Jump to content

Sangrail

Honorary Members
 View Profile  See their activity

  • Posts

    26

  • Joined

  • Last visited

 Content Type 

Everything posted by Sangrail

  1. Sangrail
    Good morning! I have both Malware and AVG giving 'blocked by system administrator' warnings when I try to open them. I hope you'll be able to help, as I am not good at technical computer things. I have made my hidden files visible and run the Fabar scan as follows: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02 Ran by Kristof (administrator) on KRISTOF-TOSH on 14-06-2014 08:18:14 Running from C:\Users\Kristof\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (ParetoLogic) C:\Program Files (x86)\ParetoLogic\FileCure\FileCure.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TEco.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (Dropbox, Inc.) C:\Users\Kristof\AppData\Roaming\Dropbox\bin\Dropbox.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Garmin) C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-08-03] (TOSHIBA Corporation) HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050000 2009-08-06] (Toshiba Europe GmbH) HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [596328 2009-08-06] (TOSHIBA Corporation) HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35160 2009-08-06] (TOSHIBA Corporation) HKLM\...\Run: [smoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation) HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-05] (TOSHIBA Corporation) HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation) HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [909624 2009-08-05] (TOSHIBA Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-20] (Synaptics Incorporated) HKLM\...\Run: [smartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-07-29] (TOSHIBA Corporation) HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1481568 2009-08-26] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711000 2009-08-04] (TOSHIBA Corporation) HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [134032 2009-07-30] (Toshiba Europe GmbH) HKLM-x32\...\Run: [sVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2009-08-12] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2009-06-02] (TOSHIBA Electronics, Inc.) HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2446648 2009-08-11] (TOSHIBA CORPORATION.) HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [887976 2011-08-23] (Ask) HKLM-x32\...\Run: [Garmin Lifetime Updater] => C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe [1446248 2011-12-15] (Garmin) HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-03-30] (RealNetworks, Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.) HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [597880 2012-12-05] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation) HKLM Group Policy restriction on software: C:\Program Files\McAfee <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files (x86)\AVG <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files (x86)\AVG <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files (x86)\McAfee <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files (x86)\Malwarebytes' Anti-Malware <====== ATTENTION HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,,C:\Users\Kristof\AppData\Local\hyolcgok\pcgxmjxb.exe Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\.DEFAULT\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA) HKU\S-1-5-21-1479523844-115908511-3653597545-1001\...\Run: [pthti] => rundll32.exe "C:\Users\Kristof\AppData\Roaming\pthti.dll",SelectImageCatalogFolder <===== ATTENTION HKU\S-1-5-21-1479523844-115908511-3653597545-1001\...\Run: [dnryc] => "C:\Windows\System32\rundll32.exe" "C:\Users\Kristof\AppData\Roaming\dnryc.dll",SetClosure <===== ATTENTION HKU\S-1-5-21-1479523844-115908511-3653597545-1001\...\Run: [AVG-Secure-Search-Update_1113a] => C:\Users\Kristof\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=48591036437447d3b569a113f09f20ef-aaa8842c62d8757010e2ca1c1aa8ddc4ca837d4b /CMPID=1113a HKU\S-1-5-21-1479523844-115908511-3653597545-1001\...0c966feabec1\InprocServer32: [Default-shell32] C:\Users\Kristof\AppData\Local\{4017b06d-d5e9-f7d0-29b9-4cc9a224258b}\n. ATTENTION! ====> ZeroAccess/Alureon? Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Download Centre.lnk ShortcutTarget: Download Centre.lnk -> C:\Program Files (x86)\Yamaha Corporation\Digital Music Notebook\Common\Download Centre\Download Centre.exe (YAMAHA CORPORATION) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Kristof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Kristof\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Kristof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\explorer.lnk ShortcutTarget: explorer.lnk -> C:\PROGRA~3\54B3A3~1\732qml0.cpp (No File) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH URLSearchHook: HKLM-x32 - FLV Runner Toolbar - {3bbd3c14-4c16-4989-8366-95bc9179779d} - C:\Program Files (x86)\FLV_Runner\prxtbFLV0.dll (Conduit Ltd.) URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - DefaultScope {D565CDC1-3E7C-4FBC-BB9E-7734DD7517A9} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091 SearchScopes: HKCU - {21CD5B7D-DB14-4BB6-96B3-C8EAC7E02D89} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_UK&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=3F89DC4B-5123-4D0B-84C2-9C3D68079D36&apn_sauid=1783B3C4-8676-4EF1-B977-C03C7A653988& SearchScopes: HKCU - {417A005D-54FF-41C4-A865-B3C205ED4E54} URL = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2 SearchScopes: HKCU - {9AD3170F-725A-41EA-91AD-E237EAA134E9} URL = http://uk.search.yahoo.com/search?fr=mcafee&p={SearchTerms} SearchScopes: HKCU - {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} URL = http://eu.ask.com/web?l=dis&o=APN10019&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^GB&apn_ptnrs=^A4L&apn_uid=4495992994064201&p2=^A4L^YYYYYY^YY^GB&q={searchTerms} SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80137&iwk=281&lng=en SearchScopes: HKCU - {D565CDC1-3E7C-4FBC-BB9E-7734DD7517A9} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091 SearchScopes: HKCU - {F086E8F8-34EF-4E37-B275-E21DB5AF156E} URL = http://rover.ebay.com/rover/1/710-44557-9400-9/4?satitle={searchTerms} BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll No File BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll No File BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: FLV Runner Toolbar - {3bbd3c14-4c16-4989-8366-95bc9179779d} - C:\Program Files (x86)\FLV_Runner\prxtbFLV0.dll (Conduit Ltd.) BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Search Results Toolbar - {fa63398e-322b-4833-9af3-15837ad12138} - C:\Program Files (x86)\searchresults\searchresultsDx.dll (Ask.com) Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll No File Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKLM-x32 - FLV Runner Toolbar - {3bbd3c14-4c16-4989-8366-95bc9179779d} - C:\Program Files (x86)\FLV_Runner\prxtbFLV0.dll (Conduit Ltd.) Toolbar: HKLM-x32 - Search Results Toolbar - {fa63398e-322b-4833-9af3-15837ad12138} - C:\Program Files (x86)\searchresults\searchresultsDx.dll (Ask.com) Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {3BBD3C14-4C16-4989-8366-95BC9179779D} - No File DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: HKLM-x32 {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/software/win/ActiveXPlugin.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox64.dll No File Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll No File Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=16.0.1.18 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.0.198 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.0.198 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=16.0.1.18 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [{0493D792-5C92-440b-81A8-AD6CDFC75212}] - C:\Program Files (x86)\Yamaha Corporation\Digital Music Notebook\Common\Bootstrapper\XpCom\ FF Extension: Digital Music Notebook - C:\Program Files (x86)\Yamaha Corporation\Digital Music Notebook\Common\Bootstrapper\XpCom\ [] FF HKLM-x32\...\Firefox\Extensions: [{DAC3F861-B30D-40dd-9166-F4E75327FAC7}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-03-30] Chrome: ======= CHR HomePage: hxxp://www.google.com CHR RestoreOnStartup: "hxxp://www.google.com" CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR Extension: (SiteAdvisor) - C:\Users\Kristof\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2011-11-18] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Kristof\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-11-18] CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-06] ==================== Services (Whitelisted) ================= R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.) S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2012-12-05] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2012-12-05] (BlueStack Systems, Inc.) R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] () R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116104 2009-08-06] (Toshiba Europe GmbH) S2 Winmgmt; C:\PROGRA~3\54B3A3B70419D8318008E045557603FC\0lmq237.dot [X] ==================== Drivers (Whitelisted) ==================== R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [273176 2014-05-13] (AVG Technologies CZ, s.r.o.) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2012-12-05] (BlueStack Systems) S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-14 08:18 - 2014-06-14 08:19 - 00024021 _____ () C:\Users\Kristof\Downloads\FRST.txt 2014-06-14 08:16 - 2014-06-14 08:18 - 00000000 ____D () C:\FRST 2014-06-14 08:16 - 2014-06-14 08:16 - 02081792 _____ (Farbar) C:\Users\Kristof\Downloads\FRST64.exe 2014-06-14 08:14 - 2014-06-14 08:14 - 00000064 _____ () C:\Users\Kristof\AppData\Roaming\mbam.context.scan 2014-06-14 07:52 - 2014-06-14 07:53 - 00000563 _____ () C:\Users\Kristof\Desktop\avgrep.txt 2014-06-14 07:39 - 2014-06-14 07:41 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kristof\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-13 17:55 - 2014-06-14 07:56 - 00003352 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1479523844-115908511-3653597545-1001 2014-06-13 17:55 - 2014-06-14 07:56 - 00003222 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1479523844-115908511-3653597545-1001 2014-06-07 08:29 - 2014-06-07 08:29 - 00004430 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log 2014-06-07 08:29 - 2014-06-07 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-07 08:29 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-06-07 08:29 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-06-07 08:29 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-06-07 08:29 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-06-01 22:25 - 2014-06-01 22:26 - 00000511 _____ () C:\ProgramData\RUNDLL32.EXE-3164-F.txt 2014-06-01 22:21 - 2014-06-01 22:21 - 00000512 _____ () C:\ProgramData\RUNDLL32.EXE-2528-F.txt 2014-06-01 22:17 - 2014-06-01 22:18 - 00000614 _____ () C:\ProgramData\RUNDLL32.EXE-3556-F.txt 2014-06-01 21:54 - 2014-06-01 21:56 - 00001555 _____ () C:\ProgramData\RUNDLL32.EXE-3404-F.txt 2014-06-01 21:42 - 2014-06-01 21:46 - 00003232 _____ () C:\ProgramData\RUNDLL32.EXE-3808-F.txt 2014-06-01 16:43 - 2014-06-01 22:51 - 00000000 ____D () C:\ProgramData\54B3A3B70419D8318008E045557603FC ==================== One Month Modified Files and Folders ======= 2014-06-14 08:19 - 2014-06-14 08:18 - 00024021 _____ () C:\Users\Kristof\Downloads\FRST.txt 2014-06-14 08:19 - 2012-04-11 20:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-14 08:19 - 2010-04-05 18:47 - 00000000 ____D () C:\Users\Kristof\AppData\Local\Temp 2014-06-14 08:18 - 2014-06-14 08:16 - 00000000 ____D () C:\FRST 2014-06-14 08:16 - 2014-06-14 08:16 - 02081792 _____ (Farbar) C:\Users\Kristof\Downloads\FRST64.exe 2014-06-14 08:14 - 2014-06-14 08:14 - 00000064 _____ () C:\Users\Kristof\AppData\Roaming\mbam.context.scan 2014-06-14 08:04 - 2009-07-14 05:45 - 00016304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-14 08:04 - 2009-07-14 05:45 - 00016304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-14 08:01 - 2013-11-20 20:34 - 00000000 ____D () C:\Users\Kristof\AppData\Roaming\Dropbox 2014-06-14 07:58 - 2014-05-02 22:12 - 00000000 ____D () C:\Users\Kristof\AppData\Roaming\DropboxMaster 2014-06-14 07:58 - 2013-11-20 20:37 - 00000000 ___RD () C:\Users\Kristof\Dropbox 2014-06-14 07:56 - 2014-06-13 17:55 - 00003352 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1479523844-115908511-3653597545-1001 2014-06-14 07:56 - 2014-06-13 17:55 - 00003222 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1479523844-115908511-3653597545-1001 2014-06-14 07:56 - 2011-05-07 19:35 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-14 07:56 - 2010-12-06 00:39 - 00000408 _____ () C:\Windows\Tasks\FileCure Startup.job 2014-06-14 07:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-14 07:56 - 2009-07-14 05:51 - 00231462 _____ () C:\Windows\setupact.log 2014-06-14 07:53 - 2014-06-14 07:52 - 00000563 _____ () C:\Users\Kristof\Desktop\avgrep.txt 2014-06-14 07:41 - 2014-06-14 07:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kristof\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-14 07:39 - 2011-11-18 23:03 - 00002190 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-14 07:39 - 2011-05-07 19:35 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-13 18:55 - 2013-11-14 21:48 - 00000000 ____D () C:\ProgramData\MFAData 2014-06-11 22:26 - 2010-02-27 00:11 - 01811653 _____ () C:\Windows\WindowsUpdate.log 2014-06-07 08:31 - 2013-10-29 23:26 - 00000000 ____D () C:\ProgramData\Oracle 2014-06-07 08:29 - 2014-06-07 08:29 - 00004430 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log 2014-06-07 08:29 - 2014-06-07 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-07 08:29 - 2010-04-09 20:53 - 00000000 ____D () C:\Program Files (x86)\Java 2014-06-02 07:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2014-06-02 07:01 - 2011-05-07 19:34 - 00000000 ____D () C:\ProgramData\Real 2014-06-01 22:51 - 2014-06-01 16:43 - 00000000 ____D () C:\ProgramData\54B3A3B70419D8318008E045557603FC 2014-06-01 22:51 - 2009-09-04 15:38 - 00668924 _____ () C:\Windows\PFRO.log 2014-06-01 22:26 - 2014-06-01 22:25 - 00000511 _____ () C:\ProgramData\RUNDLL32.EXE-3164-F.txt 2014-06-01 22:21 - 2014-06-01 22:21 - 00000512 _____ () C:\ProgramData\RUNDLL32.EXE-2528-F.txt 2014-06-01 22:18 - 2014-06-01 22:17 - 00000614 _____ () C:\ProgramData\RUNDLL32.EXE-3556-F.txt 2014-06-01 22:10 - 2010-04-05 18:47 - 00000000 ____D () C:\Users\Kristof 2014-06-01 21:56 - 2014-06-01 21:54 - 00001555 _____ () C:\ProgramData\RUNDLL32.EXE-3404-F.txt 2014-06-01 21:46 - 2014-06-01 21:42 - 00003232 _____ () C:\ProgramData\RUNDLL32.EXE-3808-F.txt 2014-06-01 16:56 - 2013-08-15 21:03 - 00000000 ____D () C:\Users\Kristof\Documents\DSR 2014-06-01 16:56 - 2010-04-05 20:55 - 00000000 ____D () C:\Users\Kristof\Documents\Church 2014-05-24 16:26 - 2013-11-20 20:37 - 00001035 _____ () C:\Users\Kristof\Desktop\Dropbox.lnk 2014-05-24 16:26 - 2013-11-20 20:34 - 00000000 ____D () C:\Users\Kristof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-05-24 16:26 - 2010-04-05 18:47 - 00000000 ___RD () C:\Users\Kristof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-23 07:52 - 2013-03-12 19:19 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-05-22 20:03 - 2009-07-14 06:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-05-19 21:27 - 2014-03-31 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-05-19 21:27 - 2013-11-14 22:10 - 00000972 _____ () C:\Users\Public\Desktop\AVG 2014.lnk 2014-05-17 08:39 - 2010-12-06 00:02 - 00000386 _____ () C:\Windows\Tasks\PC Health Advisor.job ZeroAccess: C:\Windows\Installer\{4017b06d-d5e9-f7d0-29b9-4cc9a224258b} ZeroAccess: C:\Users\Kristof\AppData\Local\{4017b06d-d5e9-f7d0-29b9-4cc9a224258b} Files to move or delete: ==================== C:\ProgramData\nud0repor.pad Some content of TEMP: ==================== C:\Users\Kristof\AppData\Local\Temp\2jfuweif.exe C:\Users\Kristof\AppData\Local\Temp\6odkabws.dll C:\Users\Kristof\AppData\Local\Temp\ApnStub.exe C:\Users\Kristof\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpz4btnn.dll C:\Users\Kristof\AppData\Local\Temp\FlashPlayerUpdate.exe C:\Users\Kristof\AppData\Local\Temp\i4jdel0.exe C:\Users\Kristof\AppData\Local\Temp\InstallFlashPlayer.exe C:\Users\Kristof\AppData\Local\Temp\jhuvgzvq.dll C:\Users\Kristof\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe C:\Users\Kristof\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe C:\Users\Kristof\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe C:\Users\Kristof\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe C:\Users\Kristof\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe C:\Users\Kristof\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe C:\Users\Kristof\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe C:\Users\Kristof\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe C:\Users\Kristof\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe C:\Users\Kristof\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\Kristof\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\Kristof\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Kristof\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Kristof\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Kristof\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe C:\Users\Kristof\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe C:\Users\Kristof\AppData\Local\Temp\lowproc.exe C:\Users\Kristof\AppData\Local\Temp\nsmF4FC.tmp.tbFLV_.dll C:\Users\Kristof\AppData\Local\Temp\rnsetup0.exe C:\Users\Kristof\AppData\Local\Temp\Setup.exe C:\Users\Kristof\AppData\Local\Temp\stubhelper.dll C:\Users\Kristof\AppData\Local\Temp\tbedrs.dll C:\Users\Kristof\AppData\Local\Temp\TB_A2E3.exe C:\Users\Kristof\AppData\Local\Temp\tmp2857.exe C:\Users\Kristof\AppData\Local\Temp\tmp3101.exe C:\Users\Kristof\AppData\Local\Temp\tmp3265.exe C:\Users\Kristof\AppData\Local\Temp\tmp361C.exe C:\Users\Kristof\AppData\Local\Temp\tmp36B8.exe C:\Users\Kristof\AppData\Local\Temp\tmp42DE.exe C:\Users\Kristof\AppData\Local\Temp\tmp57A4.exe C:\Users\Kristof\AppData\Local\Temp\tmp5BB6.exe C:\Users\Kristof\AppData\Local\Temp\tmp5D6B.exe C:\Users\Kristof\AppData\Local\Temp\tmp63A2.exe C:\Users\Kristof\AppData\Local\Temp\tmp6622.exe C:\Users\Kristof\AppData\Local\Temp\tmp709D.exe C:\Users\Kristof\AppData\Local\Temp\tmp7DC6.exe C:\Users\Kristof\AppData\Local\Temp\tmp86BC.exe C:\Users\Kristof\AppData\Local\Temp\tmp88C.exe C:\Users\Kristof\AppData\Local\Temp\tmp8B31.exe C:\Users\Kristof\AppData\Local\Temp\tmp8E59.exe C:\Users\Kristof\AppData\Local\Temp\tmp8F55.exe C:\Users\Kristof\AppData\Local\Temp\tmp90D9.exe C:\Users\Kristof\AppData\Local\Temp\tmp9117.exe C:\Users\Kristof\AppData\Local\Temp\tmp9619.exe C:\Users\Kristof\AppData\Local\Temp\tmp981.exe C:\Users\Kristof\AppData\Local\Temp\tmpA0B1.exe C:\Users\Kristof\AppData\Local\Temp\tmpAEE6.exe C:\Users\Kristof\AppData\Local\Temp\tmpB1A6.exe C:\Users\Kristof\AppData\Local\Temp\tmpC38C.exe C:\Users\Kristof\AppData\Local\Temp\tmpC87D.exe C:\Users\Kristof\AppData\Local\Temp\tmpCC82.exe C:\Users\Kristof\AppData\Local\Temp\tmpCE29.exe C:\Users\Kristof\AppData\Local\Temp\tmpD383.exe C:\Users\Kristof\AppData\Local\Temp\z4-dbty0.dll C:\Users\Kristof\AppData\Local\Temp\_is91C3.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-07 18:55 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2014 02 Ran by Kristof at 2014-06-14 08:19:38 Running from C:\Users\Kristof\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft) Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft) ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Amazon.co.uk (HKLM-x32\...\{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}) (Version: - Amazon EU S.a.r.L.) Apple Application Support (HKLM-x32\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.13.1.0 - Ask.com) <==== ATTENTION AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies) AVG 2014 (Version: 14.0.3964 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.8.829 - BlueStack Systems, Inc.) Chinese Traditional Fonts Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-2448-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated) Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated) Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.) eBay (HKLM-x32\...\{E83BA61A-5D77-4DD5-9C92-A3447F11E27D}) (Version: 1.0.4 - eBay Inc.) Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - ) Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - ) FLV Runner Toolbar (HKLM-x32\...\FLV_Runner Toolbar) (Version: 6.9.0.16 - FLV Runner) Garmin Communicator Plugin (HKLM-x32\...\{8ED02445-D491-414C-A56D-2ED6BBB7239A}) (Version: 3.0.1 - Garmin Ltd or its subsidiaries) Garmin Lifetime Updater (HKLM-x32\...\{028BB5A9-6385-4CF6-A6FF-D512D5015DBA}) (Version: 2.1.6 - Garmin) Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden Halls Of The Things 2008 (HKLM-x32\...\{CF562358-1D1D-4CD3-89DB-D410EFD5E675}) (Version: 1.0.0 - ASD) Hawke ChairGun Pro 1.0.4f (HKLM-x32\...\{3F7D6F1F-AE40-46E7-95E4-9B2242A6EC6D}_is1) (Version: - Hawke Sport Optics) HP Deskjet 2050 J510 series Basic Device Software (HKLM\...\{D7716C7E-75F1-4C51-A2D5-C6A1E8311D53}) (Version: 20.0.771.0 - Hewlett-Packard Co.) HP Deskjet 2050 J510 series Help (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.55.55 - Hewlett Packard) HP Deskjet 2050 J510 series Product Improvement Study (HKLM\...\{88FD4472-F950-4083-A6FA-A829AC785B04}) (Version: 20.0.771.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard) Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1883 - Intel Corporation) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Japanese Fonts Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5760-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated) Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle) Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation) MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Notification Center (HKLM-x32\...\{FDAD2767-11CA-4D38-9CC4-48770CE3CC7B}) (Version: 0.7.8.829 - BlueStack Systems, Inc.) ParetoLogic FileCure (HKLM-x32\...\{C1C441C4-57FA-4950-BDBA-BABFBAA2AA39}) (Version: 1.1.2.0 - ParetoLogic, Inc.) ParetoLogic PC Health Advisor (HKLM-x32\...\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}) (Version: 3.0.0.0 - ParetoLogic, Inc.) Perfection V600 Photo Manual (HKLM-x32\...\Perfection V600 Photo User’s Guide) (Version: - ) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.) RealDownloader (x32 Version: 1.3.1 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks) RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks) Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.) Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Search Results Toolbar (HKLM-x32\...\searchresults) (Version: 1.0.0.12 - ) <==== ATTENTION Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Sibelius Scorch (ActiveX Only) (HKLM-x32\...\{868291A4-229E-4795-B0B0-E60E87AF53CD}) (Version: 6.2.0 - Sibelius Software) Skype Launcher (HKLM-x32\...\{26D8DF7E-DBF8-43A6-8D42-F37497CE603D}) (Version: - Skype Technologies S.A.) Skype™ 4.2 (HKLM-x32\...\{D103C4BA-F905-437A-8049-DB24763BBE36}) (Version: 4.2.155 - Skype Technologies S.A.) Swarovski Optik Ballistic Program (HKLM-x32\...\SwarovskiOptikBallisticProgram) (Version: 1.141 - UNKNOWN) Swarovski Optik Ballistic Program (x32 Version: 1.141 - UNKNOWN) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.6.1 - Synaptics Incorporated) Toshiba Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.09 - TOSHIBA) TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}) (Version: 1.0.04.64 - TOSHIBA Corporation) TOSHIBA Bulletin Board (Version: 1.0.04.64 - Your Company Name) Hidden TOSHIBA ConfigFree (HKLM-x32\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.21 - TOSHIBA Corporation) TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.1 for x64 - TOSHIBA Corporation) TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.0.07-A - TOSHIBA Corporation) TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.1.10.64 - TOSHIBA Corporation) TOSHIBA eco Utility (Version: 1.1.10.64 - TOSHIBA Corporation) Hidden TOSHIBA eco Utility (x32 Version: 1.1.10.64 - TOSHIBA Corporation) Hidden TOSHIBA Extended Tiles for Windows Mobility Center (HKLM-x32\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: - ) TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00 - TOSHIBA Corporation) Hidden TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.1.64 - TOSHIBA Corporation) TOSHIBA Face Recognition (Version: 3.1.1.64 - TOSHIBA Corporation) Hidden TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.4C - TOSHIBA CORPORATION) TOSHIBA Flash Cards Support Utility (x32 Version: 1.63.0.4C - TOSHIBA CORPORATION) Hidden TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.11C - TOSHIBA CORPORATION) TOSHIBA Hardware Setup (x32 Version: 1.63.0.11C - TOSHIBA CORPORATION) Hidden TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.0 - TOSHIBA Corporation) TOSHIBA HDD/SSD Alert (Version: 3.1.64.0 - TOSHIBA Corporation) Hidden TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.0 - TOSHIBA Corporation) Hidden Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.00 - TOSHIBA) Toshiba Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.08.0001 - TOSHIBA) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.4.1.64 - TOSHIBA Corporation) Toshiba Photo Service - powered by myphotobook (HKLM-x32\...\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.0.0-663 - myphotobook GmbH) Toshiba Photo Service - powered by myphotobook (x32 Version: 1.0.0 - myphotobook GmbH) Hidden TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation) TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA) TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019 - TOSHIBA) Hidden TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{C2DDF845-7107-40E8-8D2A-8719F1799570}) (Version: 1.0.04.64 - TOSHIBA Corporation) TOSHIBA ReelTime (Version: 1.0.04.64 - TOSHIBA Corporation) Hidden TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.9.1.12 - TOSHIBA) TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA) TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.7C - TOSHIBA CORPORATION) TOSHIBA Supervisor Password (x32 Version: 1.63.0.7C - TOSHIBA CORPORATION) Hidden Toshiba TEMPRO (HKLM-x32\...\{42CB94C5-66F6-4F63-8D31-7FA3A86490A8}) (Version: 2.20 - Toshiba Europe GmbH) Toshiba TEMPRO (HKLM-x32\...\{9E4FF410-471F-49E3-9358-74FF0D5E9901}) (Version: 3.05 - Toshiba Europe GmbH) TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.2.25.64 - TOSHIBA Corporation) TOSHIBA Value Added Package (Version: 1.2.25.64 - TOSHIBA Corporation) Hidden TOSHIBA Value Added Package (x32 Version: 1.2.25.64 - TOSHIBA Corporation) Hidden TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.4 - TOSHIBA Corporation) TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: - ) TRORMCLauncher (Version: 1.0.0.7 - TOSHIBA) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft) Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft) Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft) Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft) Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft) Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft) Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft) Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{B5B7C5DB-74C3-43E0-8413-0C6C1CA4DED0}) (Version: - Microsoft) Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft) Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft) Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft) Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft) Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft) Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft) Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft) Utility Common Driver (x32 Version: 1.0.50.27C - TOSHIBA) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Vuze (HKLM\...\8461-7759-5462-8226) (Version: 4.8.1.2 - Azureus Software, Inc.) WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.0.71 - WildTangent) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin) Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - ) Yamaha's Digital Music Notebook (HKLM-x32\...\{B40902A8-9A11-4FB5-8445-68075A504943}) (Version: 3.0.71.2 - YAMAHA) ==================== Restore Points ========================= Could not list Restore Points. Check "winmgmt" service or repair WMI. ==================== Hosts content: ========================== 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {089038D4-49AB-4A66-AE4F-75FE764C4E39} - System32\Tasks\{F86E1CA2-8766-46D3-93C4-387F8BE56FC4} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-03-09] (Skype Technologies S.A.) Task: {099AD429-C619-4A1F-9877-0955F5953B05} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2009-07-13] (TOSHIBA CORPORATION) Task: {0ACC7EEC-D357-48E7-9633-2171B8854F4B} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1479523844-115908511-3653597545-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.) Task: {1280100F-1CC8-4275-A570-F1F958504651} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {233C73D5-BB9E-4923-AD75-31D602D5EF08} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2011-08-23] () <==== ATTENTION Task: {2FC1424D-DF7D-4F20-9AA4-3E11AF9FC2B9} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1479523844-115908511-3653597545-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.) Task: {37331147-881F-4F5C-AFE7-FE84300F0691} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated) Task: {47692B03-664C-4746-9CCE-66E276194796} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-02-02] (Hewlett-Packard Co.) Task: {4FC443E6-8DFC-4FF9-A951-13D5F295A216} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-07] (Google Inc.) Task: {553462A8-2464-4A12-A96E-B9BDAA574BF9} - System32\Tasks\PC Health Advisor => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe Task: {AD479A89-676C-48EA-B282-836EC44F62E8} - System32\Tasks\FileCure Startup => C:\Program Files (x86)\ParetoLogic\FileCure\FileCure.exe [2010-10-12] (ParetoLogic) Task: {BD33039A-E727-4443-B1A2-5DDAEEE5939C} - System32\Tasks\RealCreateProcessScheduledTask710506S-1-5-21-1479523844-115908511-3653597545-1001 => c:\program files (x86)\real\realplayer\realplay.exe [2013-03-30] (RealNetworks, Inc.) Task: {BE95BBF2-8E01-4C9B-8D58-54923D56CFA9} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1479523844-115908511-3653597545-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.) Task: {E553C49B-0221-41F2-B80D-39FA46D568FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-07] (Google Inc.) Task: {ED105BC6-6006-46FD-92A5-AF3513FD1B0E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1479523844-115908511-3653597545-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.) Task: {F086DB87-B077-4C2D-837E-5D5A58997C4C} - System32\Tasks\PC Health Advisor Defrag => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FileCure Startup.job => C:\Program Files (x86)\ParetoLogic\FileCure\FileCure.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe Task: C:\Windows\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe ==================== Loaded Modules (whitelisted) ============= 2013-03-06 03:21 - 2013-03-06 03:21 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe 2009-07-16 16:27 - 2009-07-16 16:27 - 07244600 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll 2009-07-16 16:27 - 2009-07-16 16:27 - 00051512 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll 2009-09-04 15:30 - 2009-06-22 15:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll 2009-03-12 20:08 - 2009-03-12 20:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll 2009-07-25 17:38 - 2009-07-25 17:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll 2014-06-14 07:58 - 2014-06-14 07:58 - 00043008 _____ () c:\users\kristof\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpz4btnn.dll 2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Kristof\AppData\Roaming\Dropbox\bin\libcef.dll 2010-04-12 20:57 - 2009-03-12 15:45 - 00135168 _____ () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll 2010-04-12 20:57 - 2008-11-21 13:58 - 00057344 _____ () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Kristof\Documents\orgpics:Roxio EMC Stream AlternateDataStreams: C:\Users\Kristof\Documents\POI 1206:Roxio EMC Stream ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (06/14/2014 07:59:10 AM) (Source: TOSHIBA Service Station) (EventID: 0) (User: ) Description: TSS Load: could not communicate with TMachInfo service Error: (06/14/2014 07:56:42 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (06/14/2014 07:55:16 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: ) Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object. Details: Could not query the status of the EventSystem service. System Error: A system shutdown is in progress. . Error: (06/14/2014 07:20:32 AM) (Source: TOSHIBA Service Station) (EventID: 0) (User: ) Description: TSS Load: could not communicate with TMachInfo service Error: (06/14/2014 06:54:55 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (06/13/2014 05:57:02 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: ) Description: TSS Load: could not communicate with TMachInfo service Error: (06/13/2014 05:54:12 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (06/12/2014 06:02:48 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: ) Description: TSS Load: could not communicate with TMachInfo service Error: (06/12/2014 05:56:43 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (06/11/2014 09:22:27 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: ) Description: TSS Load: could not communicate with TMachInfo service System errors: ============= Error: (06/14/2014 08:23:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (06/14/2014 08:22:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (06/14/2014 08:22:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (06/14/2014 08:21:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (06/14/2014 08:21:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (06/14/2014 08:20:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (06/14/2014 08:20:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (06/14/2014 08:19:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (06/14/2014 08:19:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (06/14/2014 08:18:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Management Instrumentation service terminated with the following error: %%126 Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2013-08-16 17:55:26.393 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-08-16 17:55:26.378 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-08-16 17:55:26.378 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-05-11 07:26:46.923 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-05-11 07:26:46.923 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-05-11 07:26:46.923 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-04-27 21:22:10.239 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-04-27 21:22:10.239 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-04-27 21:22:10.239 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-03-31 09:03:48.481 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 47% Total physical RAM: 3932.88 MB Available physical RAM: 2067.56 MB Total Pagefile: 7863.94 MB Available Pagefile: 5794.41 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (WINDOWS) (Fixed) (Total:149.04 GB) (Free:92.34 GB) NTFS Drive d: (Data) (Fixed) (Total:148.65 GB) (Free:141.98 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: F90D3CF3) Partition 1: (Active) - (Size=400 MB) - (Type=27) Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=149 GB) - (Type=07 NTFS) ==================== End Of Log ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.