamp\winamp.exe] => C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{AA4C89C3-C2FA-4DDA-947F-29BC98DA0687}C:\program files\winamp\winamp.exe] => C:\program files\winamp\winamp.exe
FirewallRules: [{D353F6DC-243D-4100-A72C-57810CA52445}] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{722C47A5-E122-4222-AB70-F69509F5D66A}] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{2EA51C1E-D1C3-4798-A028-8FE10C2A0175}] => C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{B221FB6F-7AE3-447B-9918-0F6FE142D88D}] => C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{DF93CE8C-B31A-46C5-BEAC-3BA49E246913}] => C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{89AFA028-A2B5-4E4F-970E-10763395F2F0}] => C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{B74042AE-27EE-43F0-8EE2-D2937D42F282}] => C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{6AAE93E6-B658-4520-B8CD-93B110EFE284}] => C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{3C86DB9C-BA93-4E2F-881B-71443FE14744}] => C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{48857B50-704E-4433-B4EC-1FD7D1ED3D0D}] => C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{85F52ECF-59C6-48B2-9C35-10D406F38ECF}] => LPort=14962
FirewallRules: [{D60F446C-A8B8-497F-890E-9603AD72ECF4}] => LPort=14962
FirewallRules: [{EE9812B7-1EFE-44CA-84F0-6F04D72BA053}] => C:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{4C79ABC2-232E-4FF5-9DC3-A5A5640CE1FA}] => C:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{07F825DF-0EF3-44E1-A0FB-5D6238D0CEEE}] => C:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{998B0000-DDA6-43D8-AF1A-72D95F27BE53}] => C:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{07E862E3-14A0-4A3B-9BBC-DA51F3FB6F88}] => C:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{FCE6D9FD-1B70-4688-B583-3DEF2F7F02A0}] => C:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{CE9703A3-54E8-458F-A0D0-EF261CA01585}] => C:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{594499FD-1D69-4222-95A1-C91B2C86DDB2}C:\program files\ea sports\fifa 11\game\fifa.exe] => C:\program files\ea sports\fifa 11\game\fifa.exe
FirewallRules: [UDP Query User{7CA44E1D-277A-46B1-9C11-BD9CD5EF09E9}C:\program files\ea sports\fifa 11\game\fifa.exe] => C:\program files\ea sports\fifa 11\game\fifa.exe
FirewallRules: [{24EAF164-5E0C-4EBA-9CC5-8508FDFA33C8}] => C:\Users\Julie\AppData\Local\Viber\Viber.exe
FirewallRules: [{498D76D9-CBE5-43C2-95F3-0510CDE02A7E}] => C:\Program Files\NapiProjekt\napisy.exe
FirewallRules: [{DC920E6E-D2C1-490D-AF17-8239C8CBE93A}] => C:\Program Files\NapiProjekt\napisy.exe
FirewallRules: [{BB4F8F7A-5255-4E28-AB99-3F04F1834205}] => C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{7F810BE9-DEC9-4171-B051-0F16E2A927B8}] => C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{408F59DF-8A32-42B2-B108-CACA50D12AEF}] => C:\Program Files\Nero\KM\NMDllHost.exe
FirewallRules: [{9E941283-E166-4D47-A2BA-B9BCE9367737}] => C:\Program Files\Nero\KM\NMDllHost.exe
FirewallRules: [{EFFC5CD6-0FB6-4DBB-A603-4D1B74ECA52F}] => C:\Users\Julie\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CA9A8CB0-10B7-424D-8629-D22AAC36D11A}] => C:\Users\Julie\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9FF18713-6864-4D62-9BC7-BD15D9DEE26C}] => C:\Users\Julie\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6186E4DE-F9DF-4798-93FF-D13AF3B16932}] => C:\Users\Julie\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{571BB871-42C4-4492-AB3C-6C6819DD4354}] => C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{EEAF8C42-5DA5-48CB-8112-8AA3AA0AFF10}] => C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{9268CF6A-D8C4-49A5-B1F3-00ABDCF8EC69}] => LPort=14962
FirewallRules: [{57107DBC-829E-41A8-B945-D54DCBAD814A}] => LPort=14962
FirewallRules: [TCP Query User{1779DD9E-55A1-47DE-9FCA-EA435D15785D}C:\program files\winamp\winamp.exe] => C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{A3087D46-35B0-48EC-B084-CF893DEF66F4}C:\program files\winamp\winamp.exe] => C:\program files\winamp\winamp.exe
FirewallRules: [TCP Query User{A8C60191-7E9B-4C5B-856B-D652A8375946}C:\program files\ea sports\fifa 11\game\fifa.exe] => C:\program files\ea sports\fifa 11\game\fifa.exe
FirewallRules: [UDP Query User{DB7D57AE-8246-41F5-B62B-1F69C59A6593}C:\program files\ea sports\fifa 11\game\fifa.exe] => C:\program files\ea sports\fifa 11\game\fifa.exe
FirewallRules: [TCP Query User{AE335177-0D84-4A19-A22F-189318719F09}F:\easysetupassistant\easysetupassistant.exe] => F:\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{1F9EC6AC-8D1B-43FE-A623-4927860EBF82}F:\easysetupassistant\easysetupassistant.exe] => F:\easysetupassistant\easysetupassistant.exe
FirewallRules: [{1577AA63-BC05-4C1C-8CAD-68F757AC19EA}] => C:\Users\Julie\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{32BDE1F2-CD43-40B5-971A-E24489B9F126}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A1443AE2-6552-41FE-8369-2381D843C61E}] => C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{77055F94-1A11-45CC-A5B3-AA562CA4A387}] => C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{AA8F4E09-0307-46C0-BD41-79226956E81E}F:\cfg\ieembed.exe] => F:\cfg\ieembed.exe
FirewallRules: [UDP Query User{515834DC-B644-4D98-B01A-A08C9CF99737}F:\cfg\ieembed.exe] => F:\cfg\ieembed.exe
FirewallRules: [{C3D856D3-F352-423B-8257-1552873FC3FE}] => C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

30-07-2016 11:01:32 Scheduled Checkpoint
06-08-2016 11:46:51 Scheduled Checkpoint
17-08-2016 14:52:15 Scheduled Checkpoint
24-08-2016 14:56:03 Scheduled Checkpoint
01-09-2016 09:13:31 Scheduled Checkpoint
14-09-2016 12:18:46 Scheduled Checkpoint
21-09-2016 17:15:27 Scheduled Checkpoint
02-10-2016 17:29:11 Scheduled Checkpoint
11-10-2016 20:55:47 Scheduled Checkpoint
19-10-2016 12:36:28 Scheduled Checkpoint
18-12-2016 22:11:52 Removed Skype™ 7.29
19-12-2016 20:55:29 Windows Modules Installer
31-12-2016 15:14:52 Removed FIFA 11

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/31/2016 03:29:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Au_.exe version 5.0.0.1654 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 8f4

Start Time: 01d26370b2c84e9a

Termination Time: 6

Application Path: C:\Users\Julie\AppData\Local\Temp\~nsu.tmp\Au_.exe

Report Id:

Error: (12/18/2016 10:10:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\totalcmd\TCUNIN64.EXE".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/18/2016 09:48:54 PM) (Source: MsiInstaller) (EventID: 1041) (User: NT AUTHORITY)
Description: Failed to begin a Windows Installer transaction ASU_MSI_TRAN. Error 1603 occurred while beginning the transaction.

Error: (10/23/2016 04:10:27 PM) (Source: Google Update) (EventID: 20) (User: Julie-PC)
Description: Event-ID 20

Error: (10/23/2016 12:45:26 AM) (Source: Google Update) (EventID: 20) (User: Julie-PC)
Description: Event-ID 20

Error: (10/22/2016 05:17:34 PM) (Source: MsiInstaller) (EventID: 1041) (User: NT AUTHORITY)
Description: Failed to begin a Windows Installer transaction ASU_MSI_TRAN. Error 1603 occurred while beginning the transaction.

Error: (10/19/2016 11:10:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Viber.exe, version: 6.3.0.1532, time stamp: 0x57d80da8
Faulting module name: Qt5Core.dll, version: 5.6.1.0, time stamp: 0x57d5b808
Exception code: 0xc0000005
Fault offset: 0x0002b271
Faulting process id: 0xda8
Faulting application start time: 0x01d227ba207f878a
Faulting application path: C:\Users\Julie\AppData\Local\Viber\Viber.exe
Faulting module path: C:\Users\Julie\AppData\Local\Viber\Qt5Core.dll
Report Id: 42296468-95e4-11e6-b6c4-001377f37a30

Error: (10/19/2016 10:36:56 AM) (Source: Google Update) (EventID: 20) (User: Julie-PC)
Description: Event-ID 20

Error: (10/17/2016 07:08:57 PM) (Source: MsiInstaller) (EventID: 1041) (User: NT AUTHORITY)
Description: Failed to begin a Windows Installer transaction ASU_MSI_TRAN. Error 1603 occurred while beginning the transaction.

Error: (10/17/2016 09:48:27 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.17929 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 4988. Message ID: [0x2509].


System errors:
=============
Error: (01/29/2017 09:21:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Deal Keeper service failed to start due to the following error:
The system cannot find the file specified.

Error: (01/29/2017 09:21:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Deal Keeper service failed to start due to the following error:
The system cannot find the file specified.

Error: (01/29/2017 09:20:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
The system cannot find the file specified.

Error: (12/31/2016 03:12:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.

Error: (12/31/2016 03:12:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Deal Keeper service failed to start due to the following error:
The system cannot find the file specified.

Error: (12/31/2016 03:12:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Deal Keeper service failed to start due to the following error:
The system cannot find the file specified.

Error: (12/31/2016 03:12:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
The system cannot find the file specified.

Error: (12/19/2016 09:03:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Deal Keeper service failed to start due to the following error:
The system cannot find the file specified.

Error: (12/19/2016 09:03:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Deal Keeper service failed to start due to the following error:
The system cannot find the file specified.

Error: (12/19/2016 09:03:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
The system cannot find the file specified.


CodeIntegrity:
===================================
Date: 2016-08-23 18:36:55.050
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 14:49:00.707
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-17 12:46:27.810
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-11 21:02:43.908
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-09 14:54:07.830
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-08 13:53:08.847
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-08 03:49:25.518
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-05 20:53:32.535
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-04 21:11:02.222
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-02 12:09:55.378
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz
Percentage of memory in use: 58%
Total physical RAM: 3066.61 MB
Available physical RAM: 1282.1 MB
Total Virtual: 6129.45 MB
Available Virtual: 4219.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:200.43 GB) (Free:115.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 4A460F95)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================




i ostatni
Users shortcut scan result (x86) Version: 29-01-2017
Ran by Julie (29-01-2017 21:43:57)
Running from C:\Users\Julie\Documents\Downloads
Boot Mode: Normal

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)





Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Julie\Desktop\Total Commander.lnk -> C:\totalcmd\TOTALCMD.EXE (Ghisler Software GmbH)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk -> C:\Users\Julie\AppData\Local\Viber\Viber.exe (Viber Media S.à r.l.)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander Help.lnk -> C:\totalcmd\TOTALCMD.CHM ()
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander.lnk -> C:\totalcmd\TOTALCMD.EXE (Ghisler Software GmbH)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander\Uninstall or Repair Total Commander.lnk -> C:\totalcmd\TCUNINST.EXE ()
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ALLPlayer.lnk -> C:\Program Files\ALLPlayer\ALLPlayer.exe (ALLCinema Ltd.)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Viber.lnk -> C:\Users\Julie\AppData\Local\Viber\Viber.exe (Viber Media S.à r.l.)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Photoshop CS5.lnk -> C:\Program Files\Adobe\Adobe Photoshop CS5\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Viber.lnk -> C:\Users\Julie\AppData\Local\Viber\Viber.exe (Viber Media S.à r.l.)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Winamp.lnk -> C:\Program Files\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)




ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation) -> /recycle



==================== End of Shortcut.txt =============================

electrolux

Ekspert
Posty: 319
Rejestracja: 06 lut 2017, 00:26

Logi - prosze o sprawdzenie

Post06 lut 2017, 12:13

R1 {55dce8ba-9dec-4013-937e-adbf9317d990}Gw; C:\Windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw.sys [52880 2014-08-06] (StdLib)
Jest szkodnik, ale od ... 2014 roku!

Nic nowszego nie ma.

Otwórz Notatnik i wklej w nim:
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{04EBE69E-2DED-44F6-9854-9A3988F751ED}\InprocServer32 -> C:\Users\Julie\AppData\Local\Dropbox\Update\1.3.51.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Julie\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Julie\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{2027D000-8CEB-4191-9620-15DD2561855F}\InprocServer32 -> C:\Users\Julie\AppData\Local\Dropbox\Update\1.3.57.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Julie\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Julie\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Julie\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-205321054-2532699342-3797739094-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Julie\AppData\Roaming\Dropbox\bin\Dropbox.exe => No File
R1 {55dce8ba-9dec-4013-937e-adbf9317d990}Gw; C:\Windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw.sys [52880 2014-08-06] (StdLib)
S3 ALSysIO; \??\C:\Users\Julie\AppData\Local\Temp\ALSysIO.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe -service [X]
S2 MBAMScheduler; "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe" [X]
S2 NAUpdate; "C:\Program Files\Nero\Update\NASvc.exe" [X]
S2 Update Deal Keeper; "C:\Program Files\Deal Keeper\updateDealKeeper.exe" [X]
S2 Util Deal Keeper; "C:\Program Files\Deal Keeper\bin\utilDealKeeper.exe" [X]
C:\Program Files\Deal Keeper
CHR HKLM\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2012-10-19]
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-10-19]
CHR HomePage: Default -> hxxp://search.babylon.com/?affID=118716 ... 24d24108c6
CHR StartupUrls: Default -> "hxxp://search.babylon.com/?affID=118716&tt=0313_3&babsrc=HP_ss&mntrId=b07b71df0000000000000024d24108c6","hxxp://aboutblank/"
Toolbar: HKU\S-1-5-21-205321054-2532699342-3797739094-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
SearchScopes: HKU\S-1-5-21-205321054-2532699342-3797739094-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=118716&tt=0313_3&babsrc=SP_ss&mntrId=b07b71df0000000000000024d24108c6
AppInit_DLLs: c:\progra~2\browse~1\261070~1.41\{c16c1~1\browse~1.dll => No File
HKU\S-1-5-21-205321054-2532699342-3797739094-1000\...\Run: [AdobeBridge] => [X]
c:\progra~2\browse~1
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).
.



  • Reklama

Wróć do „Bezpieczeństwo”



Kto jest online

Użytkownicy przeglądający to forum: Obecnie na forum nie ma żadnego zarejestrowanego użytkownika i 11 gości