Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-04-2015 02
Ran by ANATOLII at 2015-04-24 10:05:38
Running from C:\Users\ANATOLII\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4154192477-2723174026-2473658507-500 - Administrator - Disabled)
ANATOLII (S-1-5-21-4154192477-2723174026-2473658507-1000 - Administrator - Enabled) => C:\Users\ANATOLII
Guest (S-1-5-21-4154192477-2723174026-2473658507-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1310 (Version: 82.0.242.000 - Hewlett-Packard) Hidden
1310_Help (Version: 82.0.58.000 - Hewlett-Packard) Hidden
1310Trb (Version: 82.0.242.000 - Hewlett-Packard) Hidden
32 Bit HP CIO Components Installer (Version: 13.1.2 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Live Update (HKLM\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.6 - ASUS)
ASUS Security Protect Manager (HKLM\...\{D8D4AF9A-6ADE-4B14-A7F5-BA858792729E}) (Version: 2.1.0.880.20 - ASUSTeK Computer Inc.)
Asus_Camera_ScreenSaver (HKLM\...\Asus_Camera_ScreenSaver) (Version: 2.0.0006 - ASUS)
ASUSDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - ASUSTek Corporation)
ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM\...\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}) (Version: 1.00.0014 - ATK)
ATKOSD2 (HKLM\...\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}) (Version: 6.64.1.4 - ATK)
AuthenTec Fingerprint Sensor Minimum Install (Version: 7.8.1 - AuthenTec, Inc.) Hidden
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2215 - AVAST Software)
BabasChess (HKLM\...\{93CF9FA6-2A5E-4F8E-923E-F7D8741CB312}) (Version: 3.9.12275 - RRaf)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Copy (Version: 82.0.188.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Destinations (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Device Doctor Pro v2.2 (HKLM\...\Device Doctor Pro_is1) (Version: 2.2 - Device Doctor Software Inc.)
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DirectVobSub (remove only) (HKLM\...\DirectVobSub) (Version: - )
DocProc (Version: 8.1.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4b - SEIKO EPSON CORPORATION)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Fax (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
HP Customer Participation Program 8.0 (HKLM\...\HPExtendedCapabilities) (Version: 8.0 - HP)
HP Imaging Device Functions 8.0 (HKLM\...\HP Imaging Device Functions) (Version: 8.0 - HP)
HP OCR Software 8.0 (HKLM\...\HPOCR) (Version: 8.0 - HP)
HP Photosmart Essential (HKLM\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Solution Center 8.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 8.0 - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPProductAssistant (Version: 82.0.173.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}) (Version: 2.1.3.0000 - Hewlett Packard Development Company L.P.)
JMB36X Raid Configurer (HKLM\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
K-Lite Codec Pack 3.7.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 3.7.5 - )
LifeFrame2 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 2.0.20 - ASUS)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MarketResearch (Version: 82.0.174.000 - Hewlett-Packard) Hidden
MathType 6 (HKLM\...\DSMT6) (Version: 6.5 - Design Science, Inc.)
MATLAB R2011a (HKLM\...\MatlabR2011a) (Version: 7.12 - The MathWorks, Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: - )
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NB Probe (HKLM\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version: - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
Power4Gear eXtreme (HKLM\...\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}) (Version: 1.00.0014 - ATK)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5494 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (Version: 8.1.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.4.11328 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SolutionCenter (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)
SSH Secure Shell (HKLM\...\{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}) (Version: - )
Status (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.8.0 - Synaptics)
TeX Live 2012 (HKU\S-1-5-21-4154192477-2723174026-2473658507-1000\...\TeXLive2012) (Version: 2012 - )
Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden
TrayApp (Version: 82.0.188.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VistaFeaturePack (HKLM\...\InstallShield_{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}) (Version: 1.03.0000 - CSR)
VistaFeaturePack (Version: 1.03.0000 - CSR) Hidden
VobSub v2.23 (Remove Only) (HKLM\...\VobSub) (Version: - )
WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden
WinFlash (HKLM\...\{DE10AB76-4756-4913-BE25-55D1C1051F9A}) (Version: - )
WinRAR ???? (HKLM\...\WinRAR archiver) (Version: - )
Wireless Console 2 (HKLM\...\{83F73CB1-7705-49D1-9852-84D839CA2A45}) (Version: 2.0.8 - ATK)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4154192477-2723174026-2473658507-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\ANATOLII\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4154192477-2723174026-2473658507-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\ANATOLII\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4154192477-2723174026-2473658507-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\ANATOLII\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4154192477-2723174026-2473658507-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\ANATOLII\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-4154192477-2723174026-2473658507-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\ANATOLII\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4154192477-2723174026-2473658507-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\ANATOLII\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-4154192477-2723174026-2473658507-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\ANATOLII\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4154192477-2723174026-2473658507-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\ANATOLII\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4154192477-2723174026-2473658507-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\ANATOLII\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4154192477-2723174026-2473658507-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\ANATOLII\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4154192477-2723174026-2473658507-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ANATOLII\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 18:23 - 2015-04-20 14:53 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02E4DE3F-2DF4-4282-B651-CAA66407AD1B} - System32\Tasks\{0D04A992-30CA-4C1B-97F4-71319097B755} => Iexplore.exe
http://www.skype.com/go/downloading?source=lightinstaller&ver=6.3.0.107&LastError=404
Task: {095ADCEB-ED49-4FF3-BE90-B281F291F6CC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0F99FB19-C285-4452-B88E-B8BA078FA759} - System32\Tasks\{C58C2D42-7677-466E-AB20-2C877F9CFF88} => Iexplore.exe
http://www.skype.com/go/downloading?source=lightinstaller&ver=6.16.0.105&LastError=12029
Task: {1038D9AD-F6AC-48F1-B67F-009A47104536} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {286F5505-92F7-47C9-B9F9-E1BD4B314648} - System32\Tasks\{146792C1-8D84-4D75-96DF-4DA43FE54695} => Iexplore.exe
http://www.skype.com/go/downloading?source=lightinstaller&ver=5.3.0.120&LastError=404
Task: {2FDD58C8-0EF3-4849-A523-042070B9BF0F} - System32\Tasks\{628BFC40-98C0-4478-94EF-00E5B61C7F32} => Iexplore.exe
http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?page=tsProgressBar
Task: {32288CC7-AC65-47B3-A684-675A6DA720EE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {3A9B3037-DFD5-4E81-B2C8-BE58C9727E80} - System32\Tasks\{84649C97-9B3D-48E2-A6D8-116C46D149E7} => Iexplore.exe
http://ui.skype.com/ui/0/6.14.59.104/en/abandoninstall?page=tsProgressBar
Task: {3BB28295-9A61-470A-AC55-54B4D5FFC571} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {451A3482-A8DC-43EA-A5FE-616384C6A427} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {4705B662-3AC3-482F-9519-94AB291466CC} - System32\Tasks\{6C4454BA-A22E-4974-BBEC-BB6D54780E0B} => Iexplore.exe
http://ui.skype.com/ui/0/6.14.60.104/en/abandoninstall?page=tsProgressBar
Task: {52363FF6-0295-4E1E-A97D-6C20FBD1EEBD} - System32\Tasks\rightbackup_162353 => C:\Program Files\Right Backup\RightBackup.exe
Task: {5B298DB8-C342-4DA4-B68B-6B498F2A44CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {5DAA1915-E91E-4E3A-A9C1-D6CA3C0C845C} - System32\Tasks\{35FEE5DD-738E-490C-A599-50437C02B747} => Iexplore.exe
http://www.skype.com/go/downloading?source=lightinstaller&ver=5.3.0.120&LastError=404
Task: {5EF5B1FD-A3D7-4E85-A9D3-9A7BC2447874} - System32\Tasks\{46AF934A-CF9E-4639-BFF2-25B07A3BA544} => Iexplore.exe
http://ui.skype.com/ui/0/6.14.60.104/en/abandoninstall?page=tsProgressBar
Task: {5FF317B7-8D7B-45F6-83C8-E13B03E2074A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4154192477-2723174026-2473658507-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {6382DDDD-8021-43B2-A417-1A66DD61E2AB} - System32\Tasks\{23F487CE-418E-4880-9A14-B49FBE0889CB} => Iexplore.exe
http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?page=tsProgressBar
Task: {6B3CA9EA-B794-40F2-9A23-60D66950124C} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-12-01] ()
Task: {7149A954-577F-437E-9101-17F95ED4474F} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-4154192477-2723174026-2473658507-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {71A1FDA1-8661-4639-A5E2-68F8BF5C53EB} - System32\Tasks\{231BE699-CCCE-4EE9-9CFB-1F52F9D8AA3B} => Iexplore.exe
http://ui.skype.com/ui/0/5.3.0.120/...r,google-chrome:notoffered;systemlevelpresent
Task: {782013E1-A3C8-483F-9CBE-3F9CC0920D78} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4154192477-2723174026-2473658507-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {83E61D55-E5FD-4CA2-861E-08A0D26FCE06} - System32\Tasks\{D40FC945-960E-41DB-9214-9E1A92660F7B} => Iexplore.exe
http://ui.skype.com/ui/0/6.1.60.129/en/abandoninstall?page=tsProgressBar
Task: {8BD83A1E-AAC1-4000-B3DE-38B2DE871AF2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4154192477-2723174026-2473658507-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {8D35CAFD-4332-4D04-BD12-AF51785E161B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4154192477-2723174026-2473658507-1000UA => C:\Users\ANATOLII\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
Task: {938CE8E4-FE6B-4717-B427-984DCDB71C3D} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4154192477-2723174026-2473658507-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {9EB34599-7E1A-46D9-A6F8-1E0EA35BDBB6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-21] (Avast Software s.r.o.)
Task: {9F1905B8-1399-4914-AFA3-4AD298014EA4} - System32\Tasks\{F57096D9-2F05-4DCF-A33B-BE161304C2F7} => C:\Program Files\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {A4D4D8CA-4092-4C75-A15E-1A49AF6A5315} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4154192477-2723174026-2473658507-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {C462CBBB-BAC9-4B90-98B1-3E88BCE7EAB9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4154192477-2723174026-2473658507-1000Core => C:\Users\ANATOLII\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
Task: {C951B1AA-67F7-423F-85D5-BBC07ABD2518} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {EDFA5443-184B-4B34-B4CA-C650724A113F} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4154192477-2723174026-2473658507-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {FDB5DD2F-4AFE-4063-893B-3F4997BA6A4B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4154192477-2723174026-2473658507-1000Core.job => C:\Users\ANATOLII\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4154192477-2723174026-2473658507-1000UA.job => C:\Users\ANATOLII\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2008-07-05 04:59 - 2007-02-06 09:13 - 00094208 _____ () C:\Program Files\ATK Hotkey\ASLDRSrv.exe
2008-07-05 05:00 - 2007-08-08 15:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2015-04-21 17:17 - 2015-04-21 17:17 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-21 17:17 - 2015-04-21 17:17 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-24 08:33 - 2015-04-24 08:33 - 02927104 _____ () C:\Program Files\AVAST Software\Avast\defs\15042301\algo.dll
2013-06-07 15:18 - 2013-04-15 11:49 - 00176128 _____ () C:\Windows\System32\HP1006LM.DLL
2013-06-07 15:20 - 2013-04-15 11:49 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP1006PP.dll
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2008-07-05 04:27 - 2007-05-14 19:54 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2008-07-05 05:21 - 2007-08-04 03:24 - 00125496 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
2008-07-05 05:21 - 2007-09-15 01:00 - 00147456 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdiskex.dll
2008-07-05 05:21 - 2003-11-28 17:11 - 00135168 _____ () C:\Program Files\ASUS\NB Probe\SPM\spos.dll
2008-07-05 05:21 - 2005-08-30 06:24 - 00081920 _____ () C:\Program Files\ASUS\NB Probe\SPM\spnbacpi.dll
2008-07-05 05:21 - 2003-09-10 07:08 - 00049152 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdmi.dll
2008-07-05 05:21 - 2006-04-05 01:24 - 00036864 _____ () C:\Program Files\ASUS\NB Probe\SPM\ghadmi.dll
2008-07-05 05:21 - 2005-04-08 10:25 - 00077824 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmemory.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2008-07-05 04:59 - 2004-05-28 09:13 - 00057344 _____ () C:\Program Files\ATK Hotkey\CMSSC.dll
2008-07-05 05:00 - 2007-01-18 10:26 - 07708672 _____ () C:\Program Files\ATKOSD2\ATKOSD2.exe
2008-07-05 05:18 - 2007-12-01 02:20 - 00051768 _____ () C:\Program Files\ASUS\ASUS Live Update\ALU.exe
2008-07-05 05:31 - 2006-12-21 14:03 - 01036288 _____ () C:\Program Files\Wireless Console 2\wcourier.exe
2008-07-05 04:59 - 2006-12-19 08:26 - 02420736 _____ () C:\Program Files\ATK Hotkey\ATKOSD.exe
2008-07-05 05:43 - 2008-07-05 05:43 - 00033136 _____ () C:\Windows\ASScrPro.exe
2015-03-14 10:26 - 2015-04-21 17:17 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4154192477-2723174026-2473658507-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ANATOLII\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/24/2015 10:02:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (04/24/2015 10:01:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/24/2015 09:36:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16636, time stamp 0x54fe250f, faulting module MSHTML.dll, version 9.0.8112.16636, time stamp 0x54fe2734, exception code 0xc0000005, fault offset 0x00139a8c,
process id 0x17e8, application start time 0xiexplore.exe0.
Error: (04/24/2015 08:31:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/23/2015 10:48:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16636, time stamp 0x54fe250f, faulting module MSHTML.dll, version 9.0.8112.16636, time stamp 0x54fe2734, exception code 0xc0000005, fault offset 0x00139a8c,
process id 0x10f8, application start time 0xiexplore.exe0.
Error: (04/23/2015 10:44:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16636, time stamp 0x54fe250f, faulting module MSHTML.dll, version 9.0.8112.16636, time stamp 0x54fe2734, exception code 0xc0000005, fault offset 0x00139a8c,
process id 0xe34, application start time 0xiexplore.exe0.
Error: (04/23/2015 10:43:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16636, time stamp 0x54fe250f, faulting module MSHTML.dll, version 9.0.8112.16636, time stamp 0x54fe2734, exception code 0xc0000005, fault offset 0x00139a8c,
process id 0x1b6c, application start time 0xiexplore.exe0.
Error: (04/23/2015 06:50:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16636, time stamp 0x54fe250f, faulting module MSHTML.dll, version 9.0.8112.16636, time stamp 0x54fe2734, exception code 0xc0000005, fault offset 0x00139a8c,
process id 0x1888, application start time 0xiexplore.exe0.
Error: (04/23/2015 06:49:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16636, time stamp 0x54fe250f, faulting module MSHTML.dll, version 9.0.8112.16636, time stamp 0x54fe2734, exception code 0xc0000005, fault offset 0x00139a8c,
process id 0x16cc, application start time 0xiexplore.exe0.
Error: (04/23/2015 04:22:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16636, time stamp 0x54fe250f, faulting module MSHTML.dll, version 9.0.8112.16636, time stamp 0x54fe2734, exception code 0xc0000005, fault offset 0x00139a8c,
process id 0x117c, application start time 0xiexplore.exe0.
System errors:
=============
Error: (04/24/2015 10:02:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Adobe Flash Player Update Service%%1053
Error: (04/24/2015 10:02:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Adobe Flash Player Update Service
Error: (04/24/2015 10:01:29 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Netman
Error: (04/24/2015 10:01:29 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000MBAMService
Error: (04/24/2015 10:01:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (04/24/2015 09:59:52 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.1.106 for the Network Card with network address 001E8C24F077 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
Error: (04/24/2015 08:43:55 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: 0x80070032
Error: (04/24/2015 08:32:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (04/23/2015 06:29:57 PM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.
Error: (04/23/2015 04:04:00 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: 0x80070032
Microsoft Office Sessions:
=========================
Error: (04/24/2015 10:02:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
Error: (04/24/2015 10:01:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/24/2015 09:36:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.1663654fe250fMSHTML.dll9.0.8112.1663654fe2734c000000500139a8c17e801d07e2f14c4b5ad
Error: (04/24/2015 08:31:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/23/2015 10:48:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.1663654fe250fMSHTML.dll9.0.8112.1663654fe2734c000000500139a8c10f801d07dd3f55ccfc9
Error: (04/23/2015 10:44:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.1663654fe250fMSHTML.dll9.0.8112.1663654fe2734c000000500139a8ce3401d07dd3a4796a09
Error: (04/23/2015 10:43:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.1663654fe250fMSHTML.dll9.0.8112.1663654fe2734c000000500139a8c1b6c01d07dd3d069bc59
Error: (04/23/2015 06:50:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.1663654fe250fMSHTML.dll9.0.8112.1663654fe2734c000000500139a8c188801d07db34f4184c9
Error: (04/23/2015 06:49:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.1663654fe250fMSHTML.dll9.0.8112.1663654fe2734c000000500139a8c16cc01d07db3363180c9
Error: (04/23/2015 04:22:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.1663654fe250fMSHTML.dll9.0.8112.1663654fe2734c000000500139a8c117c01d07d9e15a5f2b9
CodeIntegrity Errors:
===================================
Date: 2015-04-24 10:05:27.910
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-24 10:05:27.660
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-24 10:05:27.395
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-24 10:05:27.114
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-24 10:01:27.239
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-24 09:18:34.228
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-24 09:18:33.947
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-24 09:18:33.680
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-24 09:18:33.385
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-24 09:18:33.082
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T8100 @ 2.10GHz
Percentage of memory in use: 50%
Total physical RAM: 2046.48 MB
Available physical RAM: 1005.73 MB
Total Pagefile: 4335.94 MB
Available Pagefile: 3114.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1888.2 MB
==================== Drives ================================
Drive c: (VistaOS) (Fixed) (Total:74.52 GB) (Free:7.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:64.76 GB) (Free:10.97 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: 169BC991)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=1C)
Partition 2: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=64.8 GB) - (Type=OF Extended)
==================== End Of Log ============================