Hi 2 more scans farbar completed thanks
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Ray at 2015-04-04 21:54:52
Running from C:\Users\Ray\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Spybot - Search and Destroy (Disabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ad-Aware Antivirus (HKLM\...\{35CC81F8-F385-4B79-91A8-3163420F5D01}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
Ad-Aware Web Companion (Version: 1.1.894.1779 - Lavasoft) Hidden
AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AudioBox USB driver (HKLM\...\USB_AUDIO_DEusb-audio.depresonusAudioBoxUSB) (Version: - )
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v6.40.00(T) - TOSHIBA CORPORATION)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Convert Genius v3.0 (HKLM\...\Convert Genius_is1) (Version: 3.0 - ACAUtilities, Inc.)
Desktop iCalendar Lite (HKLM\...\Desktop iCalendar Lite_is1) (Version: - Desksware, Inc.)
DVD Architect Studio 5.0 (HKLM\...\{E3D1078F-9660-11E2-9E28-F04DA23A5C58}) (Version: 5.0.178 - Sony)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Evidence Smart v3.8 (HKLM\...\Evidence Smart_is1) (Version: 3.8 - ACAUtilities, Inc.)
FFmpeg v0.6.2 for Audacity (HKLM\...\FFmpeg for Audacity_is1) (Version: - )
FileAlyzer 2 (HKLM\...\{29D3773E-54F4-23C2-D523-236A4453B845}_is1) (Version: 2.0.5.57 - Safer Networking Limited)
FormatFactory 3.3.5.0 (HKLM\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
HandBrake 0.9.9.1 (HKLM\...\HandBrake) (Version: 0.9.9.1 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
LavasoftTcpService (Version: 2.3.3.0 - Lavasoft) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Studio Platinum 12.0 (HKLM\...\{6880D25E-9588-11E2-946C-F04DA23A5C58}) (Version: 12.0.895 - Sony)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MYOB AccountRight Plus v19.7 (HKLM\...\InstallShield_{99E420FC-372C-4107-BA85-4CC44E265C2A}) (Version: 19.7 - MYOB Technology Pty Ltd)
MYOB AccountRight Plus v19.7 (Version: 19.7 - MYOB Technology Pty Ltd) Hidden
MYOB ODBC Direct v10 AUS (HKLM\...\InstallShield_{55D5A77E-FAAA-4358-B3E5-6565E024F78B}) (Version: 10.1.0 - MYOB Technology Pty Ltd)
MYOB ODBC Direct v10 AUS (Version: 10.1.0 - MYOB Technology Pty Ltd) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.6 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
PreSonus Studio One 2 (HKLM\...\PreSonus Studio One 2) (Version: 2.6.0.24200 - PreSonus Audio Electronics)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
Recoveryer Ultimate Edition 2.5 (HKLM\...\Recoveryer Ultimate Edition_is1) (Version: - http://www.acautilities.com/rc/)
RegAlyzer (HKLM\...\{296B2D8E-CE82-92AF-B2E8-A646E7CB78A2}_is1) (Version: 1.6.2.16 - Safer-Networking Ltd.)
Registry Easy v5.6 (HKLM\...\Registry Easy_is1) (Version: 5.6 - ACAUtilities, Inc.)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Vocal Eraser (HKLM\...\Sony Vocal Eraser_is1) (Version: 1.00 - iZotope, Inc.)
Sound Forge Audio Studio 10.0 (HKLM\...\{75648F62-925B-11E2-B9EF-F04DA23A5C58}) (Version: 10.0.245 - Sony)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.14 - TOSHIBA)
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 2.2.0 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Video Download Capture version 4.9.0 (HKLM\...\{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1) (Version: 4.9.0 - APOWERSOFT LIMITED)
VLC media player 2.0.0 (HKLM\...\VLC media player) (Version: 2.0.0 - VideoLAN)
VSDC Free Video Editor version 2.1.8.150 (HKLM\...\VSDC Free Video Editor_is1) (Version: 2.1.8.150 - Flash-Integro LLC)
Web Companion (HKLM\...\{6531A1EB-1C55-4577-964C-9140D918CB29}_WebCompanion) (Version: 1.1.894.1779 - Lavasoft)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2577715357-3074203239-3946342261-1001_Classes\CLSID\{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B}\InprocServer32 -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBtExt.dll (TOSHIBA)
==================== Restore Points =========================
23-03-2015 00:56:55 Windows Backup
23-03-2015 12:47:33 Windows Update
27-03-2015 23:09:06 Windows Update
29-03-2015 12:10:12 Restore Point Created by FRST
29-03-2015 19:00:03 Windows Backup
01-04-2015 00:16:43 Windows Update
04-04-2015 09:58:34 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 13:04 - 2015-03-24 22:36 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {19B32017-B8B4-4AE8-9F32-5DF479BBDDD1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {29A94A78-9989-4AA9-849C-D0549AD3CC1E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-20] (Piriform Ltd)
Task: {3C3A5F8F-392A-44D7-B463-4BD79FFD09BE} - System32\Tasks\{01A379E2-0855-4A20-BA7A-287AC744EEE8} => pcalua.exe -a "C:\Program Files\Toshiba\Bluetooth Toshiba Stack\As0.exe" -d "C:\Program Files\Toshiba\Bluetooth Toshiba Stack" -c /MODE=0 /q
Task: {4EF50C74-FF7A-4DB7-8C71-5D4EDE709195} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8EC26925-9073-49E1-8F5F-FDC9E3097D37} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-22] (Adobe Systems Incorporated)
Task: {909D7733-86EA-4E37-B023-BE1C49ECEFB9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {9B828AB8-FDB6-4A71-BA7E-C35E05B03E27} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {C39E7B09-1360-414A-ACE2-CAF6ADE6D412} - System32\Tasks\{81E40D9F-EC32-43C1-8BF0-2091D72D5A30} => pcalua.exe -a "G:\DRIVERS and SOFTWARE PROGRAMS\DocuPrint M205b\fxdpm205bhb110210w2kcien.EXE" -d "G:\DRIVERS and SOFTWARE PROGRAMS\DocuPrint M205b"
Task: {D1EB0593-7D7C-403C-97E4-9D44BBDED797} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2015-03-10 18:49 - 2015-03-10 18:49 - 02563592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareShellExtension.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02423264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\RCF.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00110104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_filesystem-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00022032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_system-vc100-mt-1_57.dll
2015-02-18 22:31 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-02-18 22:31 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2015-02-18 22:31 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-03-10 18:49 - 2015-03-10 18:49 - 08216048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
2015-03-10 18:49 - 2015-03-10 18:49 - 00048152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_date_time-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00090128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_thread-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00029712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_chrono-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00405520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_locale-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 01632248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\HtmlFramework.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00870408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTrayDefaultSkin.dll
2015-02-23 13:02 - 2015-02-23 13:02 - 00072512 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2015-02-23 13:02 - 2015-02-23 13:02 - 00176488 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2015-02-23 13:02 - 2015-02-23 13:02 - 00046408 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2015-02-23 13:03 - 2015-02-23 13:03 - 00120152 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2015-02-18 22:31 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2015-03-10 18:47 - 2015-03-10 18:47 - 00670808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
2015-03-10 18:49 - 2015-03-10 18:49 - 10575360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareServiceKernel.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00634896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_regex-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00592896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareActivation.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00415760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareApplicationUpdater.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00640512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareGamingMode.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00087536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareReset.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00104944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTime.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00770064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdater.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00692768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdaterScheduler.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00866304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIgnoreList.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00217600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareQuarantine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00806408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiMalwareEngine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00182280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiRootkitEngine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00873480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerHistory.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 01019896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScanner.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00030224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_timer-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00769544 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerScheduler.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00897040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00194048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIncompatibles.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00711672 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiSpam.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00677376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiPhishing.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02370056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareParentalControl.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02667008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareWebProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 01013768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareEmailProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00046616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_iostreams-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00998408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNetworkProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00766960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePromo.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00304632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareFeedback.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02125840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareThreatWorkAlliance.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00973304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePinCode.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00767480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNotice.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00767480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAvcEngine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00928280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtectionHistory.dll
2015-02-23 13:02 - 2015-02-23 13:02 - 00017768 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2015-02-23 13:02 - 2015-02-23 13:02 - 00012144 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2015-02-23 13:02 - 2015-02-23 13:02 - 00034152 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: BackupStack => 2
MSCONFIG\Services: IHProtect Service => 2
MSCONFIG\Services: nefuquko => 2
MSCONFIG\Services: serverjo => 2
MSCONFIG\Services: serversu => 2
MSCONFIG\Services: voxilyni => 2
MSCONFIG\Services: WindowsMangerProtect => 2
==================== Accounts: =============================
Administrator (S-1-5-21-2577715357-3074203239-3946342261-500 - Administrator - Disabled)
Guest (S-1-5-21-2577715357-3074203239-3946342261-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2577715357-3074203239-3946342261-1002 - Limited - Enabled)
Ray (S-1-5-21-2577715357-3074203239-3946342261-1001 - Administrator - Enabled) => C:\Users\Ray
==================== Faulty Device Manager Devices =============
Name: GT-N7000
Description: GT-N7000
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: SAMSUNG Electronics Co. Ltd.
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/04/2015 09:53:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/04/2015 09:22:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Desktop iCalendar Lite.exe, version: 2.0.0.290, time stamp: 0x51d7ac45
Faulting module name: mscorwks.dll, version: 2.0.50727.5485, time stamp: 0x53a121fa
Exception code: 0x80131506
Fault offset: 0x001c2812
Faulting process id: 0x%9
Faulting application start time: 0xDesktop iCalendar Lite.exe0
Faulting application path: Desktop iCalendar Lite.exe1
Faulting module path: Desktop iCalendar Lite.exe2
Report Id: Desktop iCalendar Lite.exe3
Error: (04/04/2015 09:22:52 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Fatal Execution Engine Error (6F032812) (80131506)
Error: (04/04/2015 09:52:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/03/2015 00:30:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2015 08:36:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2015 00:57:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2015 00:11:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2015 09:49:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/29/2015 06:28:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (04/04/2015 09:54:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (04/04/2015 09:54:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (04/04/2015 09:53:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
%%1058
Error: (04/04/2015 09:53:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the IE Search Set service to connect.
Error: (04/04/2015 09:53:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (04/04/2015 09:53:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (04/04/2015 09:52:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Media Center Extender Service service depends on the Remote Desktop Services service which failed to start because of the following error:
%%1058
Error: (04/04/2015 09:49:47 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (04/04/2015 09:52:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (04/04/2015 09:52:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Microsoft Office Sessions:
=========================
Error: (03/07/2015 00:32:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6428 seconds with 1080 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-04-01 01:11:52.273
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-30 11:00:01.639
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-30 10:00:00.988
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-29 19:00:01.541
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-28 00:00:01.987
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-27 23:43:38.049
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-27 23:11:25.689
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-27 22:58:52.533
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-27 22:33:38.430
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-26 18:19:01.801
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
Percentage of memory in use: 34%
Total physical RAM: 3066.89 MB
Available physical RAM: 2017.8 MB
Total Pagefile: 6133.77 MB
Available Pagefile: 4954.87 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.61 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:39.7 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: D6B83A66)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Ray (administrator) on QOSMIO on 04-04-2015 21:54:25
Running from C:\Users\Ray\Desktop
Loaded Profiles: Ray (Available profiles: Ray)
Platform: Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
(Desksware) C:\Program Files\desksware\Desktop iCalendar Lite\Desktop iCalendar Lite.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
(Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
() C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2008-12-19] (TOSHIBA CORPORATION)
HKLM\...\Run: [ToshibaServiceStation] => C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [8216048 2015-03-10] ()
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\Run: [Desktop iCalendar Lite.exe] => C:\Program Files\desksware\Desktop iCalendar Lite\Desktop iCalendar Lite.exe [1087232 2013-07-06] (Desksware)
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-20] (Piriform Ltd)
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1298752 2015-02-23] (Lavasoft)
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\Policies\Explorer: [NoSaveSettings] 1
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\Policies\Explorer: [link] 0x00000000
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\MountPoints2: {c3f238a3-49f1-11e3-bfb8-001eec3fd11f} - E:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-au/?ocid=iehp
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10088_cnet_150302
SearchScopes: HKU\S-1-5-21-2577715357-3074203239-3946342261-1001 -> DefaultScope {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10088_cnet_150302&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2577715357-3074203239-3946342261-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?pc=COSP&ptag=D030215-AE491287838034FE996F&form=CONBDF&conlogo=CT3331986&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2577715357-3074203239-3946342261-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10088_cnet_150302&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} http://www.pcpitstop.com/internet/pcpConnCheck.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 48 C:\Windows\system32\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\3er9z533.default
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10088_cnet_150302
FF NewTab: hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10088_cnet_150302
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-02-18] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [670808 2015-03-10] ()
R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe [836984 2015-02-23] (Lavasoft Limited)
S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1740760 2014-09-03] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SearchProtectionService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17768 2015-02-23] ()
R3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [57216 2011-07-11] (TOSHIBA Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2014-04-09] (Wondershare)
S3 PRESONUS_AUDIOBOX_MIDI; C:\Windows\System32\drivers\psabusbm.sys [31864 2009-12-07] (Ploytec GmbH)
S3 PRESONUS_AUDIOBOX_USB; C:\Windows\System32\Drivers\psabusbu.sys [401016 2009-12-07] (Ploytec GmbH)
S3 PRESONUS_AUDIOBOX_WDM; C:\Windows\System32\drivers\psabusba.sys [40568 2009-12-07] (Ploytec GmbH)
R1 SDHookDriver; C:\Program Files\Spybot - Search & Destroy 2\SDHookDrv32.sys [46336 2014-04-25] ()
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [408280 2015-01-22] (BitDefender S.R.L.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-04 21:54 - 2015-04-04 21:54 - 00011656 _____ () C:\Users\Ray\Desktop\FRST.txt
2015-03-29 13:05 - 2015-03-29 13:05 - 00001969 _____ () C:\Users\Ray\Desktop\EsetThreatFound.txt
2015-03-29 12:22 - 2015-03-29 12:22 - 00000000 ____D () C:\Program Files\ESET
2015-03-24 23:24 - 2015-03-24 23:24 - 00002703 _____ () C:\Users\Ray\Desktop\RKreport_SCN_03242015_231402.log
2015-03-24 23:05 - 2015-04-01 01:06 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-24 23:05 - 2015-03-24 23:06 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-24 22:58 - 2015-03-24 23:03 - 16727128 _____ () C:\Users\Ray\Desktop\RogueKiller.exe
2015-03-24 22:13 - 2015-03-24 22:13 - 01135104 _____ (Farbar) C:\Users\Ray\Desktop\FRST.exe
2015-03-22 12:19 - 2015-03-22 12:22 - 00000000 ____D () C:\Users\Ray\Documents\1FITNESS
2015-03-17 12:48 - 2015-03-17 12:48 - 00000529 _____ () C:\Users\Ray\Desktop\aswMBR.txt
2015-03-17 12:11 - 2015-04-04 21:54 - 00000000 ____D () C:\FRST
2015-03-17 12:08 - 2015-03-17 12:08 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-QOSMIO-Windows-7-Home-Premium-(32-bit).dat
2015-03-17 12:07 - 2015-03-17 12:07 - 00000000 ____D () C:\RegBackup
2015-03-17 11:59 - 2015-03-17 11:59 - 00002185 _____ () C:\Users\Ray\Desktop\Tweaking.com - Registry Backup.lnk
2015-03-17 11:59 - 2015-03-17 11:59 - 00000000 ____D () C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-03-17 11:59 - 2015-03-17 11:59 - 00000000 ____D () C:\Program Files\Tweaking.com
2015-03-14 19:03 - 2015-04-04 21:51 - 00001456 _____ () C:\Windows\setupact.log
2015-03-14 19:03 - 2015-03-14 19:03 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-14 19:02 - 2015-03-24 22:39 - 00004920 _____ () C:\Windows\PFRO.log
2015-03-14 18:00 - 2015-03-14 18:00 - 00000000 ____D () C:\CrimeWatch
2015-03-14 16:51 - 2015-03-14 16:51 - 00000000 ____D () C:\Users\Ray\AppData\Local\CrimeWatch
2015-03-14 16:50 - 2015-03-14 16:50 - 00001028 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-14 16:50 - 2015-03-14 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-14 16:50 - 2015-03-14 16:50 - 00000000 ____D () C:\Program Files\VideoLAN
2015-03-14 16:37 - 2015-03-14 16:37 - 00000000 ____D () C:\Users\Ray\AppData\Roaming\omniboxes
2015-03-14 08:24 - 2015-03-14 08:24 - 00000000 ____D () C:\Users\Ray\Documents\TagsRevisited
2015-03-13 18:26 - 2015-02-24 13:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-13 18:26 - 2015-02-21 11:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-13 18:26 - 2015-02-21 11:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-13 18:26 - 2015-02-21 11:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-13 18:26 - 2015-02-21 10:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-13 18:26 - 2015-02-20 13:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-13 18:26 - 2015-02-20 13:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-13 18:26 - 2015-02-20 13:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-13 18:26 - 2015-02-20 13:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-13 18:26 - 2015-02-20 13:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-13 18:26 - 2015-02-20 13:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-13 18:26 - 2015-02-20 13:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-13 18:26 - 2015-02-20 13:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-13 18:26 - 2015-02-20 12:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-13 18:26 - 2015-02-20 12:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-13 18:26 - 2015-02-20 12:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-13 18:26 - 2015-02-20 12:56 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-13 18:26 - 2015-02-20 12:50 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-13 18:26 - 2015-02-20 12:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-13 18:26 - 2015-02-20 12:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-13 18:26 - 2015-02-20 12:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-13 18:26 - 2015-02-20 12:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-13 18:26 - 2015-02-20 12:24 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-13 18:26 - 2015-02-20 12:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-13 18:26 - 2015-02-20 12:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-13 18:26 - 2015-02-20 11:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-13 18:26 - 2015-02-20 11:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-13 18:25 - 2015-02-21 11:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-13 18:25 - 2015-02-20 13:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-13 18:25 - 2015-02-20 12:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-13 18:22 - 2015-02-13 16:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-13 18:22 - 2015-02-03 14:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-13 18:22 - 2015-01-17 13:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-13 18:21 - 2015-02-26 14:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-13 18:17 - 2015-02-03 14:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-13 18:16 - 2015-03-06 16:15 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-13 18:16 - 2015-03-06 16:15 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-13 18:16 - 2015-03-06 16:10 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-13 18:16 - 2015-03-06 16:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-13 18:16 - 2015-03-06 16:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-13 18:16 - 2015-03-06 16:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-13 18:16 - 2015-03-06 16:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-13 18:16 - 2015-03-06 16:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-13 18:16 - 2015-02-20 15:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-13 18:16 - 2015-02-20 15:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-13 18:16 - 2015-02-20 15:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-13 18:16 - 2015-02-20 15:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-13 18:16 - 2015-02-20 14:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-13 18:16 - 2015-02-04 13:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-13 18:15 - 2015-02-03 14:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-13 18:15 - 2015-02-03 14:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-13 18:15 - 2015-02-03 14:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-13 18:15 - 2015-02-03 14:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-13 18:15 - 2015-02-03 14:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-13 18:15 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-13 18:15 - 2015-02-03 14:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-13 18:15 - 2015-02-03 14:11 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-13 18:15 - 2015-02-03 14:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-13 18:15 - 2015-02-03 14:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-13 18:15 - 2015-02-03 14:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-13 18:15 - 2015-02-03 14:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-13 18:15 - 2015-02-03 14:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-13 18:15 - 2015-02-03 14:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-13 18:15 - 2015-02-03 14:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-13 18:15 - 2015-02-03 14:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-13 18:15 - 2015-02-03 14:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-13 18:15 - 2015-02-03 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-13 18:15 - 2015-02-03 14:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-13 18:15 - 2015-02-03 13:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-13 18:15 - 2015-01-31 10:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-13 18:15 - 2014-11-01 09:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-13 18:15 - 2014-06-28 11:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-13 18:15 - 2014-06-28 11:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 07:52 - 2015-03-11 07:52 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-04 21:53 - 2015-03-03 00:53 - 00002321 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-04-04 21:52 - 2009-07-14 15:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-04 21:49 - 2013-11-11 15:55 - 01530301 _____ () C:\Windows\WindowsUpdate.log
2015-04-04 21:44 - 2015-02-17 23:12 - 00000000 ____D () C:\Users\Ray\Documents\VViruuus info
2015-04-04 21:22 - 2015-02-17 20:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-04 10:00 - 2009-07-14 15:34 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-04 10:00 - 2009-07-14 15:34 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-04 09:59 - 2010-11-21 08:01 - 00730320 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-03 04:50 - 2014-10-31 09:18 - 00000000 ____D () C:\Users\Ray\Documents\ABORIGINAL INFORATION
2015-04-01 01:05 - 2013-11-27 22:42 - 00000000 ____D () C:\Users\Ray\AppData\Roaming\vlc
2015-04-01 00:54 - 2014-11-11 02:19 - 00000000 ____D () C:\Program Files\Registry Easy
2015-03-30 11:15 - 2014-11-11 02:45 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-30 10:43 - 2013-11-10 23:28 - 00000000 ____D () C:\Plus19
2015-03-30 09:49 - 2013-11-10 23:00 - 00000204 _____ () C:\Windows\MYOBP.INI
2015-03-30 09:49 - 2013-11-10 23:00 - 00000039 _____ () C:\Windows\MYOB.INI
2015-03-29 17:34 - 2013-11-19 11:29 - 00000000 ____D () C:\Users\Ray\Documents\SEA RAY INVOICES
2015-03-29 12:01 - 2013-01-12 16:18 - 00000000 _____ () C:\sparkraw.log
2015-03-24 21:35 - 2013-11-23 23:37 - 00000000 ____D () C:\Program Files\KEEPASS
2015-03-24 21:03 - 2013-11-10 22:07 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-03-22 10:28 - 2014-06-17 01:25 - 00000000 ____D () C:\Users\Ray\AppData\Local\Adobe
2015-03-22 10:16 - 2013-11-11 13:10 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-03-22 10:16 - 2013-11-11 13:10 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-03-16 13:24 - 2009-07-14 15:53 - 00032574 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-14 19:30 - 2009-07-14 13:37 - 00000000 ____D () C:\Windows\rescache
2015-03-14 18:24 - 2015-03-04 17:23 - 00000000 ____D () C:\Users\Ray\Documents\CCleaner reg backup
2015-03-14 17:57 - 2015-02-21 22:36 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-14 17:57 - 2015-02-21 22:36 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-14 16:37 - 2013-11-10 20:58 - 00001306 _____ () C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-14 16:31 - 2009-07-14 13:37 - 00000000 ____D () C:\Windows\Resources
2015-03-14 16:12 - 2015-02-09 12:34 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-14 16:11 - 2013-11-18 23:19 - 00000000 ____D () C:\Users\Ray\AppData\Roaming\Audacity
2015-03-14 08:45 - 2009-07-14 15:33 - 00406048 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-14 08:16 - 2013-11-12 23:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-13 21:11 - 2013-11-12 23:34 - 00000000 ____D () C:\Users\Ray\Documents\Netbank receipts Bank Statements
2015-03-11 08:09 - 2015-03-03 00:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
==================== Files in the root of some directories =======
2014-09-22 12:46 - 2014-09-22 12:46 - 0004454 _____ () C:\Users\Ray\AppData\Local\recently-used.xbel
2014-09-14 17:38 - 2015-02-27 23:15 - 0007667 _____ () C:\Users\Ray\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\Ray\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-29 10:19
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Ray at 2015-04-04 21:54:52
Running from C:\Users\Ray\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Spybot - Search and Destroy (Disabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ad-Aware Antivirus (HKLM\...\{35CC81F8-F385-4B79-91A8-3163420F5D01}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
Ad-Aware Web Companion (Version: 1.1.894.1779 - Lavasoft) Hidden
AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AudioBox USB driver (HKLM\...\USB_AUDIO_DEusb-audio.depresonusAudioBoxUSB) (Version: - )
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v6.40.00(T) - TOSHIBA CORPORATION)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Convert Genius v3.0 (HKLM\...\Convert Genius_is1) (Version: 3.0 - ACAUtilities, Inc.)
Desktop iCalendar Lite (HKLM\...\Desktop iCalendar Lite_is1) (Version: - Desksware, Inc.)
DVD Architect Studio 5.0 (HKLM\...\{E3D1078F-9660-11E2-9E28-F04DA23A5C58}) (Version: 5.0.178 - Sony)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Evidence Smart v3.8 (HKLM\...\Evidence Smart_is1) (Version: 3.8 - ACAUtilities, Inc.)
FFmpeg v0.6.2 for Audacity (HKLM\...\FFmpeg for Audacity_is1) (Version: - )
FileAlyzer 2 (HKLM\...\{29D3773E-54F4-23C2-D523-236A4453B845}_is1) (Version: 2.0.5.57 - Safer Networking Limited)
FormatFactory 3.3.5.0 (HKLM\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
HandBrake 0.9.9.1 (HKLM\...\HandBrake) (Version: 0.9.9.1 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
LavasoftTcpService (Version: 2.3.3.0 - Lavasoft) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Studio Platinum 12.0 (HKLM\...\{6880D25E-9588-11E2-946C-F04DA23A5C58}) (Version: 12.0.895 - Sony)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MYOB AccountRight Plus v19.7 (HKLM\...\InstallShield_{99E420FC-372C-4107-BA85-4CC44E265C2A}) (Version: 19.7 - MYOB Technology Pty Ltd)
MYOB AccountRight Plus v19.7 (Version: 19.7 - MYOB Technology Pty Ltd) Hidden
MYOB ODBC Direct v10 AUS (HKLM\...\InstallShield_{55D5A77E-FAAA-4358-B3E5-6565E024F78B}) (Version: 10.1.0 - MYOB Technology Pty Ltd)
MYOB ODBC Direct v10 AUS (Version: 10.1.0 - MYOB Technology Pty Ltd) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.6 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
PreSonus Studio One 2 (HKLM\...\PreSonus Studio One 2) (Version: 2.6.0.24200 - PreSonus Audio Electronics)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
Recoveryer Ultimate Edition 2.5 (HKLM\...\Recoveryer Ultimate Edition_is1) (Version: - http://www.acautilities.com/rc/)
RegAlyzer (HKLM\...\{296B2D8E-CE82-92AF-B2E8-A646E7CB78A2}_is1) (Version: 1.6.2.16 - Safer-Networking Ltd.)
Registry Easy v5.6 (HKLM\...\Registry Easy_is1) (Version: 5.6 - ACAUtilities, Inc.)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Vocal Eraser (HKLM\...\Sony Vocal Eraser_is1) (Version: 1.00 - iZotope, Inc.)
Sound Forge Audio Studio 10.0 (HKLM\...\{75648F62-925B-11E2-B9EF-F04DA23A5C58}) (Version: 10.0.245 - Sony)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.14 - TOSHIBA)
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 2.2.0 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Video Download Capture version 4.9.0 (HKLM\...\{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1) (Version: 4.9.0 - APOWERSOFT LIMITED)
VLC media player 2.0.0 (HKLM\...\VLC media player) (Version: 2.0.0 - VideoLAN)
VSDC Free Video Editor version 2.1.8.150 (HKLM\...\VSDC Free Video Editor_is1) (Version: 2.1.8.150 - Flash-Integro LLC)
Web Companion (HKLM\...\{6531A1EB-1C55-4577-964C-9140D918CB29}_WebCompanion) (Version: 1.1.894.1779 - Lavasoft)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2577715357-3074203239-3946342261-1001_Classes\CLSID\{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B}\InprocServer32 -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBtExt.dll (TOSHIBA)
==================== Restore Points =========================
23-03-2015 00:56:55 Windows Backup
23-03-2015 12:47:33 Windows Update
27-03-2015 23:09:06 Windows Update
29-03-2015 12:10:12 Restore Point Created by FRST
29-03-2015 19:00:03 Windows Backup
01-04-2015 00:16:43 Windows Update
04-04-2015 09:58:34 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 13:04 - 2015-03-24 22:36 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {19B32017-B8B4-4AE8-9F32-5DF479BBDDD1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {29A94A78-9989-4AA9-849C-D0549AD3CC1E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-20] (Piriform Ltd)
Task: {3C3A5F8F-392A-44D7-B463-4BD79FFD09BE} - System32\Tasks\{01A379E2-0855-4A20-BA7A-287AC744EEE8} => pcalua.exe -a "C:\Program Files\Toshiba\Bluetooth Toshiba Stack\As0.exe" -d "C:\Program Files\Toshiba\Bluetooth Toshiba Stack" -c /MODE=0 /q
Task: {4EF50C74-FF7A-4DB7-8C71-5D4EDE709195} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8EC26925-9073-49E1-8F5F-FDC9E3097D37} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-22] (Adobe Systems Incorporated)
Task: {909D7733-86EA-4E37-B023-BE1C49ECEFB9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {9B828AB8-FDB6-4A71-BA7E-C35E05B03E27} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {C39E7B09-1360-414A-ACE2-CAF6ADE6D412} - System32\Tasks\{81E40D9F-EC32-43C1-8BF0-2091D72D5A30} => pcalua.exe -a "G:\DRIVERS and SOFTWARE PROGRAMS\DocuPrint M205b\fxdpm205bhb110210w2kcien.EXE" -d "G:\DRIVERS and SOFTWARE PROGRAMS\DocuPrint M205b"
Task: {D1EB0593-7D7C-403C-97E4-9D44BBDED797} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2015-03-10 18:49 - 2015-03-10 18:49 - 02563592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareShellExtension.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02423264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\RCF.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00110104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_filesystem-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00022032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_system-vc100-mt-1_57.dll
2015-02-18 22:31 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-02-18 22:31 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2015-02-18 22:31 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-03-10 18:49 - 2015-03-10 18:49 - 08216048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
2015-03-10 18:49 - 2015-03-10 18:49 - 00048152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_date_time-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00090128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_thread-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00029712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_chrono-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00405520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_locale-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 01632248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\HtmlFramework.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00870408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTrayDefaultSkin.dll
2015-02-23 13:02 - 2015-02-23 13:02 - 00072512 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2015-02-23 13:02 - 2015-02-23 13:02 - 00176488 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2015-02-23 13:02 - 2015-02-23 13:02 - 00046408 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2015-02-23 13:03 - 2015-02-23 13:03 - 00120152 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2015-02-18 22:31 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2015-03-10 18:47 - 2015-03-10 18:47 - 00670808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
2015-03-10 18:49 - 2015-03-10 18:49 - 10575360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareServiceKernel.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00634896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_regex-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00592896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareActivation.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00415760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareApplicationUpdater.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00640512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareGamingMode.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00087536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareReset.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00104944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTime.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00770064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdater.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00692768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdaterScheduler.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00866304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIgnoreList.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00217600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareQuarantine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00806408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiMalwareEngine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00182280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiRootkitEngine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00873480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerHistory.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 01019896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScanner.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00030224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_timer-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00769544 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerScheduler.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00897040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00194048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIncompatibles.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00711672 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiSpam.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00677376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiPhishing.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02370056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareParentalControl.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02667008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareWebProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 01013768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareEmailProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00046616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_iostreams-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00998408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNetworkProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00766960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePromo.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00304632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareFeedback.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02125840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareThreatWorkAlliance.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00973304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePinCode.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00767480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNotice.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00767480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAvcEngine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00928280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtectionHistory.dll
2015-02-23 13:02 - 2015-02-23 13:02 - 00017768 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2015-02-23 13:02 - 2015-02-23 13:02 - 00012144 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2015-02-23 13:02 - 2015-02-23 13:02 - 00034152 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: BackupStack => 2
MSCONFIG\Services: IHProtect Service => 2
MSCONFIG\Services: nefuquko => 2
MSCONFIG\Services: serverjo => 2
MSCONFIG\Services: serversu => 2
MSCONFIG\Services: voxilyni => 2
MSCONFIG\Services: WindowsMangerProtect => 2
==================== Accounts: =============================
Administrator (S-1-5-21-2577715357-3074203239-3946342261-500 - Administrator - Disabled)
Guest (S-1-5-21-2577715357-3074203239-3946342261-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2577715357-3074203239-3946342261-1002 - Limited - Enabled)
Ray (S-1-5-21-2577715357-3074203239-3946342261-1001 - Administrator - Enabled) => C:\Users\Ray
==================== Faulty Device Manager Devices =============
Name: GT-N7000
Description: GT-N7000
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: SAMSUNG Electronics Co. Ltd.
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/04/2015 09:53:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/04/2015 09:22:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Desktop iCalendar Lite.exe, version: 2.0.0.290, time stamp: 0x51d7ac45
Faulting module name: mscorwks.dll, version: 2.0.50727.5485, time stamp: 0x53a121fa
Exception code: 0x80131506
Fault offset: 0x001c2812
Faulting process id: 0x%9
Faulting application start time: 0xDesktop iCalendar Lite.exe0
Faulting application path: Desktop iCalendar Lite.exe1
Faulting module path: Desktop iCalendar Lite.exe2
Report Id: Desktop iCalendar Lite.exe3
Error: (04/04/2015 09:22:52 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Fatal Execution Engine Error (6F032812) (80131506)
Error: (04/04/2015 09:52:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/03/2015 00:30:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2015 08:36:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2015 00:57:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2015 00:11:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2015 09:49:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/29/2015 06:28:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (04/04/2015 09:54:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (04/04/2015 09:54:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (04/04/2015 09:53:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
%%1058
Error: (04/04/2015 09:53:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the IE Search Set service to connect.
Error: (04/04/2015 09:53:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (04/04/2015 09:53:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (04/04/2015 09:52:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Media Center Extender Service service depends on the Remote Desktop Services service which failed to start because of the following error:
%%1058
Error: (04/04/2015 09:49:47 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (04/04/2015 09:52:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (04/04/2015 09:52:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Microsoft Office Sessions:
=========================
Error: (03/07/2015 00:32:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6428 seconds with 1080 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-04-01 01:11:52.273
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-30 11:00:01.639
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-30 10:00:00.988
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-29 19:00:01.541
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-28 00:00:01.987
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-27 23:43:38.049
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-27 23:11:25.689
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-27 22:58:52.533
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-27 22:33:38.430
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-26 18:19:01.801
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDHook32.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
Percentage of memory in use: 34%
Total physical RAM: 3066.89 MB
Available physical RAM: 2017.8 MB
Total Pagefile: 6133.77 MB
Available Pagefile: 4954.87 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.61 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:39.7 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: D6B83A66)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Ray (administrator) on QOSMIO on 04-04-2015 21:54:25
Running from C:\Users\Ray\Desktop
Loaded Profiles: Ray (Available profiles: Ray)
Platform: Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
(Desksware) C:\Program Files\desksware\Desktop iCalendar Lite\Desktop iCalendar Lite.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
(Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
() C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2008-12-19] (TOSHIBA CORPORATION)
HKLM\...\Run: [ToshibaServiceStation] => C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [8216048 2015-03-10] ()
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\Run: [Desktop iCalendar Lite.exe] => C:\Program Files\desksware\Desktop iCalendar Lite\Desktop iCalendar Lite.exe [1087232 2013-07-06] (Desksware)
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-20] (Piriform Ltd)
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1298752 2015-02-23] (Lavasoft)
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\Policies\Explorer: [NoSaveSettings] 1
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\Policies\Explorer: [link] 0x00000000
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\...\MountPoints2: {c3f238a3-49f1-11e3-bfb8-001eec3fd11f} - E:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-au/?ocid=iehp
HKU\S-1-5-21-2577715357-3074203239-3946342261-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10088_cnet_150302
SearchScopes: HKU\S-1-5-21-2577715357-3074203239-3946342261-1001 -> DefaultScope {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10088_cnet_150302&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2577715357-3074203239-3946342261-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?pc=COSP&ptag=D030215-AE491287838034FE996F&form=CONBDF&conlogo=CT3331986&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2577715357-3074203239-3946342261-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10088_cnet_150302&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} http://www.pcpitstop.com/internet/pcpConnCheck.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 48 C:\Windows\system32\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\3er9z533.default
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10088_cnet_150302
FF NewTab: hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10088_cnet_150302
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-02-18] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [670808 2015-03-10] ()
R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe [836984 2015-02-23] (Lavasoft Limited)
S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1740760 2014-09-03] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SearchProtectionService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17768 2015-02-23] ()
R3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [57216 2011-07-11] (TOSHIBA Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2014-04-09] (Wondershare)
S3 PRESONUS_AUDIOBOX_MIDI; C:\Windows\System32\drivers\psabusbm.sys [31864 2009-12-07] (Ploytec GmbH)
S3 PRESONUS_AUDIOBOX_USB; C:\Windows\System32\Drivers\psabusbu.sys [401016 2009-12-07] (Ploytec GmbH)
S3 PRESONUS_AUDIOBOX_WDM; C:\Windows\System32\drivers\psabusba.sys [40568 2009-12-07] (Ploytec GmbH)
R1 SDHookDriver; C:\Program Files\Spybot - Search & Destroy 2\SDHookDrv32.sys [46336 2014-04-25] ()
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [408280 2015-01-22] (BitDefender S.R.L.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-04 21:54 - 2015-04-04 21:54 - 00011656 _____ () C:\Users\Ray\Desktop\FRST.txt
2015-03-29 13:05 - 2015-03-29 13:05 - 00001969 _____ () C:\Users\Ray\Desktop\EsetThreatFound.txt
2015-03-29 12:22 - 2015-03-29 12:22 - 00000000 ____D () C:\Program Files\ESET
2015-03-24 23:24 - 2015-03-24 23:24 - 00002703 _____ () C:\Users\Ray\Desktop\RKreport_SCN_03242015_231402.log
2015-03-24 23:05 - 2015-04-01 01:06 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-24 23:05 - 2015-03-24 23:06 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-24 22:58 - 2015-03-24 23:03 - 16727128 _____ () C:\Users\Ray\Desktop\RogueKiller.exe
2015-03-24 22:13 - 2015-03-24 22:13 - 01135104 _____ (Farbar) C:\Users\Ray\Desktop\FRST.exe
2015-03-22 12:19 - 2015-03-22 12:22 - 00000000 ____D () C:\Users\Ray\Documents\1FITNESS
2015-03-17 12:48 - 2015-03-17 12:48 - 00000529 _____ () C:\Users\Ray\Desktop\aswMBR.txt
2015-03-17 12:11 - 2015-04-04 21:54 - 00000000 ____D () C:\FRST
2015-03-17 12:08 - 2015-03-17 12:08 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-QOSMIO-Windows-7-Home-Premium-(32-bit).dat
2015-03-17 12:07 - 2015-03-17 12:07 - 00000000 ____D () C:\RegBackup
2015-03-17 11:59 - 2015-03-17 11:59 - 00002185 _____ () C:\Users\Ray\Desktop\Tweaking.com - Registry Backup.lnk
2015-03-17 11:59 - 2015-03-17 11:59 - 00000000 ____D () C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-03-17 11:59 - 2015-03-17 11:59 - 00000000 ____D () C:\Program Files\Tweaking.com
2015-03-14 19:03 - 2015-04-04 21:51 - 00001456 _____ () C:\Windows\setupact.log
2015-03-14 19:03 - 2015-03-14 19:03 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-14 19:02 - 2015-03-24 22:39 - 00004920 _____ () C:\Windows\PFRO.log
2015-03-14 18:00 - 2015-03-14 18:00 - 00000000 ____D () C:\CrimeWatch
2015-03-14 16:51 - 2015-03-14 16:51 - 00000000 ____D () C:\Users\Ray\AppData\Local\CrimeWatch
2015-03-14 16:50 - 2015-03-14 16:50 - 00001028 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-14 16:50 - 2015-03-14 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-14 16:50 - 2015-03-14 16:50 - 00000000 ____D () C:\Program Files\VideoLAN
2015-03-14 16:37 - 2015-03-14 16:37 - 00000000 ____D () C:\Users\Ray\AppData\Roaming\omniboxes
2015-03-14 08:24 - 2015-03-14 08:24 - 00000000 ____D () C:\Users\Ray\Documents\TagsRevisited
2015-03-13 18:26 - 2015-02-24 13:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-13 18:26 - 2015-02-21 11:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-13 18:26 - 2015-02-21 11:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-13 18:26 - 2015-02-21 11:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-13 18:26 - 2015-02-21 10:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-13 18:26 - 2015-02-20 13:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-13 18:26 - 2015-02-20 13:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-13 18:26 - 2015-02-20 13:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-13 18:26 - 2015-02-20 13:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-13 18:26 - 2015-02-20 13:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-13 18:26 - 2015-02-20 13:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-13 18:26 - 2015-02-20 13:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-13 18:26 - 2015-02-20 13:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-13 18:26 - 2015-02-20 12:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-13 18:26 - 2015-02-20 12:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-13 18:26 - 2015-02-20 12:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-13 18:26 - 2015-02-20 12:56 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-13 18:26 - 2015-02-20 12:50 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-13 18:26 - 2015-02-20 12:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-13 18:26 - 2015-02-20 12:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-13 18:26 - 2015-02-20 12:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-13 18:26 - 2015-02-20 12:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-13 18:26 - 2015-02-20 12:24 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-13 18:26 - 2015-02-20 12:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-13 18:26 - 2015-02-20 12:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-13 18:26 - 2015-02-20 11:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-13 18:26 - 2015-02-20 11:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-13 18:25 - 2015-02-21 11:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-13 18:25 - 2015-02-20 13:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-13 18:25 - 2015-02-20 12:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-13 18:22 - 2015-02-13 16:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-13 18:22 - 2015-02-03 14:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-13 18:22 - 2015-01-17 13:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-13 18:21 - 2015-02-26 14:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-13 18:17 - 2015-02-03 14:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-13 18:16 - 2015-03-06 16:15 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-13 18:16 - 2015-03-06 16:15 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-13 18:16 - 2015-03-06 16:10 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-13 18:16 - 2015-03-06 16:10 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-13 18:16 - 2015-03-06 16:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-13 18:16 - 2015-03-06 16:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-13 18:16 - 2015-03-06 16:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-13 18:16 - 2015-03-06 16:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-13 18:16 - 2015-03-06 16:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-13 18:16 - 2015-02-20 15:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-13 18:16 - 2015-02-20 15:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-13 18:16 - 2015-02-20 15:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-13 18:16 - 2015-02-20 15:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-13 18:16 - 2015-02-20 14:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-13 18:16 - 2015-02-04 13:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-13 18:15 - 2015-02-03 14:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-13 18:15 - 2015-02-03 14:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-13 18:15 - 2015-02-03 14:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-13 18:15 - 2015-02-03 14:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-13 18:15 - 2015-02-03 14:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-13 18:15 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-13 18:15 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-13 18:15 - 2015-02-03 14:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-13 18:15 - 2015-02-03 14:11 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-13 18:15 - 2015-02-03 14:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-13 18:15 - 2015-02-03 14:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-13 18:15 - 2015-02-03 14:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-13 18:15 - 2015-02-03 14:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-13 18:15 - 2015-02-03 14:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-13 18:15 - 2015-02-03 14:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-13 18:15 - 2015-02-03 14:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-13 18:15 - 2015-02-03 14:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-13 18:15 - 2015-02-03 14:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-13 18:15 - 2015-02-03 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-13 18:15 - 2015-02-03 14:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-13 18:15 - 2015-02-03 13:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-13 18:15 - 2015-01-31 10:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-13 18:15 - 2014-11-01 09:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-13 18:15 - 2014-06-28 11:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-13 18:15 - 2014-06-28 11:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 07:52 - 2015-03-11 07:52 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-04 21:53 - 2015-03-03 00:53 - 00002321 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-04-04 21:52 - 2009-07-14 15:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-04 21:49 - 2013-11-11 15:55 - 01530301 _____ () C:\Windows\WindowsUpdate.log
2015-04-04 21:44 - 2015-02-17 23:12 - 00000000 ____D () C:\Users\Ray\Documents\VViruuus info
2015-04-04 21:22 - 2015-02-17 20:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-04 10:00 - 2009-07-14 15:34 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-04 10:00 - 2009-07-14 15:34 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-04 09:59 - 2010-11-21 08:01 - 00730320 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-03 04:50 - 2014-10-31 09:18 - 00000000 ____D () C:\Users\Ray\Documents\ABORIGINAL INFORATION
2015-04-01 01:05 - 2013-11-27 22:42 - 00000000 ____D () C:\Users\Ray\AppData\Roaming\vlc
2015-04-01 00:54 - 2014-11-11 02:19 - 00000000 ____D () C:\Program Files\Registry Easy
2015-03-30 11:15 - 2014-11-11 02:45 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-30 10:43 - 2013-11-10 23:28 - 00000000 ____D () C:\Plus19
2015-03-30 09:49 - 2013-11-10 23:00 - 00000204 _____ () C:\Windows\MYOBP.INI
2015-03-30 09:49 - 2013-11-10 23:00 - 00000039 _____ () C:\Windows\MYOB.INI
2015-03-29 17:34 - 2013-11-19 11:29 - 00000000 ____D () C:\Users\Ray\Documents\SEA RAY INVOICES
2015-03-29 12:01 - 2013-01-12 16:18 - 00000000 _____ () C:\sparkraw.log
2015-03-24 21:35 - 2013-11-23 23:37 - 00000000 ____D () C:\Program Files\KEEPASS
2015-03-24 21:03 - 2013-11-10 22:07 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-03-22 10:28 - 2014-06-17 01:25 - 00000000 ____D () C:\Users\Ray\AppData\Local\Adobe
2015-03-22 10:16 - 2013-11-11 13:10 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-03-22 10:16 - 2013-11-11 13:10 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-03-16 13:24 - 2009-07-14 15:53 - 00032574 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-14 19:30 - 2009-07-14 13:37 - 00000000 ____D () C:\Windows\rescache
2015-03-14 18:24 - 2015-03-04 17:23 - 00000000 ____D () C:\Users\Ray\Documents\CCleaner reg backup
2015-03-14 17:57 - 2015-02-21 22:36 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-14 17:57 - 2015-02-21 22:36 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-14 16:37 - 2013-11-10 20:58 - 00001306 _____ () C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-14 16:31 - 2009-07-14 13:37 - 00000000 ____D () C:\Windows\Resources
2015-03-14 16:12 - 2015-02-09 12:34 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-14 16:11 - 2013-11-18 23:19 - 00000000 ____D () C:\Users\Ray\AppData\Roaming\Audacity
2015-03-14 08:45 - 2009-07-14 15:33 - 00406048 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-14 08:16 - 2013-11-12 23:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-13 21:11 - 2013-11-12 23:34 - 00000000 ____D () C:\Users\Ray\Documents\Netbank receipts Bank Statements
2015-03-11 08:09 - 2015-03-03 00:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
==================== Files in the root of some directories =======
2014-09-22 12:46 - 2014-09-22 12:46 - 0004454 _____ () C:\Users\Ray\AppData\Local\recently-used.xbel
2014-09-14 17:38 - 2015-02-27 23:15 - 0007667 _____ () C:\Users\Ray\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\Ray\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-29 10:19
==================== End Of Log ============================