so this are my Twilight Zone reports I don't seem to find the add file button and I don't know how to open the rogue killer report, but I did export it in txt format, so here they are Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 21-Aug-15Scan Time: 11:30 PMLogfile: malware bytes scan.txtAdministrator: Yes Version: 2.1.8.1057Malware Database: v2015.08.21.09Rootkit Database: v2015.08.16.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: sebseb Scan Type: Threat ScanResult: CompletedObjects Scanned: 408557Time Elapsed: 17 min, 49 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledDeep Rootkit Scan: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015 02Ran by sebseb (administrator) on SAMOYED (22-08-2015 00:20:45)Running from C:\Users\sebseb\DesktopLoaded Profiles: sebseb (Available Profiles: sebseb)Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe(AMD) C:\Windows\System32\atiesrxx.exe(AMD) C:\Windows\System32\atieclxx.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [smartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-20] (TOSHIBA Corporation)HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-20] ()HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-11] (Synaptics Incorporated)HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-12] (TOSHIBA Corporation)HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-10] (TOSHIBA Corporation)HKLM\...\Run: [smoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchHKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-27] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3780520 2015-07-31] (AVG Technologies CZ, s.r.o.)HKLM-x32\...\Run: [smartBillSys] => "C:\Smart Bill Standard 2014\Smart Bill Standard.exe" /sHKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [336992 2012-12-09] (Power Software Ltd)HKLM-x32\...\Run: [ACPW05EN] => C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe [822384 2011-11-17] (ACD Systems)HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)HKU\S-1-5-21-145485975-1998042031-899343709-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)HKU\S-1-5-21-145485975-1998042031-899343709-1000\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)HKU\S-1-5-21-145485975-1998042031-899343709-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [328568 2015-03-04] (BitTorrent, Inc.)HKU\S-1-5-21-145485975-1998042031-899343709-1000\...\Run: [AdobeBridge] => [X]HKU\S-1-5-21-145485975-1998042031-899343709-1000\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [919296 2015-06-03] (Kaspersky Lab ZAO) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-145485975-1998042031-899343709-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehpSearchScopes: HKU\S-1-5-21-145485975-1998042031-899343709-1000 -> DefaultScope {02CA8B96-86C9-4DA4-ADDE-5406533F7520} URL = hxxps://www.google.com/search?q={searchTerms}SearchScopes: HKU\S-1-5-21-145485975-1998042031-899343709-1000 -> {02CA8B96-86C9-4DA4-ADDE-5406533F7520} URL = hxxps://www.google.com/search?q={searchTerms}BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-03-03] (Oracle Corporation)BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-03] (Oracle Corporation)DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cabHandler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)Tcpip\Parameters: [DhcpNameServer] 93.170.123.36 8.8.8.8Tcpip\..\Interfaces\{1B57B31B-F51E-4EA6-A472-101DA28592E8}: [DhcpNameServer] 93.170.123.36 8.8.8.8Tcpip\..\Interfaces\{68B43A52-0EC0-4FDD-8619-D1E4090964DD}: [DhcpNameServer] 192.168.0.1 FireFox:========FF Plugin: @microsoft.com/GENUINE -> disabled [No File]FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-03] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-03] (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) Chrome: =======CHR Profile: C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-03]CHR Extension: (Google Docs) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-03]CHR Extension: (Google Drive) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-03]CHR Extension: (YouTube) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-03]CHR Extension: (Google Search) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-03]CHR Extension: (Canadian Wood Theme) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgkdanlgpiliplalikekhmhfgmmbhbg [2015-03-03]CHR Extension: (Google Sheets) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-03]CHR Extension: (AdBlock) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-03]CHR Extension: (Chrome Web Store Payments) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-07]CHR Extension: (Bitdefender QuickScan) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-03-04]CHR Extension: (Gmail) - C:\Users\sebseb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-03]CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3633576 2015-07-31] (AVG Technologies CZ, s.r.o.)R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-07-31] (AVG Technologies CZ, s.r.o.)S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [919296 2015-06-03] (Kaspersky Lab ZAO)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-24] (StarWind Software) [File not signed]S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-08-16] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2014-08-16] (Advanced Micro Devices)R5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312752 2015-07-28] (AVG Technologies CZ, s.r.o.)R5 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)R5 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)R5 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [245680 2015-07-28] (AVG Technologies CZ, s.r.o.)R5 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.)R5 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] (Microsoft Corporation)R5 CNG; C:\Windows\System32\Drivers\cng.sys [458712 2014-08-16] (Microsoft Corporation)R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [720952 2010-03-05] (Conexant Systems Inc.)R5 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-14] (Microsoft Corporation)R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2014-08-16] (Microsoft Corporation)R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2014-08-16] (Microsoft Corporation)R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)R5 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [538136 2010-01-15] (Intel Corporation)R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2014-08-16] (Microsoft Corporation)R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155072 2014-08-16] (Microsoft Corporation)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-21] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] (Microsoft Corporation)R5 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-21] (Microsoft Corporation)R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2014-08-16] (Microsoft Corporation)R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2014-08-16] (Microsoft Corporation)R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)R5 pciide; C:\Windows\System32\DRIVERS\pciide.sys [12352 2009-07-14] (Microsoft Corporation)R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)R5 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2015-03-04] (Duplex Secure Ltd.)R5 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46464 2010-11-21] (Microsoft Corporation)R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-08-16] (Microsoft Corporation)R5 TVALZ; C:\Windows\System32\DRIVERS\TVALZ_O.SYS [26840 2009-07-15] (TOSHIBA Corporation)R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)R5 Wd; C:\Windows\System32\drivers\wd.sys [21056 2009-07-14] (Microsoft Corporation)R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2014-08-16] (Microsoft Corporation)U3 ac5s1ojp; C:\Windows\System32\Drivers\ac5s1ojp.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-22 00:20 - 2015-08-22 00:21 - 00020555 _____ C:\Users\sebseb\Desktop\FRST.txt2015-08-22 00:19 - 2015-08-22 00:19 - 02173952 _____ (Farbar) C:\Users\sebseb\Desktop\FRST64.exe2015-08-22 00:19 - 2015-08-22 00:19 - 00001097 _____ C:\Users\sebseb\Desktop\malware bytes scan.txt2015-08-21 22:18 - 2015-08-21 22:44 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)2015-08-21 22:17 - 2015-08-21 22:17 - 00000000 ____D C:\program files new2015-08-21 22:15 - 2015-08-21 22:16 - 16563304 _____ (Malwarebytes Corp.) C:\Users\sebseb\Downloads\mbar-1.09.2.1008.exe2015-08-21 22:13 - 2015-08-21 22:14 - 00026357 _____ C:\Users\sebseb\Downloads\Addition.txt2015-08-21 22:11 - 2015-08-22 00:20 - 00000000 ____D C:\FRST2015-08-21 22:11 - 2015-08-21 22:14 - 00027574 _____ C:\Users\sebseb\Downloads\FRST.txt2015-08-21 20:36 - 2015-08-21 20:36 - 00001055 _____ C:\Users\Public\Desktop\Kaspersky Security Scan.lnk2015-08-21 20:36 - 2015-08-21 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan2015-08-21 20:36 - 2015-08-21 20:36 - 00000000 ____D C:\ProgramData\Kaspersky Lab2015-08-21 20:36 - 2015-08-21 20:36 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab2015-08-21 19:20 - 2015-08-21 19:20 - 00891741 _____ C:\Users\sebseb\Downloads\a1Y1Gwb_460sv.mp42015-08-20 02:01 - 2015-08-20 02:01 - 00000000 ____D C:\Users\sebseb\Downloads\Darling Violetta2015-08-20 01:05 - 2015-08-20 18:16 - 00000000 ____D C:\Users\sebseb\Desktop\9202015-08-18 23:34 - 2015-08-18 23:34 - 00000000 ____D C:\Users\sebseb\Desktop\hachiman2015-08-10 18:40 - 2015-08-10 18:41 - 00000000 ____D C:\Users\sebseb\Desktop\derp2015-08-09 23:35 - 2015-08-09 23:35 - 00945342 _____ C:\Users\sebseb\Downloads\anB4wYB_460sv.mp42015-08-07 21:59 - 2015-08-07 21:59 - 00771481 _____ C:\Users\sebseb\Downloads\230163902015-08-06 22:27 - 2015-08-06 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone2015-08-06 22:27 - 2015-08-06 22:27 - 00000000 ____D C:\Program Files (x86)\Windows Phone2015-08-06 22:23 - 2015-08-06 22:23 - 06745792 _____ (Microsoft Corporation) C:\Users\sebseb\Downloads\WindowsPhone (1).exe2015-08-06 22:16 - 2015-08-06 22:16 - 00772430 _____ C:\Windows\SysWOW64\PerfStringBackup.INI2015-08-06 22:07 - 2015-08-06 22:07 - 06745792 _____ (Microsoft Corporation) C:\Users\sebseb\Downloads\WindowsPhone.exe2015-08-06 22:07 - 2015-08-06 22:07 - 00889416 _____ (Microsoft Corporation) C:\Users\sebseb\Downloads\dotNetFx40_Full_setup.exe2015-08-06 22:07 - 2015-08-06 22:07 - 00000000 ____D C:\ProgramData\Applications2015-08-06 19:11 - 2015-08-21 22:16 - 00000000 ____D C:\Users\sebseb\Desktop\New folder2015-08-04 16:13 - 2015-08-04 16:13 - 00721613 _____ C:\Users\sebseb\Downloads\aXXjVPP_460sv.mp42015-08-02 15:17 - 2015-08-04 15:57 - 00000965 _____ C:\Users\Public\Desktop\AVG 2015.lnk2015-07-31 16:11 - 2015-07-31 16:11 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7AE925BA.sys2015-07-28 11:02 - 2015-07-28 11:02 - 00312752 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys2015-07-28 11:01 - 2015-07-28 11:01 - 00245680 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys2015-07-27 18:05 - 2015-07-27 18:05 - 00395784 _____ C:\Users\sebseb\Downloads\aOmrgnv_460sv.mp42015-07-26 00:44 - 2015-07-26 00:44 - 00345880 _____ C:\Users\sebseb\Downloads\a4LGOB1_460sv.mp42015-07-25 17:47 - 2015-08-18 15:43 - 00000000 ____D C:\Users\sebseb\Desktop\proiect oliver ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-21 23:48 - 2015-03-03 12:30 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-08-21 23:30 - 2015-03-03 12:18 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-08-21 23:26 - 2015-03-04 11:58 - 00000000 ____D C:\Users\sebseb\AppData\Roaming\uTorrent2015-08-21 23:20 - 2015-03-03 10:15 - 01819381 _____ C:\Windows\WindowsUpdate.log2015-08-21 22:17 - 2015-03-03 12:13 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys2015-08-21 22:00 - 2009-07-14 07:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-08-21 22:00 - 2009-07-14 07:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-08-21 21:54 - 2015-03-20 21:00 - 00000000 ____D C:\Program Files (x86)\Steam2015-08-21 21:53 - 2015-03-03 12:30 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-08-21 21:52 - 2015-03-05 21:36 - 00030924 _____ C:\Windows\setupact.log2015-08-21 21:52 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2015-08-21 20:44 - 2015-03-04 02:30 - 00000000 ____D C:\Users\sebseb\AppData\Roaming\QuickScan2015-08-21 15:51 - 2015-03-03 12:03 - 00000000 ____D C:\ProgramData\MFAData2015-08-21 15:46 - 2009-07-14 07:45 - 05037928 _____ C:\Windows\system32\FNTCACHE.DAT2015-08-13 14:59 - 2015-03-12 03:25 - 00000000 ____D C:\Windows\system32\MRT2015-08-13 14:52 - 2015-03-03 10:20 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2015-08-10 19:34 - 2015-05-09 14:52 - 00000000 ___HD C:\Users\sebseb\Desktop\[Originals]2015-08-06 22:16 - 2009-07-14 08:13 - 00772430 _____ C:\Windows\system32\PerfStringBackup.INI2015-08-04 15:57 - 2015-03-03 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG2015-08-02 15:20 - 2015-04-26 01:14 - 00002370 _____ C:\Windows\PFRO.log2015-07-31 17:43 - 2015-03-16 18:37 - 00000000 ____D C:\Users\sebseb\Downloads\Outlook.com Some files in TEMP:====================C:\Users\sebseb\AppData\Local\Temp\Actualizare Smart Bill Standard 2539794953251104561.exeC:\Users\sebseb\AppData\Local\Temp\AVG.exeC:\Users\sebseb\AppData\Local\Temp\ose00000.exeC:\Users\sebseb\AppData\Local\Temp\swt-win32-3349.dllC:\Users\sebseb\AppData\Local\Temp\uttCCB1.tmp.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signedC:\Windows\SysWOW64\dnsapi.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signed nointegritychecks: ==> "IntegrityChecks" is disabled. <===== ATTENTION LastRegBack: 2015-08-13 21:15 ==================== End of log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-08-2015 02Ran by sebseb (2015-08-22 00:21:30)Running from C:\Users\sebseb\DesktopBoot Mode: Normal========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-145485975-1998042031-899343709-500 - Administrator - Disabled)Guest (S-1-5-21-145485975-1998042031-899343709-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-145485975-1998042031-899343709-1002 - Limited - Enabled)sebseb (S-1-5-21-145485975-1998042031-899343709-1000 - Administrator - Enabled) => C:\Users\sebseb ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.4 - )µTorrent (HKU\S-1-5-21-145485975-1998042031-899343709-1000\...\uTorrent) (Version: 3.4.3.40097 - BitTorrent Inc.)ACDSee Pro 5 (HKLM-x32\...\{35E0BA9D-3AFE-402A-99CA-D94FE1E73D18}) (Version: 5.3.168 - ACD Systems International Inc.)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)Adobe Reader XI (11.0.12) - Romanian (HKLM-x32\...\{AC76BA86-7AD7-1048-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)ATI Catalyst Install Manager (HKLM\...\{61D4B846-49F8-2639-A4EB-977875265F37}) (Version: 3.0.769.0 - ATI Technologies, Inc.)AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6125 - AVG Technologies)AVG 2015 (Version: 15.0.4401 - AVG Technologies) HiddenAVG 2015 (Version: 15.0.6125 - AVG Technologies) HiddenBattle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.67.1076 - AB Team, d.o.o.)ccc-core-static (x32 Version: 2010.0426.2136.36953 - ATI) HiddenCCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)Conexant Audio Driver For AMD HDMI Codec (HKLM\...\CNXT_AUDIO_HDA_HDMI) (Version: 4.98.26.0 - Conexant)Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.61 - Conexant)DFX for Winamp (HKLM-x32\...\DFX for Winamp) (Version: 9.103.0.0 - Power Technology)Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) HiddenHeroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 15.0.0.740 - Kaspersky Lab)Kaspersky Security Scan (x32 Version: 15.0.0.740 - Kaspersky Lab) HiddenLeague of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)League of Legends (x32 Version: 3.0.1 - Riot Games) HiddenMalwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)Microsoft Games for Windows - LIVE (HKLM-x32\...\{B45FABE7-D101-4D99-A671-E16DA40AF7F0}) (Version: 3.0.86.0 - Microsoft Corporation)Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{B578C85A-A84C-4230-A177-C5B2AF565B8C}) (Version: 3.0.17.0 - Microsoft Corporation)Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla)Mozilla Thunderbird 24.6.0 (x86 ro) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 ro)) (Version: 24.6.0 - Mozilla)PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) HiddenPowerISO (HKLM-x32\...\PowerISO) (Version: 5.5 - Power Software Ltd)Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)Smart Bill Standard 2014 (HKLM-x32\...\Smart Bill Standard) (Version: 2.0.2 - Intelligent IT)Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)Toshiba Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.10 - TOSHIBA)TOSHIBA ConfigFree (HKLM-x32\...\{E0FAA369-B0E3-48B8-9447-4873103B0012}) (Version: 8.0.34 - TOSHIBA CORPORATION)TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)TOSHIBA Hardware Setup (HKLM-x32\...\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}) (Version: 2.00.06 - TOSHIBA Corporation)TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.19.64 - TOSHIBA Corporation)TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)Winamp Detector Plug-in (HKU\S-1-5-21-145485975-1998042031-899343709-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 05:34 - 2009-06-11 00:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {107CD789-D0FC-41B0-98FA-E8653AB975D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)Task: {14D576B5-371F-4009-B3A3-4BE3B17025B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.)Task: {69CA6C37-1533-4BFA-A573-97B410C11160} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-06-04] (TOSHIBA CORPORATION)Task: {9AD4BC67-2D55-4417-BDB5-2F99BE8B77A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)Task: {D6864AEB-4256-4208-8A2B-53B5FDCF3266} - System32\Tasks\0215avUpdateInfo => C:\ProgramData\Avg_Update_0215av\0215av_AVG-Secure-Search-Update.exe [2015-02-17] ()Task: {FBDA8699-00BA-411F-97D2-C99B52E29C4C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\0215avUpdateInfo.job => C:\ProgramData\Avg_Update_0215av\0215av_AVG-Secure-Search-Update.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2010-04-08 03:07 - 2010-04-08 03:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll2009-11-04 00:26 - 2009-11-04 00:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll2010-03-04 01:15 - 2010-03-04 01:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll2010-03-04 01:15 - 2010-03-04 01:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll2015-03-03 10:28 - 2009-06-23 01:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll2009-03-13 06:08 - 2009-03-13 06:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll2009-10-13 21:00 - 2009-10-13 21:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll2015-03-03 10:39 - 2015-03-03 10:39 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll2015-06-03 13:44 - 2015-06-03 13:44 - 00315648 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\dblite.dll2015-06-03 13:50 - 2015-06-03 13:50 - 00267264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\webcore.dll2015-06-03 13:50 - 2015-06-03 13:50 - 41268224 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libcef.dll2015-06-03 13:50 - 2015-06-03 13:50 - 01402368 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libglesv2.dll2015-06-03 13:50 - 2015-06-03 13:50 - 00212992 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libegl.dll2015-03-20 21:02 - 2015-07-03 19:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll2015-03-20 21:02 - 2015-07-03 19:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll2015-03-20 21:02 - 2015-07-03 19:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll2015-03-20 21:02 - 2015-07-03 19:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll2015-03-20 21:02 - 2015-08-19 23:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll2015-03-20 21:02 - 2014-12-02 00:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll2015-03-20 21:02 - 2014-12-02 00:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll2015-03-20 21:02 - 2014-12-02 00:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll2015-03-20 21:02 - 2014-12-02 00:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll2015-03-20 21:02 - 2014-12-02 00:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll2015-03-20 21:02 - 2015-08-19 23:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL2015-07-22 16:48 - 2015-07-27 04:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll2015-03-20 21:02 - 2015-07-03 19:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll2015-08-21 15:49 - 2015-08-18 08:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll2015-08-21 15:49 - 2015-08-18 08:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-145485975-1998042031-899343709-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\sebseb\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpgDNS Servers: 93.170.123.36 - 8.8.8.8HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{9713D1F2-AF42-4905-92F8-1D3458C0582F}C:\smart bill standard 2014\libj\launch4j-tmp\smart bill standard.exe] => (Allow) C:\smart bill standard 2014\libj\launch4j-tmp\smart bill standard.exeFirewallRules: [uDP Query User{18C886F6-985C-4BD5-BE94-B26A0431008A}C:\smart bill standard 2014\libj\launch4j-tmp\smart bill standard.exe] => (Allow) C:\smart bill standard 2014\libj\launch4j-tmp\smart bill standard.exeFirewallRules: [{8D5E76F5-1634-4B6D-A869-9AFDFA33AE0C}] => (Allow) C:\Smart Bill Standard 2014\libj\launch4j-tmp\Smart Bill Standard.exeFirewallRules: [TCP Query User{0FB143E0-E03C-45DD-8758-CD1B3FE94EC9}C:\smart bill standard 2015\libj\launch4j-tmp\smart bill standard.exe] => (Allow) C:\smart bill standard 2015\libj\launch4j-tmp\smart bill standard.exeFirewallRules: [uDP Query User{9692EEA5-A740-4273-A8ED-19A88355CB88}C:\smart bill standard 2015\libj\launch4j-tmp\smart bill standard.exe] => (Allow) C:\smart bill standard 2015\libj\launch4j-tmp\smart bill standard.exeFirewallRules: [{26205FFD-921F-4007-B40A-07433B39B4B7}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exeFirewallRules: [{4C6F40C7-CAD0-455F-8B0D-16FA1D6A659C}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exeFirewallRules: [TCP Query User{8C50F038-86D9-4736-83E3-0A9DECA246C1}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exeFirewallRules: [uDP Query User{2FE5FF0B-C46E-4C22-94A0-F13EA9DF5565}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exeFirewallRules: [{663DAA57-AF0E-4A85-82D1-CBAACAB64468}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{0D66D07B-1F93-443D-AC30-8605D8B050DC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{41372711-6C77-4241-968E-A4A45E79A709}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{1979ECAF-F6F2-4B2B-A600-4C3B3CA5C211}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{0792E106-8B5F-40F7-B03B-ACAF37EAB88A}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exeFirewallRules: [{7DE95AA9-6C0E-43DF-AC75-D4CEF1BE5B72}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exeFirewallRules: [{C3BFEA85-8068-4496-92A9-FE6209FBA12F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exeFirewallRules: [TCP Query User{831E9EE1-3CEC-457A-A5B9-7A84A4521CC0}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exeFirewallRules: [uDP Query User{EF2F94A3-64B6-49DF-BED3-6D5DFEB27317}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exeFirewallRules: [{D6FAAAFA-C15D-4A62-9C6C-35F6FB06F774}] => (Allow) D:\Program Files (x86)\battlenet\Battle.net\Battle.net.exeFirewallRules: [{3D175A2E-24FC-4A13-A257-76518969A476}] => (Allow) D:\Program Files (x86)\battlenet\Battle.net\Battle.net.exeFirewallRules: [TCP Query User{E56531BC-BAEC-41C5-A402-8D40EC3168DF}D:\games (x86)\heroes of the storm\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) D:\games (x86)\heroes of the storm\heroes of the storm\versions\base35702\heroesofthestorm_x64.exeFirewallRules: [uDP Query User{638F06E3-5A7A-48B4-93A0-D9936A987545}D:\games (x86)\heroes of the storm\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) D:\games (x86)\heroes of the storm\heroes of the storm\versions\base35702\heroesofthestorm_x64.exeFirewallRules: [{5F99DF7B-107C-492D-975E-A5990F839D6D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exeFirewallRules: [{35ADD663-943C-4CFD-8AE8-90A8C6F2AE03}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exeFirewallRules: [{CC119F7B-17D2-451B-9298-4C8EC6BB4C50}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exeFirewallRules: [{4BCAED69-7F80-46F5-B02F-478168C03102}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exeFirewallRules: [{FE6E1152-01F5-4541-BA72-6653D10CBEB7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exeFirewallRules: [{267A6339-C9E5-4BDD-8271-215DA0CA80EF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exeFirewallRules: [{F6EE0269-F47D-4ADF-AC15-6EB8386165CB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exeFirewallRules: [{C1E54E9A-36CB-4BC5-8B79-A3CECFF7EFCC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exeFirewallRules: [{896841F7-2AA1-46BC-B726-26BB77E6D5C7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (08/21/2015 09:54:02 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2015 03:48:06 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/20/2015 03:45:06 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/19/2015 05:21:35 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/18/2015 03:14:29 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/17/2015 04:15:12 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/16/2015 01:28:49 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/15/2015 02:33:56 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/14/2015 06:49:18 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/13/2015 02:46:36 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors:=============Error: (08/21/2015 09:55:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Steam Client Service service failed to start due to the following error: %%1053 Error: (08/21/2015 09:55:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error: (08/21/2015 08:36:13 PM) (Source: volsnap) (EventID: 36) (User: )Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (08/21/2015 04:26:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service. Error: (08/20/2015 04:48:35 PM) (Source: volsnap) (EventID: 36) (User: )Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (08/19/2015 01:54:52 AM) (Source: volsnap) (EventID: 36) (User: )Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (08/17/2015 10:03:43 PM) (Source: volsnap) (EventID: 36) (User: )Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (08/16/2015 11:04:28 PM) (Source: volsnap) (EventID: 36) (User: )Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (08/15/2015 08:50:38 PM) (Source: volsnap) (EventID: 36) (User: )Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (08/15/2015 03:41:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. Microsoft Office:========================= ==================== Memory info =========================== Processor: Intel® Core i5 CPU M 450 @ 2.40GHzPercentage of memory in use: 78%Total physical RAM: 3957.86 MBAvailable physical RAM: 844.26 MBTotal Virtual: 7913.9 MBAvailable Virtual: 3918 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:34.08 GB) (Free:3.45 GB) NTFSDrive d: () (Fixed) (Total:263.91 GB) (Free:24.23 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 18938AD1)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=34.1 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=263.9 GB) - (Type=07 NTFS) ==================== End of log ============================ RogueKiller V10.10.1.0 [Aug 17 2015] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : sebseb [Administrator]Started from : C:\Users\sebseb\Desktop\RogueKiller.exeMode : Scan -- Date : 08/22/2015 00:46:00 ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 6 ¤¤¤[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 93.170.123.36 8.8.8.8 ([CZ][-]) -> Found[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 93.170.123.36 8.8.8.8 ([CZ][-]) -> Found[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 93.170.123.36 8.8.8.8 ([CZ][-]) -> Found[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1B57B31B-F51E-4EA6-A472-101DA28592E8} | DhcpNameServer : 93.170.123.36 8.8.8.8 ([CZ][-]) -> Found[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1B57B31B-F51E-4EA6-A472-101DA28592E8} | DhcpNameServer : 93.170.123.36 8.8.8.8 ([CZ][-]) -> Found[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{1B57B31B-F51E-4EA6-A472-101DA28592E8} | DhcpNameServer : 93.170.123.36 8.8.8.8 ([CZ][-]) -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤+++++ PhysicalDrive0: Hitachi HTS545032B9A300 +++++--- User ---[MBR] 481350206ee1861da549dcf8cd7cc011[bSP] 7707e08fd20096851f6401b0d00bd206 : Windows Vista/7/8|VT.Unknown MBR CodePartition table:0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 34899 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 71680000 | Size: 270244 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]User = LL1 ... OKUser = LL2 ... OK