Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Url:mal threats detected


  • This topic is locked This topic is locked

#1
cookie88

cookie88

    Member

  • Member
  • PipPip
  • 15 posts

About a week ago I downloaded a video codec to my machine. After that, I got a lot of random search engine programs download to my computer. I can't remember all the names but there was v9 and vosteran amongst them.

 

I uninstalled them and reset my browser settings, thinking that would be it. But ever since I have been having random pop-up from Avast telling me it's blocked a threat. Unfortunately I can't remember the full location of the threat as of now, but I do know that its always something to do with chrome.exe and its in local app data on my machine. If that makes sense. 

 

I have scanned with avast and items were quarantined. I have also scanned many times with malware bytes and it always removes things but never solves the problem. I have also used Adwcleaner and the software removal tool from google. 

 

My machine runs OK for a few hours and then the alerts start up again. Sometimes I have 12 alerts in one go. Other times just 1. I thought my problems were gone. But then today my google chrome browser would not update, so I uninstalled it, hoping to download a fresh copy. But something is blocking the installation. I can an unknown error come up.

 

I also cannot get IE 11 to install on my machine either. Which means I am stuck with an old copy of opera. 

 

I have attached a log from OTL. Any help would be greatly appreciated. Thank you for reading.

Attached Files

  • Attached File  OTL.Txt   107.58KB   123 downloads

Edited by cookie88, 30 December 2014 - 02:55 PM.

  • 0

Advertisements


#2
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello, cookie88. Welcome to Geeks to Go! My nickname is Nevan and I will be helping you getting your system back on its electronic feet.

Before we get started, please keep these things in mind:
  • Always read every part of my post carefully. If you don't, you may do something wrong and there could be more problems to solve.
  • If your security programs give you any warnings when using tools I asked you to, don't be afraid. Every tool I provide to you is 100% safe.
  • Only run tools that I ask you to. Some of them can be dangerous to your system as they have much power.
  • You should save or print my instructions. It is possible that we will be using Safe mode, which will cut you off from your internet connection and without access to them, you might be stuck.
  • Malware removal is a complicated process that takes multiple steps to be completed. Don't give up, be patient.
  • The tools we are going to use and your software may cause unwanted interactions. Because of that, I recommend you to make backups of any important files from your machine before proceeding as they might be lost.
  • I recommend you to stay with me until I tell you that we are done. It is important because when your system does not show any bad symptoms anymore it does not mean that it is 100% clean.
  • Your time to reply is limited. If you don't reply within 3 days, your topic will be closed and you will have to request it to be reopened by contacting one of Moderator group members with the link to this topic.
  • Every program I ask you to download should be saved to and run from desktop. If you don't know how to choose the direction of where a download is saved, check this site. You can also just copy these programs to your desktop manually and then run them from there.
  • Remember that the fixes I give you are only for your machine. Using it on other systems may (and probably will) cause problems.
  • Finally, if you have any questions or are unsure about something, just ask. I will not blame you for it. It is better to ask rather than regret it later.
Also, please note that I'm currently in training, so my answers to you will have to be checked first by an experienced helper before I can post them. This can lengthen the time between my answers to you, but in return you will have an extra person reviewing your log.

Let's get started :)

 
FRST Scan
  • Download Farbar Recovery Scan Tool and save it to your Desktop.
  • Right click FRST64.exe and click Run as administrator. When the tool opens click Yes to disclaimer.
  • Make sure that Addition.txt is checked and press the Scan button.
  • It will produce two logs - one called FRST.txt and another one called Addition.txt in the same directory the tool is run from.
  • Select all (CTRL+A) the content of the logs, copy them (CTRL+C) and paste (CTRL+V) them into your next reply.
 
Things that should appear in your next post:
  • FRST.txt log content
  • Addition.txt log content

  • 0

#3
cookie88

cookie88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Logs posted below.

 

Thank you for your help.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Lea (administrator) on LEA-PC on 30-12-2014 22:11:32
Running from C:\Users\Lea\Downloads
Loaded Profile: Lea (Available profiles: Lea & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Launcher)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(DSGi) C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Sleep Memory Optimizer\FFSService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(TODO: <Company name>) C:\Program Files (x86)\STab\ProtectService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(MicroStudio) C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe
(MicroTools) C:\Program Files (x86)\YouTube Downloader Services\P2\youtubeserv.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(SearchProtect) C:\Program Files (x86)\STab\CmdShell.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(TODO: <Company name>) C:\Program Files (x86)\STab\HPNotify.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe
(BitTorrent Inc.) C:\Users\Lea\AppData\Roaming\uTorrent\uTorrent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Runner.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
() C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(The Chromium Authors) C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\chrome.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Farbar) C:\Users\Lea\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2275944 2011-08-10] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2642728 2011-07-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [ADAiO2StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\ADAiO2MUI.exe [2779136 2010-12-09] (DSGi)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-15] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ADAiO2StatusMonitor] => C:\Windows\System32\spool\drivers\x64\3\ADAiO2MUI.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-21] (AVAST Software)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Registry Helper] => "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\Run: [Google Update] => C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-06] (Google Inc.)
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\Run: [uTorrent] => C:\Users\Lea\AppData\Roaming\uTorrent\uTorrent.exe [1378640 2014-12-10] (BitTorrent Inc.)
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\Run: [WindApp] => "C:\Users\Lea\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\Run: [GoogleChromeAutoLaunch_C63F8F50B803D97E61E75CB961FB0DD5] => "C:\Users\Lea\AppData\Local\Vosteran\Application\vosteran.exe" --auto-launch-at-startup --profile-directory="Default"
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe [855216 2014-12-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\MountPoints2: {7fd6b427-97ee-11e2-9134-eca2cd69f851} - E:\Autorun.exe
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\MountPoints2: {7fd6b613-97ee-11e2-9134-eca2cd69f851} - F:\Autorun.exe
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\MountPoints2: {848a37dc-930e-11e2-b27d-df9d82c3ce52} - D:\Autorun.exe
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\MountPoints2: {ca97fde1-adc3-11e1-af3b-74de2be0d183} - D:\AutoRun.exe
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\MountPoints2: {ca97fe00-adc3-11e1-af3b-74de2be0d183} - D:\AutoRun.exe
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\MountPoints2: {ca97fe11-adc3-11e1-af3b-74de2be0d183} - D:\AutoRun.exe
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\MountPoints2: {ca97fe2f-adc3-11e1-af3b-a0972cb61dbb} - D:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\Users\Lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearc...r=309151058&ir=
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = http://www.mystartse...q={searchTerms}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-826546569-3919575575-2117434215-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {0920DBB1-D098-4ACE-9DDD-7A6F18A9ED66} https://britishgasto...om/HomeVend.cab
DPF: HKLM-x32 {283B7DE7-A1ED-4D27-AA59-C6E7427544D2} https://bg.itronener...yBoxControl.cab
DPF: HKLM-x32 {2A293777-79CA-4DD9-A545-0E1718C0D3CF} https://bg.itronener...yboxControl.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-826546569-3919575575-2117434215-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Lea\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-826546569-3919575575-2117434215-1000: @talk.google.com/O1DPlugin -> C:\Users\Lea\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-826546569-3919575575-2117434215-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-826546569-3919575575-2117434215-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Lea\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Lea\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-01]
 
Chrome: 
=======
CHR Profile: C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default
CHR HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\Chrome\Extension: [kljghhlcggnhofdcnlkelobcehdbnfnd] - C:\Users\Lea\AppData\Roaming\Nectar Search Toolbar\Toolbar_production_61465_85.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-21]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Advent AIO Network Discovery Service; C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe [361904 2011-10-14] (DSGi)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-21] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-12-21] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-21] (Avast Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 FFSOpzSvc; C:\Program Files\Sleep Memory Optimizer\FFSService.exe [141192 2011-09-17] (Acer Incorporated)
R2 IHProtect Service; C:\Program Files (x86)\STab\ProtectService.exe [158864 2014-11-10] (TODO: <Company name>)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
R2 WindowsVNT_R3; C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe [2973600 2014-10-20] (MicroStudio) [File not signed]
R2 YouTubeDownload_P2; C:\Program Files (x86)\YouTube Downloader Services\P2\youtubeserv.exe [2967160 2014-11-01] (MicroTools)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40808 2013-12-13] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-21] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-12-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-21] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-12-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-21] ()
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-08-10] (Qualcomm Atheros)
S3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [119680 2009-08-10] (Gemalto)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-21] (Avast Software)
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-30 22:07 - 2014-12-30 22:07 - 02123264 _____ (Farbar) C:\Users\Lea\Downloads\FRST64 (1).exe
2014-12-30 20:54 - 2014-12-30 20:54 - 00110166 _____ () C:\Users\Lea\Documents\OTL.Txt
2014-12-30 20:40 - 2014-12-30 20:40 - 00602112 _____ (OldTimer Tools) C:\Users\Lea\Downloads\OTL (2).exe
2014-12-30 20:35 - 2014-12-30 20:35 - 00108978 _____ () C:\Users\Lea\Downloads\Extras.Txt
2014-12-30 20:32 - 2014-12-30 20:53 - 00110166 _____ () C:\Users\Lea\Downloads\OTL.Txt
2014-12-30 20:24 - 2014-12-30 20:25 - 00880784 _____ (Google Inc.) C:\Users\Lea\Downloads\ChromeSetup (6).exe
2014-12-30 20:17 - 2014-12-30 20:17 - 00651776 _____ () C:\Users\Lea\Downloads\MicrosoftFixit50228.msi
2014-12-30 20:11 - 2014-12-30 20:11 - 00602112 _____ (OldTimer Tools) C:\Users\Lea\Downloads\OTL (1).exe
2014-12-30 20:10 - 2014-12-30 20:11 - 00602112 _____ (OldTimer Tools) C:\Users\Lea\Downloads\OTL.exe
2014-12-30 20:07 - 2014-12-30 20:07 - 00880784 _____ (Google Inc.) C:\Users\Lea\Downloads\ChromeSetup (5).exe
2014-12-30 20:00 - 2014-12-30 20:00 - 00880784 _____ (Google Inc.) C:\Users\Lea\Downloads\ChromeSetup (4).exe
2014-12-30 19:56 - 2014-12-30 19:56 - 00880784 _____ (Google Inc.) C:\Users\Lea\Downloads\ChromeSetup (3).exe
2014-12-30 19:55 - 2014-12-30 19:55 - 00880784 _____ (Google Inc.) C:\Users\Lea\Downloads\ChromeSetup (2).exe
2014-12-30 16:58 - 2014-12-30 16:58 - 00000197 _____ () C:\Windows\system32\2014-12-30-16-58-12.008-AvastVBoxSVC.exe-3512.log
2014-12-29 20:56 - 2014-12-29 20:56 - 00048165 _____ () C:\Users\Lea\Documents\FRST.txt
2014-12-29 20:55 - 2014-12-29 20:55 - 00038357 _____ () C:\Users\Lea\Documents\Addition.txt
2014-12-29 20:48 - 2014-12-29 20:48 - 00004588 _____ () C:\Users\Lea\Documents\mb.txt
2014-12-29 20:43 - 2014-12-29 20:44 - 00038357 _____ () C:\Users\Lea\Downloads\Addition.txt
2014-12-29 20:41 - 2014-12-30 22:11 - 00027715 _____ () C:\Users\Lea\Downloads\FRST.txt
2014-12-29 20:41 - 2014-12-30 22:11 - 00000000 ____D () C:\FRST
2014-12-29 20:40 - 2014-12-29 20:40 - 02123264 _____ (Farbar) C:\Users\Lea\Downloads\FRST64.exe
2014-12-29 16:27 - 2014-12-29 16:28 - 00000197 _____ () C:\Windows\system32\2014-12-29-16-27-59.079-AvastVBoxSVC.exe-2548.log
2014-12-29 14:45 - 2014-12-30 16:57 - 00003962 _____ () C:\Windows\PFRO.log
2014-12-29 11:28 - 2014-12-29 11:28 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-12-29 11:28 - 2014-12-29 11:28 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-12-29 11:27 - 2014-12-29 11:27 - 00753184 _____ () C:\Users\Lea\Downloads\Adware-Removal-Tool-v3.9.1.exe
2014-12-29 11:09 - 2014-12-29 11:09 - 00000197 _____ () C:\Windows\system32\2014-12-29-11-09-02.021-AvastVBoxSVC.exe-3984.log
2014-12-29 01:34 - 2014-12-29 01:34 - 00000197 _____ () C:\Windows\system32\2014-12-29-01-34-44.086-AvastVBoxSVC.exe-3768.log
2014-12-29 01:31 - 2014-12-30 16:57 - 00000280 _____ () C:\Windows\setupact.log
2014-12-29 01:31 - 2014-12-29 01:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-29 00:37 - 2014-12-30 20:29 - 00009630 _____ () C:\Windows\IE11_main.log
2014-12-28 20:02 - 2014-12-28 20:02 - 00000000 ____D () C:\Users\Lea\AppData\Local\Chromium
2014-12-28 18:16 - 2014-12-28 18:17 - 00000197 _____ () C:\Windows\system32\2014-12-28-18-16-55.099-AvastVBoxSVC.exe-4388.log
2014-12-27 00:40 - 2014-12-27 00:40 - 00001197 _____ () C:\Users\Lea\po.txt
2014-12-27 00:07 - 2014-12-27 00:07 - 00003268 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-826546569-3919575575-2117434215-1000
2014-12-26 21:06 - 2014-12-26 21:06 - 00000197 _____ () C:\Windows\system32\2014-12-26-21-06-01.047-AvastVBoxSVC.exe-4504.log
2014-12-23 23:33 - 2014-12-23 23:33 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 23:31 - 2014-12-23 23:31 - 00000197 _____ () C:\Windows\system32\2014-12-23-23-31-20.058-AvastVBoxSVC.exe-4472.log
2014-12-22 22:52 - 2014-12-22 22:52 - 00000197 _____ () C:\Windows\system32\2014-12-22-22-52-31.003-AvastVBoxSVC.exe-4036.log
2014-12-22 00:58 - 2014-12-22 00:59 - 05317104 _____ (Piriform Ltd) C:\Users\Lea\Downloads\ccsetup501.exe
2014-12-21 23:30 - 2014-12-21 23:30 - 00000197 _____ () C:\Windows\system32\2014-12-21-23-30-10.096-AvastVBoxSVC.exe-3796.log
2014-12-21 22:44 - 2014-12-21 22:44 - 00000197 _____ () C:\Windows\system32\2014-12-21-22-44-36.025-AvastVBoxSVC.exe-1096.log
2014-12-21 20:29 - 2014-12-21 20:29 - 00000197 _____ () C:\Windows\system32\2014-12-21-20-29-39.041-AvastVBoxSVC.exe-3788.log
2014-12-21 19:42 - 2014-12-21 19:42 - 00000247 _____ () C:\Windows\system32\2014-12-21-19-42-32.065-aswFe.exe-3544.log
2014-12-21 19:32 - 2014-12-21 19:42 - 00000247 _____ () C:\Windows\system32\2014-12-21-19-32-56.033-aswFe.exe-8136.log
2014-12-21 19:32 - 2014-12-21 19:32 - 00000197 _____ () C:\Windows\system32\2014-12-21-19-32-51.097-AvastVBoxSVC.exe-6216.log
2014-12-21 19:21 - 2014-12-21 19:21 - 00000247 _____ () C:\Windows\system32\2014-12-21-19-21-49.009-aswFe.exe-5100.log
2014-12-21 19:08 - 2014-12-21 19:21 - 00000247 _____ () C:\Windows\system32\2014-12-21-19-08-53.072-aswFe.exe-604.log
2014-12-21 19:08 - 2014-12-21 19:08 - 00000197 _____ () C:\Windows\system32\2014-12-21-19-08-41.015-AvastVBoxSVC.exe-7432.log
2014-12-21 18:30 - 2014-12-21 18:35 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-21 18:30 - 2014-12-21 18:35 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-21 17:40 - 2014-12-21 17:41 - 00000000 ____D () C:\ProgramData\{3B77D3B4-6BF5-0232-DA73-72B00AF1A13E}
2014-12-21 17:39 - 2014-12-21 17:40 - 00000000 ____D () C:\ProgramData\Unchecky
2014-12-21 17:39 - 2014-12-21 17:39 - 00000000 ____D () C:\Users\Lea\AppData\Local\StormFall
2014-12-21 17:30 - 2014-12-21 17:30 - 00001994 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2014-12-21 17:30 - 2014-12-21 17:30 - 00001934 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2014-12-21 17:30 - 2014-12-21 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-21 17:28 - 2014-12-21 17:28 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-21 17:28 - 2014-12-21 17:28 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-21 17:28 - 2014-12-21 17:27 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-12-21 17:25 - 2014-12-21 17:25 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-12-21 17:19 - 2014-12-30 17:05 - 00000000 ____D () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800
2014-12-21 17:19 - 2014-12-21 17:19 - 00004614 _____ () C:\Windows\System32\Tasks\Runner IC
2014-12-21 17:15 - 2014-12-29 14:44 - 00000000 ____D () C:\Users\Lea\AppData\Roaming\VOPackage
2014-12-20 23:30 - 2014-12-20 23:30 - 00000671 _____ () C:\Users\Lea\fj.txt
2014-12-16 21:40 - 2014-12-16 21:41 - 03949545 _____ () C:\Users\Lea\Downloads\Week 10 - Academic writing - Part 3.pptx
2014-12-16 21:36 - 2014-12-16 21:36 - 01617371 _____ () C:\Users\Lea\Downloads\Week 11 - Group Presentations.pptx
2014-12-13 23:23 - 2014-12-13 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-13 23:23 - 2014-12-13 23:23 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-13 23:23 - 2014-12-13 23:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-13 23:21 - 2014-12-13 23:22 - 13087456 _____ (Microsoft Corporation) C:\Users\Lea\Downloads\Silverlight_x64.exe
2014-12-13 02:57 - 2014-12-13 02:57 - 00001690 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-12-13 00:49 - 2014-12-13 02:11 - 00000000 ____D () C:\Users\Lea\AppData\Roaming\vlc
2014-12-13 00:46 - 2014-12-13 00:46 - 24743106 _____ () C:\Users\Lea\Downloads\vlc-2.1.5-win32.exe
2014-12-13 00:44 - 2014-12-13 02:59 - 00000000 ____D () C:\Users\Lea\AppData\Roaming\Store
2014-12-13 00:44 - 2014-12-13 00:44 - 00000857 _____ () C:\Users\Lea\Desktop\Install VLC.lnk
2014-12-13 00:39 - 2014-12-28 22:16 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-12-13 00:34 - 2014-12-13 00:35 - 00000000 ____D () C:\Users\Lea\AppData\Local\{F1B4641B-6E5B-40AB-AC09-0C6AD40B78A6}
2014-12-13 00:02 - 2014-12-13 00:16 - 00000000 ____D () C:\Users\Lea\Downloads\Soul.Plane.2004.720p.HDTV.DD2.0.x264- EbP
2014-12-13 00:02 - 2014-12-13 00:02 - 00330349 _____ () C:\Users\Lea\Downloads\400787A0A6FDD26974DC72B104B6466B9C9672C8.torrent
2014-12-12 23:45 - 2014-12-12 23:45 - 00014885 _____ () C:\Users\Lea\Downloads\1B56200FF91ED87FB9089DFAF313E3B56276BAE4 (1).torrent
2014-12-12 21:43 - 2014-12-12 21:43 - 00000000 ____D () C:\Users\Lea\Downloads\Convict.2014.HDRip.XviD-SaM[ETRG]
2014-12-12 21:42 - 2014-12-12 21:42 - 00014885 _____ () C:\Users\Lea\Downloads\1B56200FF91ED87FB9089DFAF313E3B56276BAE4.torrent
2014-12-12 19:56 - 2014-12-12 19:56 - 00000000 ____D () C:\showbox
2014-12-12 19:53 - 2014-12-12 20:03 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-12-12 19:51 - 2014-12-12 19:51 - 13444288 _____ (BlueStack Systems Inc.) C:\Users\Lea\Downloads\BlueStacks-SplitInstaller_native.exe
2014-12-11 12:13 - 2014-12-11 12:13 - 04793344 _____ () C:\Users\Lea\Downloads\Living-Links-measuring-behaviour-ppt (1).ppt
2014-12-11 11:41 - 2014-12-11 11:42 - 04793344 _____ () C:\Users\Lea\Downloads\Living-Links-measuring-behaviour-ppt.ppt
2014-12-10 18:30 - 2014-12-10 18:30 - 00740122 _____ () C:\Users\Lea\Downloads\MOLE Lesson 2- The Scientific Method (1).pptx
2014-12-10 16:48 - 2014-12-10 16:48 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 16:22 - 2014-10-18 02:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 16:22 - 2014-10-18 01:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 16:22 - 2014-07-07 02:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 16:22 - 2014-07-07 02:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 16:22 - 2014-07-07 02:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 16:22 - 2014-07-07 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 16:22 - 2014-07-07 01:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 16:22 - 2014-07-07 01:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 16:22 - 2014-07-07 01:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 16:22 - 2014-07-07 01:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-09 21:41 - 2014-12-04 02:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 21:41 - 2014-12-04 02:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 21:41 - 2014-12-04 02:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 21:41 - 2014-12-04 02:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 21:41 - 2014-12-04 02:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 21:41 - 2014-12-04 02:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 21:41 - 2014-12-04 02:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 21:41 - 2014-12-01 23:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 21:40 - 2014-11-11 03:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 21:40 - 2014-11-11 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 21:40 - 2014-11-11 01:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 21:40 - 2014-11-08 03:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 21:40 - 2014-11-08 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 21:40 - 2014-10-30 02:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 21:40 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 21:40 - 2014-10-03 02:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 21:40 - 2014-10-03 02:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 21:40 - 2014-10-03 02:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 21:40 - 2014-10-03 02:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 21:40 - 2014-10-03 02:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 21:40 - 2014-10-03 01:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 21:40 - 2014-10-03 01:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 21:40 - 2014-10-03 01:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 21:40 - 2014-10-03 01:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 21:40 - 2014-10-03 01:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-08 16:49 - 2014-12-08 16:49 - 00880784 _____ (Google Inc.) C:\Users\Lea\Downloads\ChromeSetup (1).exe
2014-12-08 16:48 - 2014-12-08 16:48 - 00880784 _____ (Google Inc.) C:\Users\Lea\Downloads\ChromeSetup.exe
2014-12-07 23:27 - 2014-12-17 23:09 - 00003826 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1417994842
2014-12-07 23:27 - 2014-12-07 23:27 - 00683496 _____ (Opera Software) C:\Users\Lea\Downloads\Opera_NI_stable.exe
2014-12-07 23:27 - 2014-12-07 23:27 - 00001099 _____ () C:\Users\Public\Desktop\Opera 26.lnk
2014-12-07 23:27 - 2014-12-07 23:27 - 00001099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 26.lnk
2014-12-07 23:27 - 2014-12-07 23:27 - 00000000 ____D () C:\Users\Lea\AppData\Roaming\Opera Software
2014-12-07 23:27 - 2014-12-07 23:27 - 00000000 ____D () C:\Users\Lea\AppData\Local\Opera Software
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-30 22:11 - 2012-04-10 15:35 - 00000000 ____D () C:\Users\Lea\AppData\Roaming\uTorrent
2014-12-30 22:07 - 2013-08-06 01:02 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000UA.job
2014-12-30 22:04 - 2011-12-05 11:15 - 01226103 _____ () C:\Windows\WindowsUpdate.log
2014-12-30 21:57 - 2012-08-07 15:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-30 21:44 - 2012-11-17 00:11 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-30 19:51 - 2012-11-17 00:11 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-30 18:22 - 2012-07-23 18:37 - 00000000 ____D () C:\ProgramData\Advent
2014-12-30 17:07 - 2009-07-14 04:45 - 00031712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-30 17:07 - 2009-07-14 04:45 - 00031712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-30 16:57 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-30 01:39 - 2012-04-10 15:39 - 00000000 ____D () C:\Users\Lea\AppData\Roaming\SoftGrid Client
2014-12-29 23:07 - 2013-08-06 01:02 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000Core.job
2014-12-29 20:45 - 2014-05-13 11:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-29 18:47 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2014-12-29 14:45 - 2011-10-21 01:42 - 00000000 ____D () C:\Windows\ca
2014-12-29 14:44 - 2014-05-11 21:26 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-12-29 13:35 - 2012-04-15 11:34 - 00000000 ____D () C:\Users\Lea\AppData\Local\CrashDumps
2014-12-28 19:04 - 2014-11-28 20:17 - 00032689 _____ () C:\Users\Lea\Downloads\software_removal_tool.log
2014-12-28 18:18 - 2014-05-01 16:30 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-27 00:40 - 2012-04-10 13:36 - 00000000 ____D () C:\Users\Lea
2014-12-22 01:26 - 2012-08-04 23:49 - 00000000 ____D () C:\Windows\Minidump
2014-12-21 17:42 - 2009-07-14 02:34 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.old
2014-12-21 17:29 - 2014-05-13 12:03 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-21 17:28 - 2014-05-01 16:28 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-21 17:26 - 2012-11-24 14:46 - 00000000 ____D () C:\Users\Lea\AppData\Local\Opera
2014-12-21 17:26 - 2012-11-24 14:46 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-21 17:25 - 2012-11-24 14:46 - 00000000 ____D () C:\Users\Lea\AppData\Roaming\Opera
2014-12-15 22:42 - 2009-07-14 05:13 - 00783464 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-13 03:01 - 2009-07-14 03:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-13 02:44 - 2012-09-01 11:38 - 00001067 _____ () C:\Windows\wininit.ini
2014-12-13 00:42 - 2014-05-02 00:16 - 00000000 _____ () C:\end
2014-12-11 11:15 - 2011-10-21 01:21 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-12-10 16:48 - 2014-05-06 14:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 16:48 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 16:32 - 2013-07-13 21:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 16:22 - 2012-04-10 20:21 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 22:57 - 2012-08-07 15:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 22:57 - 2012-08-07 15:47 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 22:57 - 2011-10-21 01:10 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-08 20:17 - 2014-08-06 21:25 - 00023703 _____ () C:\Windows\BRRBCOM.INI
2014-12-08 16:51 - 2012-04-10 15:30 - 00000000 ____D () C:\Users\Lea\AppData\Local\Google
2014-12-07 19:24 - 2014-11-15 00:32 - 00000000 ____D () C:\ProgramData\saferweb
2014-12-07 18:41 - 2014-05-13 11:36 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-07 18:41 - 2014-05-13 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-07 18:41 - 2014-05-13 11:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-29 18:35
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Lea at 2014-12-30 22:12:36
Running from C:\Users\Lea\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\uTorrent) (Version: 3.4.2.36802 - BitTorrent Inc.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.3018.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.3018.00 - CyberLink Corp.) Hidden
Acer Deep Sleep Settings (HKLM-x32\...\{86F3E556-83B1-47E5-A36B-560A521B999B}) (Version: 1.00.3008 - Acer Incorporated)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0902.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3501 - Acer Incorporated)
AdC4USelfUpdater (x32 Version: 1.00.0000 - Advent) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
ADVENT AIO Printer (HKLM-x32\...\{27B5D9DE-D57D-48ee-A4F1-DC3D9DA0DF57}) (Version: 1.3.3.10 - Advent)
Advent AIO Printer (Version: 1.0.6.2 - DSGi) Hidden
Advent Essentials (x32 Version: 1.0.0.0 - DSGi) Hidden
aioscnnr (x32 Version: 1.0.6.0 - DSGi) Hidden
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version:  - )
Anki (HKLM-x32\...\Anki) (Version:  - )
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Brother MFL-Pro Suite DCP-J132W (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Edificius (x32 Version: 6.00 - ACCA) Hidden
Edificius v.6.00g (HKLM-x32\...\{614F8F83-BB96-4000-8116-67D1BC132830}) (Version: 6.00g - EN - ACCA software S.p.A.)
ETDWare PS/2-X64 10.0.6.3_WHQL (HKLM\...\Elantech) (Version: 10.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.6.3 (HKLM-x32\...\{4C8BBCC8-8363-11E2-A3F4-984BE15F174E}) (Version: 4.6.3.8096 - Evernote Corp.)
FinePrint (HKLM\...\FinePrint) (Version: 8.15 - FinePrint Software, LLC)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.2.18.0 (HKLM-x32\...\{9602841E-ECE2-1019-AAEE-906A4DE25D6B}) (Version: 1.2.18.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1008 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
jZip (HKLM-x32\...\jZip) (Version:  - )
Kobo (HKLM-x32\...\Kobo) (Version: 3.10.0 - Rakuten Kobo Inc.)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Acer Inc.)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PreReq (x32 Version: 6.0.5.2 - Eastman Kodak Company) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Fast Reconnect (HKLM-x32\...\{5C20A342-085D-4000-B69D-492F3BA4BF94}) (Version: 1.0 - QualComm Atheros)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39013 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sleep Memory Optimizer (HKLM-x32\...\{34BE2594-1D20-4A2E-97A0-B9E2837520AE}) (Version: 1.00.3004 - Acer Incorporated)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
XMind 2013 (v3.4.1) (HKLM-x32\...\XMind_is1) (Version: 3.4.1.201401221918 - XMind Ltd.)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
08-12-2014 00:36:44 Windows Update
08-12-2014 17:02:45 Windows Defender Checkpoint
09-12-2014 01:36:57 Windows Update
10-12-2014 16:18:16 Windows Update
13-12-2014 02:59:54 Removed BlueStacks Notification Center
13-12-2014 03:00:13 Windows Update
13-12-2014 04:01:16 Windows Update
13-12-2014 23:16:28 Removed Microsoft Silverlight
14-12-2014 03:00:16 Windows Update
14-12-2014 03:53:45 Windows Update
15-12-2014 22:38:49 Windows Update
16-12-2014 02:34:51 Windows Update
17-12-2014 19:34:08 Windows Update
17-12-2014 23:57:02 Windows Update
18-12-2014 01:57:40 Windows Update
20-12-2014 22:57:33 Windows Update
21-12-2014 00:01:06 Windows Update
21-12-2014 17:14:21 Windows Update
21-12-2014 17:22:25 avast! antivirus system restore point
21-12-2014 17:29:09 Device Driver Package Install: Avast Network Service
21-12-2014 22:34:28 Software Removal Tool
22-12-2014 01:51:39 Windows Update
23-12-2014 00:53:06 Windows Update
26-12-2014 21:09:52 Windows Update
27-12-2014 00:44:33 Windows Update
29-12-2014 00:36:59 Windows Update
29-12-2014 02:03:00 Windows Update
30-12-2014 01:40:10 Windows Update
30-12-2014 20:19:44 Windows Update
30-12-2014 20:22:01 Windows Update
30-12-2014 20:23:53 Windows Update
30-12-2014 20:28:25 Windows Update
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {14743BBA-6DF3-44B0-BD30-F953C3F3BB53} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {2A38BC47-9D38-46AE-98A6-6BD0D80185A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {37A2C7F1-1C6D-4CB9-BE8C-86B1C1172E68} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {50A37FFF-AC42-49D5-A56C-DA69DE940823} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {5A87B349-189E-4059-A3E9-6C2F98530278} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {5F0D9F42-FB4F-41D5-BC3A-C541F2CFE462} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {77B3CD3C-0AC3-471C-BAFD-9F25CC5A1016} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {7CF07D9A-8C46-48E7-A0B5-0B0A63DE7A02} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-21] (AVAST Software)
Task: {7F56EA38-A7FD-4707-98A6-9B5FB9453768} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {90FAACE9-D03B-46B3-B81C-D86A16112EEE} - System32\Tasks\{A83BC985-A76D-418A-930E-6A952A51D03D} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}\Sims3EP02Setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {94D5CC3F-2B72-41A7-AA92-A787FAAB2A21} - System32\Tasks\avastBCLRestartS-1-5-21-826546569-3919575575-2117434215-1000 => Chrome.exe 
Task: {958E0E1C-859F-447D-A6F1-B243DD96B103} - System32\Tasks\{6DBB1977-06FA-4253-8C11-919DE8C52E34} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{B742757A-7658-4E09-A51A-085CF0F7F4D3}\Setup.exe" -c  -runfromtemp -l0x0009 UNINSTALL Reg=BHmini13_C2 -removeonly
Task: {978D6381-14D2-43D5-9579-261789B2A134} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated)
Task: {A2DA72CC-38D6-46DF-9126-037C111AF2C8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000UA => C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-06] (Google Inc.)
Task: {A362F3C4-C978-4340-A16B-16E1A0D52F59} - System32\Tasks\{2A892629-832C-49CA-A6E0-FD7774B6FB6E} => pcalua.exe -a "C:\Program Files (x86)\Freeven pro 1.2\Uninstall.exe" -c /fcp=1
Task: {BECFE957-BAD9-4282-B922-44244A72745B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {C63FD030-9D43-4247-89C6-163AC27A97A4} - System32\Tasks\Runner IC => %LOCALAPPDATA%\7A95CA11-3011-B740-B402-AA0111F90800\Runner.exe
Task: {D9E525AD-4FE4-42FF-B057-D8B601E23AF0} - System32\Tasks\Microsoft\Windows\Maintenance\Update IC => %LOCALAPPDATA%\7A95CA11-3011-B740-B402-AA0111F90800\Runner.exe
Task: {DE3D9038-8E72-4F12-B737-0B2DCC601F6D} - System32\Tasks\Opera scheduled Autoupdate 1417994842 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software)
Task: {E130326A-FE90-4CFD-B6D2-8750E3DE15ED} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {EC930452-109B-4A89-A433-5BB5A333B34F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000Core => C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-06] (Google Inc.)
Task: {F701F532-F134-412D-87D0-327C5AB0805B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {F971B0FA-775E-4D9B-9AE9-D0EF7EA4AE5E} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000Core.job => C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000UA.job => C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-08-06 21:23 - 2005-04-22 04:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-12-21 17:25 - 2014-12-21 17:25 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-21 17:25 - 2014-12-21 17:25 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2011-12-05 18:52 - 2011-08-09 15:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-10 18:28 - 2012-08-10 18:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2014-12-18 12:42 - 2014-12-18 12:42 - 00386608 _____ () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Runner.exe
2014-12-17 23:09 - 2014-12-17 23:09 - 00535160 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
2014-12-29 20:43 - 2014-12-29 20:43 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122901\algo.dll
2014-12-21 17:26 - 2014-12-21 17:26 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-12-30 16:58 - 2014-12-30 16:58 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14123000\algo.dll
2014-12-30 20:10 - 2014-12-30 20:10 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14123001\algo.dll
2011-04-24 01:29 - 2011-04-24 01:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 01:29 - 2011-04-24 01:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 01:29 - 2011-04-24 01:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-09-08 12:16 - 2012-09-08 12:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2012-09-08 12:16 - 2012-09-08 12:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2014-12-21 17:27 - 2014-12-21 17:28 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-06 21:22 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2014-12-18 12:43 - 2014-12-18 12:43 - 00096816 _____ () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Modules\ManXec.dll
2014-12-18 12:42 - 2014-12-18 12:42 - 00079408 _____ () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Modules\CmdProc.dll
2014-12-18 12:43 - 2014-12-18 12:43 - 00049200 _____ () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Modules\NavSupp.dll
2014-12-18 12:43 - 2014-12-18 12:43 - 00044592 _____ () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Modules\PrfIns.dll
2014-12-18 12:43 - 2014-12-18 12:43 - 00054320 _____ () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Modules\WbSes.dll
2014-12-18 12:44 - 2014-12-18 12:44 - 00116784 _____ () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Modules\WdcMan.dll
2014-12-18 12:43 - 2014-12-18 12:43 - 00122416 _____ () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Modules\WblSupp.dll
2014-12-18 12:42 - 2014-12-18 12:42 - 00101936 _____ () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Modules\CmnUtls.dll
2014-12-17 23:09 - 2014-12-17 23:09 - 01358456 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\libglesv2.dll
2014-12-17 23:09 - 2014-12-17 23:09 - 00219256 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\libegl.dll
2014-12-17 23:09 - 2014-12-17 23:09 - 09312888 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\pdf.dll
2014-12-17 23:09 - 2014-12-17 23:09 - 00991352 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\ffmpegsumo.dll
2014-12-30 17:05 - 2014-10-23 08:14 - 01091584 _____ () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\libglesv2.dll
2014-12-30 17:05 - 2014-10-23 08:19 - 00167936 _____ () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\libEGL.dll
2014-12-30 17:05 - 2014-10-23 08:26 - 08569856 _____ () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\pdf.dll
2014-12-30 17:05 - 2014-10-23 08:20 - 00324608 _____ () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\ppGoogleNaClPluginChrome.dll
2014-12-30 17:05 - 2014-10-23 08:23 - 00880128 _____ () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\ffmpegsumo.dll
2014-12-30 17:05 - 2014-09-23 04:07 - 14891848 _____ () C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Chrome-bin\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-826546569-3919575575-2117434215-500 - Administrator - Disabled)
Guest (S-1-5-21-826546569-3919575575-2117434215-501 - Limited - Enabled) => C:\Users\Guest.Lea-PC
HomeGroupUser$ (S-1-5-21-826546569-3919575575-2117434215-1002 - Limited - Enabled)
Lea (S-1-5-21-826546569-3919575575-2117434215-1000 - Administrator - Enabled) => C:\Users\Lea
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/30/2014 08:18:08 PM) (Source: MsiInstaller) (EventID: 10005) (User: Lea-PC)
Description: Product: Microsoft Fix it 50228 -- This Microsoft Fix it does not apply to your operating system or application version.
 
Error: (12/30/2014 04:57:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/29/2014 04:25:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/29/2014 02:45:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/29/2014 01:35:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Runner.exe, version: 0.0.0.0, time stamp: 0x5492c820
Faulting module name: Runner.exe, version: 0.0.0.0, time stamp: 0x5492c820
Exception code: 0xc00000fd
Fault offset: 0x00001c41
Faulting process id: 0x1bd4
Faulting application start time: 0xRunner.exe0
Faulting application path: Runner.exe1
Faulting module path: Runner.exe2
Report Id: Runner.exe3
 
Error: (12/29/2014 11:07:21 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/29/2014 01:31:59 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/28/2014 06:18:02 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Optimize download youtube video process because of this error.
 
Program: Optimize download youtube video process
File: 
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: 00000000
Disk type: 0
 
Error: (12/28/2014 06:18:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: youtubeserv.exe, version: 1.6.7.0, time stamp: 0x5454c8a9
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000096
Fault offset: 0x00048665
Faulting process id: 0xac4
Faulting application start time: 0xyoutubeserv.exe0
Faulting application path: youtubeserv.exe1
Faulting module path: youtubeserv.exe2
Report Id: youtubeserv.exe3
 
Error: (12/28/2014 06:15:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (12/30/2014 09:57:54 PM) (Source: DCOM) (EventID: 10016) (User: Lea-PC)
Description: application-specificLocalActivation{4991D34B-80A1-4291-83B6-3328366B9097}{69AD4AEE-51BE-439B-A92C-86AE490E8B30}Lea-PCLeaS-1-5-21-826546569-3919575575-2117434215-1000LocalHost (Using LRPC)
 
Error: (12/30/2014 09:55:25 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/30/2014 09:55:24 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/30/2014 09:55:23 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/30/2014 09:55:23 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/30/2014 09:55:22 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/30/2014 09:55:21 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/30/2014 09:55:21 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/30/2014 09:48:57 PM) (Source: DCOM) (EventID: 10016) (User: Lea-PC)
Description: application-specificLocalActivation{4991D34B-80A1-4291-83B6-3328366B9097}{69AD4AEE-51BE-439B-A92C-86AE490E8B30}Lea-PCLeaS-1-5-21-826546569-3919575575-2117434215-1000LocalHost (Using LRPC)
 
Error: (12/30/2014 09:46:47 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
 
Microsoft Office Sessions:
=========================
Error: (12/30/2014 08:18:08 PM) (Source: MsiInstaller) (EventID: 10005) (User: Lea-PC)
Description: Product: Microsoft Fix it 50228 -- This Microsoft Fix it does not apply to your operating system or application version.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (12/30/2014 04:57:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
Error: (12/29/2014 04:25:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
Error: (12/29/2014 02:45:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
Error: (12/29/2014 01:35:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Runner.exe0.0.0.05492c820Runner.exe0.0.0.05492c820c00000fd00001c411bd401d023585bd08a58C:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Runner.exeC:\Users\Lea\AppData\Local\7A95CA11-3011-B740-B402-AA0111F90800\Runner.exe8b95247b-8f5f-11e4-81cf-97e39079a052
 
Error: (12/29/2014 11:07:21 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
Error: (12/29/2014 01:31:59 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
Error: (12/28/2014 06:18:02 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Optimize download youtube video process000000000
 
Error: (12/28/2014 06:18:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: youtubeserv.exe1.6.7.05454c8a9ole32.dll6.1.7601.175144ce7b96fc000009600048665ac401d022ca44ae17eeC:\Program Files (x86)\YouTube Downloader Services\P2\youtubeserv.exeC:\Windows\syswow64\ole32.dlldb36e829-8ebd-11e4-92cf-f693f8999856
 
Error: (12/28/2014 06:15:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2467M CPU @ 1.60GHz
Percentage of memory in use: 69%
Total physical RAM: 3946.19 MB
Available physical RAM: 1206.25 MB
Total Pagefile: 7890.56 MB
Available Pagefile: 3495.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (ACER) (Fixed) (Total:282.85 GB) (Free:153.51 GB) NTFS
Drive d: (Sims3) (CDROM) (Total:5.54 GB) (Free:0 GB) UDF
Drive e: (Sims3EP04) (CDROM) (Total:4.95 GB) (Free:0 GB) UDF
Drive f: (Sims3EP03) (CDROM) (Total:6.76 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 4007CF80)
Partition 1: (Not Active) - (Size=15.1 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=282.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 18.6 GB) (Disk ID: 4007CFAE)
Partition 1: (Not Active) - (Size=18.6 GB) - (Type=84)
 
==================== End Of Log ============================

 


Edited by cookie88, 30 December 2014 - 04:19 PM.

  • 0

#4
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello, cookie88.

P2P Warning

I noticed that you have or have had a P2P (Peer-to-Peer) file sharing program on your machine:
  • µTorrent
It is important to stay away from them as they are used to share pirated material. The programs themselves can be safe, but majority of the files shared through them is infected.

Some of things to keep in mind when using P2P programs:
  • Your computer is more likely to get infected with malware, which will result in coming back to our or other forums for help.
  • You may have your important data stolen, including passwords, photos or personal information.
  • You help to share pirated material, which may result in arrest, fines, or even jail time for illegal downloads of copyrighted material.
If I still didn't convince you, please read these short reports about how dangerous it can be to use P2P programs:Whether you remove them or not is your decision. Though I strongly recommend you to uninstall your P2P programs as they most likely will cause problems in the future.

If you choose not to remove them, please refrain from using them until we are done on cleaning your computer.

 
CKScanner
  • Download CKScanner and save it to your Desktop.
  • Right click CKScanner.exe and select Run as administrator.
  • Give permission if necessary, and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved. Please run the program once only.
  • Double-click the CKFiles.txt on your desktop and copy/paste the content in your next reply.

  • 0

#5
cookie88

cookie88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Thank you for your response.

 

Here is the log:

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\nti\acer backup manager\outlookmsgnet32.exe
c:\program files (x86)\nti\acer backup manager\outlookmsgnet64.exe
c:\program files (x86)\nti\acer backup manager\migrate\outlookmsgnet32.exe
c:\program files (x86)\nti\acer backup manager\migrate\outlookmsgnet64.exe
scanner sequence 3.EM.11.HSNAPZ
 ----- EOF ----- 
 
I have removed utorrent.
 
Since uninstalling google chrome, I am now getting the url:mal threats linking to opera.exe now. The only browser I can get to run on my desktop since something is stopping others installing.

Edited by cookie88, 31 December 2014 - 08:07 AM.

  • 0

#6
cookie88

cookie88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Hi, I have just been reading a similar thread and realised that i ran the farbar recovery tool from the wrong place, do you want me to move it and place fresh logs here?


  • 0

#7
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts

I'm sorry for the delay - New Year and all that...
 

Hi, I have just been reading a similar thread and realised that i ran the farbar recovery tool from the wrong place, do you want me to move it and place fresh logs here?

Right, please, move FRST64.exe to your desktop, but there's no need to do fresh logs.

Instead, please run CKScanner again as there is one line missing from the original scan.

 


  • 0

#8
cookie88

cookie88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
New scan log.
 
CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\nti\acer backup manager\outlookmsgnet32.exe
c:\program files (x86)\nti\acer backup manager\outlookmsgnet64.exe
c:\program files (x86)\nti\acer backup manager\migrate\outlookmsgnet32.exe
c:\program files (x86)\nti\acer backup manager\migrate\outlookmsgnet64.exe
scanner sequence 3.BB.11.KGLBLB
 ----- EOF ----- 

  • 0

#9
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello, cookie88.

Let's clean up your system.

 
Step #1
FRST Fix
  • Download attached fixlist.txt file to your desktop.
    Attached File  fixlist.txt   5.92KB   147 downloads
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Right click FRST64.exe on your desktop and click Run as administrator. When the tool opens click Yes to disclaimer.
  • Press the Fix button just once and wait.
    NOTE: It's important that both FRST64.exe and fixlist.txt are in the same location or the fix will not work.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished, FRST will generate a log on the desktop (Fixlog.txt). Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
 
Step #2
AdwCleaner
  • Download AdwCleaner to your Desktop.
  • Close any open windows
  • Disable your Antivirus program
  • Double click AdwCleaner.exe on your desktop to run it
  • Click the OvD9RYN.png button
  • Wait for AdwCleaner to finish the scan
  • When the scan is finished, there will be "Pending. Please uncheck elements you don't want to remove" message. Leave everything as it is and click qKMbAXQ.png button. A Notepad window will be opened
  • Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
Remember to enable your Antivirus program once you're done!

 
Things that should appear in your next post:
  • Fixlog.txt log content
  • AdwCleaner log content

  • 0

#10
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

Advertisements


#11
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

User returned. As your logs are almost two weeks old we will need new logs. Nevan will reply with instructions.


  • 0

#12
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello again, cookie88.

As it's been over a week, please ignore my previous instructions and instead provide new FRST logs. Use the following instructions to do that:

FRST Scan

If you still have FRST64.exe on your desktop, remove it and download a new one.
  • Download Farbar Recovery Scan Tool and save it to your Desktop.
  • Right click FRST64.exe and click Run as administrator. When the tool opens click Yes to disclaimer.
  • Make sure that Addition.txt is checked and press the Scan button.
  • It will produce two logs - one called FRST.txt and another one called Addition.txt in the same directory the tool is run from.
  • Select all (CTRL+A) the content of the logs, copy them (CTRL+C) and paste (CTRL+V) them into your next reply.

  • 0

#13
cookie88

cookie88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Hi Nevan,

 

Here are the fresh logs. I no longer receiver url:mal threat warnings. However, I do constantly receiver pop-ups informing me chrome, adobe or silverlight are out of date and need updating. Sometimes my browser pages get re-directed to inform me that chrome is out of date. However, the web address relates to file 7 mirror or something.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02
Ran by Lea (administrator) on LEA-PC on 12-01-2015 22:43:45
Running from C:\Users\Lea\Desktop
Loaded Profile: Lea (Available profiles: Lea & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DSGi) C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Sleep Memory Optimizer\FFSService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(MicroStudio) C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe
(MicroTools) C:\Program Files (x86)\YouTube Downloader Services\P4\youtubeserv.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2275944 2011-08-10] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2642728 2011-07-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [ADAiO2StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\ADAiO2MUI.exe [2779136 2010-12-09] (DSGi)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-15] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ADAiO2StatusMonitor] => C:\Windows\System32\spool\drivers\x64\3\ADAiO2MUI.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\Run: [Google Update] => C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-06] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\Users\Lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-826546569-3919575575-2117434215-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {0920DBB1-D098-4ACE-9DDD-7A6F18A9ED66} https://britishgasto...om/HomeVend.cab
DPF: HKLM-x32 {283B7DE7-A1ED-4D27-AA59-C6E7427544D2} https://bg.itronener...yBoxControl.cab
DPF: HKLM-x32 {2A293777-79CA-4DD9-A545-0E1718C0D3CF} https://bg.itronener...yboxControl.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E731E39E-A891-4959-9E6D-1DC0D10BAA43}: [NameServer] 8.8.8.8
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-826546569-3919575575-2117434215-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Lea\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-826546569-3919575575-2117434215-1000: @talk.google.com/O1DPlugin -> C:\Users\Lea\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-826546569-3919575575-2117434215-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-826546569-3919575575-2117434215-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Lea\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Lea\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-01]
 
Chrome: 
=======
CHR Profile: C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-03]
CHR Extension: (Google Drive) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-03]
CHR Extension: (YouTube) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-03]
CHR Extension: (Google Search) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-03]
CHR Extension: (Google Sheets) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-03]
CHR Extension: (Avast Online Security) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-03]
CHR Extension: (Google Wallet) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-03]
CHR Extension: (Gmail) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-21]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Advent AIO Network Discovery Service; C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe [361904 2011-10-14] (DSGi)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-21] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-21] (Avast Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 FFSOpzSvc; C:\Program Files\Sleep Memory Optimizer\FFSService.exe [141192 2011-09-17] (Acer Incorporated)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
R2 WindowsVNT_R3; C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe [2973600 2014-10-20] (MicroStudio) [File not signed]
R2 YouTubeDownload_P4; C:\Program Files (x86)\YouTube Downloader Services\P4\youtubeserv.exe [2968696 2014-12-13] (MicroTools)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40808 2013-12-13] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-21] ()
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-08-10] (Qualcomm Atheros)
S3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [119680 2009-08-10] (Gemalto)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-01-03] ()
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-21] (Avast Software)
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-12 20:13 - 2015-01-12 20:14 - 00000197 _____ () C:\Windows\system32\2015-01-12-20-13-41.026-AvastVBoxSVC.exe-3748.log
2015-01-11 23:13 - 2015-01-11 23:15 - 00000000 ____D () C:\Users\Lea\Desktop\MATHS
2015-01-11 22:18 - 2015-01-11 22:18 - 00087552 _____ () C:\Users\Lea\Downloads\MOLE Lesson 2 Factors and Multiples.pptx
2015-01-11 22:10 - 2015-01-11 22:10 - 00880784 _____ (Google Inc.) C:\Users\Lea\Downloads\ChromeSetup.exe
2015-01-11 22:01 - 2015-01-11 22:01 - 00000197 _____ () C:\Windows\system32\2015-01-11-22-01-45.062-AvastVBoxSVC.exe-3508.log
2015-01-11 16:35 - 2015-01-11 16:35 - 00000197 _____ () C:\Windows\system32\2015-01-11-16-35-20.068-AvastVBoxSVC.exe-3764.log
2015-01-10 13:11 - 2015-01-10 13:12 - 00000197 _____ () C:\Windows\system32\2015-01-10-13-11-55.049-AvastVBoxSVC.exe-3248.log
2015-01-09 21:41 - 2015-01-09 21:41 - 00000247 _____ () C:\Windows\system32\2015-01-09-21-41-47.019-aswFe.exe-6996.log
2015-01-09 21:35 - 2015-01-09 21:41 - 00000247 _____ () C:\Windows\system32\2015-01-09-21-35-04.007-aswFe.exe-852.log
2015-01-09 21:34 - 2015-01-09 21:35 - 00000197 _____ () C:\Windows\system32\2015-01-09-21-34-55.065-AvastVBoxSVC.exe-3728.log
2015-01-09 16:55 - 2015-01-09 16:55 - 00001928 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-09 16:55 - 2014-12-21 17:28 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-09 16:49 - 2015-01-09 16:49 - 00000197 _____ () C:\Windows\system32\2015-01-09-16-49-43.013-AvastVBoxSVC.exe-4176.log
2015-01-09 00:11 - 2015-01-09 00:11 - 00421431 _____ () C:\Users\Lea\Downloads\Raimon Bundó Wedding Dresses 2011   Wedding Inspirasi.html
2015-01-09 00:11 - 2015-01-09 00:11 - 00000000 ____D () C:\Users\Lea\Downloads\Raimon Bundó Wedding Dresses 2011   Wedding Inspirasi_files
2015-01-08 18:44 - 2015-01-08 18:44 - 00000197 _____ () C:\Windows\system32\2015-01-08-18-44-52.064-AvastVBoxSVC.exe-3692.log
2015-01-08 14:26 - 2015-01-08 14:26 - 00000197 _____ () C:\Windows\system32\2015-01-08-14-26-00.057-AvastVBoxSVC.exe-3588.log
2015-01-06 19:51 - 2015-01-06 19:51 - 00000197 _____ () C:\Windows\system32\2015-01-06-19-51-05.043-AvastVBoxSVC.exe-4052.log
2015-01-06 19:05 - 2015-01-06 19:06 - 00000197 _____ () C:\Windows\system32\2015-01-06-19-05-41.058-AvastVBoxSVC.exe-4068.log
2015-01-06 16:40 - 2015-01-06 16:40 - 00000197 _____ () C:\Windows\system32\2015-01-06-16-40-12.035-AvastVBoxSVC.exe-4012.log
2015-01-05 22:51 - 2015-01-05 22:52 - 00000197 _____ () C:\Windows\system32\2015-01-05-22-51-31.051-AvastVBoxSVC.exe-3912.log
2015-01-04 21:14 - 2015-01-04 21:14 - 00000197 _____ () C:\Windows\system32\2015-01-04-21-14-40.016-AvastVBoxSVC.exe-3936.log
2015-01-04 21:07 - 2015-01-04 21:07 - 02173952 _____ () C:\Users\Lea\Downloads\AdwCleaner (1).exe
2015-01-04 21:05 - 2015-01-04 21:06 - 00000197 _____ () C:\Windows\system32\2015-01-04-21-05-54.018-AvastVBoxSVC.exe-6704.log
2015-01-04 20:56 - 2015-01-12 22:43 - 00000000 ____D () C:\Users\Lea\Desktop\FRST-OlderVersion
2015-01-04 20:53 - 2015-01-04 20:54 - 00006062 _____ () C:\Users\Lea\Downloads\fixlist.txt
2015-01-04 18:36 - 2015-01-04 18:36 - 00788296 _____ ( ) C:\Users\Lea\Downloads\Unconfirmed 994222.crdownload
2015-01-04 18:36 - 2015-01-04 18:36 - 00788296 _____ ( ) C:\Users\Lea\Downloads\Unconfirmed 161353.crdownload
2015-01-04 18:31 - 2015-01-04 18:31 - 00788296 _____ ( ) C:\Users\Lea\Downloads\Unconfirmed 85071.crdownload
2015-01-04 14:00 - 2015-01-04 14:00 - 00000197 _____ () C:\Windows\system32\2015-01-04-14-00-02.055-AvastVBoxSVC.exe-4036.log
2015-01-04 13:57 - 2015-01-04 13:57 - 00000000 ____D () C:\Program Files (x86)\Software Update Services
2015-01-04 01:19 - 2015-01-04 01:19 - 00000533 _____ () C:\Users\Lea\NY - Res.txt
2015-01-04 01:02 - 2015-01-04 01:02 - 00000197 _____ () C:\Windows\system32\2015-01-04-01-02-37.044-AvastVBoxSVC.exe-3576.log
2015-01-03 16:59 - 2015-01-03 17:00 - 00000197 _____ () C:\Windows\system32\2015-01-03-16-59-56.039-AvastVBoxSVC.exe-3600.log
2015-01-03 14:57 - 2015-01-03 14:57 - 00000197 _____ () C:\Windows\system32\2015-01-03-14-57-42.064-AvastVBoxSVC.exe-3696.log
2015-01-03 13:31 - 2015-01-03 13:30 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-03 13:30 - 2015-01-03 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-03 13:29 - 2015-01-03 13:29 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-03 13:27 - 2015-01-03 13:27 - 00638888 _____ (Oracle Corporation) C:\Users\Lea\Downloads\chromeinstall-8u25.exe
2015-01-03 02:13 - 2015-01-03 02:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-03 02:12 - 2015-01-03 02:12 - 00002219 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-03 02:11 - 2015-01-03 02:11 - 00880784 _____ (Google Inc.) C:\Users\Lea\Downloads\ChromeSetup (7).exe
2015-01-03 02:02 - 2015-01-03 02:02 - 00003466 _____ () C:\Windows\system32\.crusader
2015-01-03 01:46 - 2015-01-03 02:06 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-01-03 01:45 - 2015-01-03 01:45 - 00000000 ____D () C:\Program Files\HitmanPro
2015-01-03 01:44 - 2015-01-03 02:03 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-03 01:44 - 2015-01-03 01:44 - 11222744 _____ (SurfRight B.V.) C:\Users\Lea\Downloads\HitmanPro_x64.exe
2015-01-03 01:02 - 2015-01-03 01:02 - 00000247 _____ () C:\Windows\system32\2015-01-03-01-02-14.091-aswFe.exe-5524.log
2015-01-03 01:00 - 2015-01-03 01:00 - 00000197 _____ () C:\Windows\system32\2015-01-03-01-00-29.055-AvastVBoxSVC.exe-6400.log
2015-01-03 00:47 - 2015-01-04 21:17 - 00000000 ____D () C:\AdwCleaner
2015-01-03 00:47 - 2015-01-03 00:47 - 00000247 _____ () C:\Windows\system32\2015-01-03-00-47-54.062-aswFe.exe-4452.log
2015-01-03 00:47 - 2015-01-03 00:47 - 00000197 _____ () C:\Windows\system32\2015-01-03-00-47-10.086-AvastVBoxSVC.exe-3912.log
2015-01-03 00:46 - 2015-01-03 00:47 - 02173952 _____ () C:\Users\Lea\Downloads\AdwCleaner.exe
2015-01-02 23:50 - 2015-01-02 23:50 - 00000247 _____ () C:\Windows\system32\2015-01-02-23-50-19.032-aswFe.exe-6384.log
2015-01-02 23:49 - 2015-01-02 23:50 - 00000197 _____ () C:\Windows\system32\2015-01-02-23-49-56.013-AvastVBoxSVC.exe-2016.log
2015-01-02 16:12 - 2015-01-02 16:12 - 00000197 _____ () C:\Windows\system32\2015-01-02-16-12-14.014-AvastVBoxSVC.exe-3696.log
2015-01-01 21:36 - 2015-01-01 21:42 - 00037449 _____ () C:\Users\Lea\Desktop\Addition.txt
2015-01-01 21:34 - 2015-01-12 22:45 - 00023714 _____ () C:\Users\Lea\Desktop\FRST.txt
2015-01-01 20:50 - 2015-01-01 20:50 - 00000197 _____ () C:\Windows\system32\2015-01-01-20-50-06.010-AvastVBoxSVC.exe-3132.log
2015-01-01 01:23 - 2015-01-01 01:24 - 00000197 _____ () C:\Windows\system32\2015-01-01-01-23-42.070-AvastVBoxSVC.exe-4120.log
2014-12-31 14:19 - 2014-12-31 14:19 - 00000197 _____ () C:\Windows\system32\2014-12-31-14-19-37.047-AvastVBoxSVC.exe-3712.log
2014-12-31 13:54 - 2015-01-02 17:11 - 00000415 _____ () C:\Users\Lea\Downloads\ckfiles.txt
2014-12-31 13:48 - 2014-12-31 13:48 - 00468480 _____ () C:\Users\Lea\Downloads\CKScanner.exe
2014-12-31 13:44 - 2014-12-31 13:44 - 00000197 _____ () C:\Windows\system32\2014-12-31-13-44-29.034-AvastVBoxSVC.exe-3236.log
2014-12-30 22:07 - 2014-12-30 22:07 - 02123264 _____ (Farbar) C:\Users\Lea\Downloads\FRST64 (1).exe
2014-12-30 20:54 - 2014-12-30 20:54 - 00110166 _____ () C:\Users\Lea\Documents\OTL.Txt
2014-12-30 20:40 - 2014-12-30 20:40 - 00602112 _____ (OldTimer Tools) C:\Users\Lea\Downloads\OTL (2).exe
2014-12-30 20:35 - 2014-12-30 20:35 - 00108978 _____ () C:\Users\Lea\Downloads\Extras.Txt
2014-12-30 20:32 - 2014-12-30 20:53 - 00110166 _____ () C:\Users\Lea\Downloads\OTL.Txt
2014-12-30 20:17 - 2014-12-30 20:17 - 00651776 _____ () C:\Users\Lea\Downloads\MicrosoftFixit50228.msi
2014-12-30 20:11 - 2014-12-30 20:11 - 00602112 _____ (OldTimer Tools) C:\Users\Lea\Downloads\OTL (1).exe
2014-12-30 20:10 - 2014-12-30 20:11 - 00602112 _____ (OldTimer Tools) C:\Users\Lea\Downloads\OTL.exe
2014-12-30 16:58 - 2014-12-30 16:58 - 00000197 _____ () C:\Windows\system32\2014-12-30-16-58-12.008-AvastVBoxSVC.exe-3512.log
2014-12-29 20:56 - 2014-12-29 20:56 - 00048165 _____ () C:\Users\Lea\Documents\FRST.txt
2014-12-29 20:55 - 2014-12-29 20:55 - 00038357 _____ () C:\Users\Lea\Documents\Addition.txt
2014-12-29 20:48 - 2014-12-29 20:48 - 00004588 _____ () C:\Users\Lea\Documents\mb.txt
2014-12-29 20:43 - 2014-12-30 22:14 - 00039824 _____ () C:\Users\Lea\Downloads\Addition.txt
2014-12-29 20:41 - 2015-01-12 22:43 - 00000000 ____D () C:\FRST
2014-12-29 20:41 - 2014-12-30 22:14 - 00048617 _____ () C:\Users\Lea\Downloads\FRST.txt
2014-12-29 20:40 - 2015-01-12 22:43 - 02124288 _____ (Farbar) C:\Users\Lea\Desktop\FRST64.exe
2014-12-29 16:27 - 2014-12-29 16:28 - 00000197 _____ () C:\Windows\system32\2014-12-29-16-27-59.079-AvastVBoxSVC.exe-2548.log
2014-12-29 14:45 - 2015-01-09 17:19 - 00033716 _____ () C:\Windows\PFRO.log
2014-12-29 11:28 - 2014-12-29 11:28 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-12-29 11:28 - 2014-12-29 11:28 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-12-29 11:27 - 2014-12-29 11:27 - 00753184 _____ () C:\Users\Lea\Downloads\Adware-Removal-Tool-v3.9.1.exe
2014-12-29 11:09 - 2014-12-29 11:09 - 00000197 _____ () C:\Windows\system32\2014-12-29-11-09-02.021-AvastVBoxSVC.exe-3984.log
2014-12-29 01:34 - 2014-12-29 01:34 - 00000197 _____ () C:\Windows\system32\2014-12-29-01-34-44.086-AvastVBoxSVC.exe-3768.log
2014-12-29 01:31 - 2015-01-12 20:12 - 00001960 _____ () C:\Windows\setupact.log
2014-12-29 01:31 - 2014-12-29 01:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-29 00:37 - 2015-01-12 00:43 - 00033018 _____ () C:\Windows\IE11_main.log
2014-12-28 18:16 - 2014-12-28 18:17 - 00000197 _____ () C:\Windows\system32\2014-12-28-18-16-55.099-AvastVBoxSVC.exe-4388.log
2014-12-27 00:40 - 2014-12-27 00:40 - 00001197 _____ () C:\Users\Lea\po.txt
2014-12-27 00:07 - 2014-12-27 00:07 - 00003268 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-826546569-3919575575-2117434215-1000
2014-12-26 21:06 - 2014-12-26 21:06 - 00000197 _____ () C:\Windows\system32\2014-12-26-21-06-01.047-AvastVBoxSVC.exe-4504.log
2014-12-23 23:33 - 2014-12-23 23:33 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 23:31 - 2014-12-23 23:31 - 00000197 _____ () C:\Windows\system32\2014-12-23-23-31-20.058-AvastVBoxSVC.exe-4472.log
2014-12-22 22:52 - 2014-12-22 22:52 - 00000197 _____ () C:\Windows\system32\2014-12-22-22-52-31.003-AvastVBoxSVC.exe-4036.log
2014-12-22 00:58 - 2014-12-22 00:59 - 05317104 _____ (Piriform Ltd) C:\Users\Lea\Downloads\ccsetup501.exe
2014-12-21 23:30 - 2014-12-21 23:30 - 00000197 _____ () C:\Windows\system32\2014-12-21-23-30-10.096-AvastVBoxSVC.exe-3796.log
2014-12-21 22:44 - 2014-12-21 22:44 - 00000197 _____ () C:\Windows\system32\2014-12-21-22-44-36.025-AvastVBoxSVC.exe-1096.log
2014-12-21 20:29 - 2014-12-21 20:29 - 00000197 _____ () C:\Windows\system32\2014-12-21-20-29-39.041-AvastVBoxSVC.exe-3788.log
2014-12-21 19:42 - 2014-12-21 19:42 - 00000247 _____ () C:\Windows\system32\2014-12-21-19-42-32.065-aswFe.exe-3544.log
2014-12-21 19:32 - 2014-12-21 19:42 - 00000247 _____ () C:\Windows\system32\2014-12-21-19-32-56.033-aswFe.exe-8136.log
2014-12-21 19:32 - 2014-12-21 19:32 - 00000197 _____ () C:\Windows\system32\2014-12-21-19-32-51.097-AvastVBoxSVC.exe-6216.log
2014-12-21 19:21 - 2014-12-21 19:21 - 00000247 _____ () C:\Windows\system32\2014-12-21-19-21-49.009-aswFe.exe-5100.log
2014-12-21 19:08 - 2014-12-21 19:21 - 00000247 _____ () C:\Windows\system32\2014-12-21-19-08-53.072-aswFe.exe-604.log
2014-12-21 19:08 - 2014-12-21 19:08 - 00000197 _____ () C:\Windows\system32\2014-12-21-19-08-41.015-AvastVBoxSVC.exe-7432.log
2014-12-21 18:30 - 2014-12-21 18:35 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-21 18:30 - 2014-12-21 18:35 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-21 17:40 - 2014-12-21 17:41 - 00000000 ____D () C:\ProgramData\{3B77D3B4-6BF5-0232-DA73-72B00AF1A13E}
2014-12-21 17:39 - 2014-12-21 17:40 - 00000000 ____D () C:\ProgramData\Unchecky
2014-12-21 17:39 - 2014-12-21 17:39 - 00000000 ____D () C:\Users\Lea\AppData\Local\StormFall
2014-12-21 17:30 - 2015-01-09 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-21 17:28 - 2014-12-21 17:28 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-20 23:30 - 2014-12-20 23:30 - 00000671 _____ () C:\Users\Lea\fj.txt
2014-12-16 21:40 - 2014-12-16 21:41 - 03949545 _____ () C:\Users\Lea\Downloads\Week 10 - Academic writing - Part 3.pptx
2014-12-16 21:36 - 2014-12-16 21:36 - 01617371 _____ () C:\Users\Lea\Downloads\Week 11 - Group Presentations.pptx
2014-12-13 23:23 - 2014-12-13 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-13 23:23 - 2014-12-13 23:23 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-13 23:23 - 2014-12-13 23:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-13 23:21 - 2014-12-13 23:22 - 13087456 _____ (Microsoft Corporation) C:\Users\Lea\Downloads\Silverlight_x64.exe
2014-12-13 00:49 - 2014-12-13 02:11 - 00000000 ____D () C:\Users\Lea\AppData\Roaming\vlc
2014-12-13 00:46 - 2014-12-13 00:46 - 24743106 _____ () C:\Users\Lea\Downloads\vlc-2.1.5-win32.exe
2014-12-13 00:39 - 2014-12-28 22:16 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-12-13 00:02 - 2014-12-13 00:16 - 00000000 ____D () C:\Users\Lea\Downloads\Soul.Plane.2004.720p.HDTV.DD2.0.x264- EbP
2014-12-13 00:02 - 2014-12-13 00:02 - 00330349 _____ () C:\Users\Lea\Downloads\400787A0A6FDD26974DC72B104B6466B9C9672C8.torrent
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-12 22:44 - 2012-11-17 00:11 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-12 22:42 - 2012-07-23 18:37 - 00000000 ____D () C:\ProgramData\Advent
2015-01-12 22:40 - 2011-12-05 11:15 - 01944471 _____ () C:\Windows\WindowsUpdate.log
2015-01-12 22:17 - 2013-08-06 01:02 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000UA.job
2015-01-12 22:17 - 2012-08-07 15:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-12 21:11 - 2013-08-06 01:02 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000Core.job
2015-01-12 20:21 - 2009-07-14 04:45 - 00031712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-12 20:21 - 2009-07-14 04:45 - 00031712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-12 20:13 - 2012-11-17 00:11 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-12 20:12 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-11 21:10 - 2012-04-10 15:39 - 00000000 ____D () C:\Users\Lea\AppData\Roaming\SoftGrid Client
2015-01-10 14:24 - 2014-08-06 21:25 - 00023703 _____ () C:\Windows\BRRBCOM.INI
2015-01-10 13:13 - 2014-05-01 16:30 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-08 18:42 - 2011-10-21 01:41 - 00000000 ____D () C:\Windows\pl
2015-01-08 15:52 - 2014-05-13 11:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-06 04:36 - 2010-11-21 03:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-05 23:09 - 2012-08-07 15:47 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-05 23:09 - 2012-08-07 15:47 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-05 23:09 - 2011-10-21 01:10 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-05 01:58 - 2012-04-15 11:34 - 00000000 ____D () C:\Users\Lea\AppData\Local\CrashDumps
2015-01-04 21:06 - 2013-08-06 01:02 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000UA
2015-01-04 21:06 - 2013-08-06 01:02 - 00003470 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000Core
2015-01-04 13:57 - 2014-11-12 19:33 - 00000000 ____D () C:\Program Files (x86)\YouTube Downloader Services
2015-01-04 01:19 - 2012-04-10 13:36 - 00000000 ____D () C:\Users\Lea
2015-01-03 13:29 - 2013-04-12 12:20 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-03 00:44 - 2011-10-21 01:40 - 00000000 ____D () C:\Windows\fr
2014-12-31 14:21 - 2009-07-14 05:13 - 00783464 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-31 14:01 - 2012-04-10 15:35 - 00000000 ____D () C:\Users\Lea\AppData\Roaming\uTorrent
2014-12-29 18:47 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2014-12-29 14:45 - 2011-10-21 01:42 - 00000000 ____D () C:\Windows\ca
2014-12-28 19:04 - 2014-11-28 20:17 - 00032689 _____ () C:\Users\Lea\Downloads\software_removal_tool.log
2014-12-22 01:26 - 2012-08-04 23:49 - 00000000 ____D () C:\Windows\Minidump
2014-12-21 17:42 - 2009-07-14 02:34 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.old
2014-12-21 17:29 - 2014-05-13 12:03 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-21 17:28 - 2014-05-01 16:28 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-21 17:26 - 2012-11-24 14:46 - 00000000 ____D () C:\Users\Lea\AppData\Local\Opera
2014-12-21 17:26 - 2012-11-24 14:46 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-21 17:25 - 2012-11-24 14:46 - 00000000 ____D () C:\Users\Lea\AppData\Roaming\Opera
2014-12-17 23:09 - 2014-12-07 23:27 - 00003826 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1417994842
2014-12-13 03:01 - 2009-07-14 03:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-13 02:44 - 2012-09-01 11:38 - 00001067 _____ () C:\Windows\wininit.ini
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-09 22:08
 
==================== End Of Log ============================
 
Addition:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2015 02
Ran by Lea at 2015-01-12 22:46:18
Running from C:\Users\Lea\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.3018.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.3018.00 - CyberLink Corp.) Hidden
Acer Deep Sleep Settings (HKLM-x32\...\{86F3E556-83B1-47E5-A36B-560A521B999B}) (Version: 1.00.3008 - Acer Incorporated)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0902.2011 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3501 - Acer Incorporated)
AdC4USelfUpdater (x32 Version: 1.00.0000 - Advent) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
ADVENT AIO Printer (HKLM-x32\...\{27B5D9DE-D57D-48ee-A4F1-DC3D9DA0DF57}) (Version: 1.3.3.10 - Advent)
Advent AIO Printer (Version: 1.0.6.2 - DSGi) Hidden
Advent Essentials (x32 Version: 1.0.0.0 - DSGi) Hidden
aioscnnr (x32 Version: 1.0.6.0 - DSGi) Hidden
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version:  - )
Anki (HKLM-x32\...\Anki) (Version:  - )
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Brother MFL-Pro Suite DCP-J132W (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Edificius (x32 Version: 6.00 - ACCA) Hidden
Edificius v.6.00g (HKLM-x32\...\{614F8F83-BB96-4000-8116-67D1BC132830}) (Version: 6.00g - EN - ACCA software S.p.A.)
ETDWare PS/2-X64 10.0.6.3_WHQL (HKLM\...\Elantech) (Version: 10.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.6.3 (HKLM-x32\...\{4C8BBCC8-8363-11E2-A3F4-984BE15F174E}) (Version: 4.6.3.8096 - Evernote Corp.)
FinePrint (HKLM\...\FinePrint) (Version: 8.15 - FinePrint Software, LLC)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.2.18.0 (HKLM-x32\...\{9602841E-ECE2-1019-AAEE-906A4DE25D6B}) (Version: 1.2.18.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1008 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 3.10.0 - Rakuten Kobo Inc.)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Acer Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PreReq (x32 Version: 6.0.5.2 - Eastman Kodak Company) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Fast Reconnect (HKLM-x32\...\{5C20A342-085D-4000-B69D-492F3BA4BF94}) (Version: 1.0 - QualComm Atheros)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39013 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sleep Memory Optimizer (HKLM-x32\...\{34BE2594-1D20-4A2E-97A0-B9E2837520AE}) (Version: 1.00.3004 - Acer Incorporated)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
XMind 2013 (v3.4.1) (HKLM-x32\...\XMind_is1) (Version: 3.4.1.201401221918 - XMind Ltd.)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
08-12-2014 00:36:44 Windows Update
08-12-2014 17:02:45 Windows Defender Checkpoint
09-12-2014 01:36:57 Windows Update
10-12-2014 16:18:16 Windows Update
13-12-2014 02:59:54 Removed BlueStacks Notification Center
13-12-2014 03:00:13 Windows Update
13-12-2014 04:01:16 Windows Update
13-12-2014 23:16:28 Removed Microsoft Silverlight
14-12-2014 03:00:16 Windows Update
14-12-2014 03:53:45 Windows Update
15-12-2014 22:38:49 Windows Update
16-12-2014 02:34:51 Windows Update
17-12-2014 19:34:08 Windows Update
17-12-2014 23:57:02 Windows Update
18-12-2014 01:57:40 Windows Update
20-12-2014 22:57:33 Windows Update
21-12-2014 00:01:06 Windows Update
21-12-2014 17:14:21 Windows Update
21-12-2014 17:22:25 avast! antivirus system restore point
21-12-2014 17:29:09 Device Driver Package Install: Avast Network Service
21-12-2014 22:34:28 Software Removal Tool
22-12-2014 01:51:39 Windows Update
23-12-2014 00:53:06 Windows Update
26-12-2014 21:09:52 Windows Update
27-12-2014 00:44:33 Windows Update
29-12-2014 00:36:59 Windows Update
29-12-2014 02:03:00 Windows Update
30-12-2014 01:40:10 Windows Update
30-12-2014 20:19:44 Windows Update
30-12-2014 20:22:01 Windows Update
30-12-2014 20:23:53 Windows Update
30-12-2014 20:28:25 Windows Update
31-12-2014 00:59:32 Windows Update
01-01-2015 20:53:26 Windows Update
02-01-2015 02:40:19 Windows Update
03-01-2015 02:01:03 Checkpoint by HitmanPro
03-01-2015 02:02:35 Checkpoint by HitmanPro
03-01-2015 12:57:51 Windows Update
03-01-2015 15:34:55 Windows Update
04-01-2015 00:31:05 Windows Update
04-01-2015 01:34:06 Windows Update
04-01-2015 20:57:13 Restore Point Created by FRST
04-01-2015 21:00:08 Restore Point Created by FRST
05-01-2015 03:00:19 Windows Update
05-01-2015 03:44:33 Windows Update
05-01-2015 23:14:25 Windows Update
06-01-2015 16:43:22 Windows Update
06-01-2015 17:47:03 Windows Update
06-01-2015 19:29:53 Windows Update
06-01-2015 20:15:19 Windows Update
09-01-2015 00:50:50 Windows Update
09-01-2015 16:52:19 avast! antivirus system restore point
10-01-2015 02:15:56 Windows Update
11-01-2015 01:13:23 Windows Update
12-01-2015 00:42:30 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-01-04 20:58 - 2015-01-04 21:00 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {14743BBA-6DF3-44B0-BD30-F953C3F3BB53} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {2A38BC47-9D38-46AE-98A6-6BD0D80185A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {37A2C7F1-1C6D-4CB9-BE8C-86B1C1172E68} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {50A37FFF-AC42-49D5-A56C-DA69DE940823} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {5A87B349-189E-4059-A3E9-6C2F98530278} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {5F0D9F42-FB4F-41D5-BC3A-C541F2CFE462} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {77B3CD3C-0AC3-471C-BAFD-9F25CC5A1016} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {7F56EA38-A7FD-4707-98A6-9B5FB9453768} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {8093BC23-4485-4A99-9202-BA37BC70189B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-21] (AVAST Software)
Task: {90FAACE9-D03B-46B3-B81C-D86A16112EEE} - System32\Tasks\{A83BC985-A76D-418A-930E-6A952A51D03D} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}\Sims3EP02Setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {94D5CC3F-2B72-41A7-AA92-A787FAAB2A21} - System32\Tasks\avastBCLRestartS-1-5-21-826546569-3919575575-2117434215-1000 => Chrome.exe 
Task: {958E0E1C-859F-447D-A6F1-B243DD96B103} - System32\Tasks\{6DBB1977-06FA-4253-8C11-919DE8C52E34} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{B742757A-7658-4E09-A51A-085CF0F7F4D3}\Setup.exe" -c  -runfromtemp -l0x0009 UNINSTALL Reg=BHmini13_C2 -removeonly
Task: {978D6381-14D2-43D5-9579-261789B2A134} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated)
Task: {A2DA72CC-38D6-46DF-9126-037C111AF2C8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000UA => C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-06] (Google Inc.)
Task: {BECFE957-BAD9-4282-B922-44244A72745B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {DE3D9038-8E72-4F12-B737-0B2DCC601F6D} - System32\Tasks\Opera scheduled Autoupdate 1417994842 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software)
Task: {EC930452-109B-4A89-A433-5BB5A333B34F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000Core => C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-06] (Google Inc.)
Task: {F701F532-F134-412D-87D0-327C5AB0805B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-05] (Adobe Systems Incorporated)
Task: {F971B0FA-775E-4D9B-9AE9-D0EF7EA4AE5E} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000Core.job => C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000UA.job => C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-08-06 21:23 - 2005-04-22 04:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-12-21 17:25 - 2014-12-21 17:25 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-21 17:25 - 2014-12-21 17:25 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2011-12-05 18:52 - 2011-08-09 15:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-10 18:28 - 2012-08-10 18:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2010-02-28 01:33 - 2010-02-28 01:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2015-01-11 20:38 - 2015-01-11 20:38 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15011101\algo.dll
2014-12-21 17:26 - 2014-12-21 17:26 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-01-12 20:13 - 2015-01-12 20:13 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15011201\algo.dll
2011-04-24 01:29 - 2011-04-24 01:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 01:29 - 2011-04-24 01:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 01:29 - 2011-04-24 01:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2012-09-08 12:16 - 2012-09-08 12:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2012-09-08 12:16 - 2012-09-08 12:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2014-12-21 17:27 - 2014-12-21 17:28 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-06 21:22 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-01-03 02:12 - 2014-12-06 01:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2015-01-03 02:12 - 2014-12-06 01:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2015-01-03 02:12 - 2014-12-06 01:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2015-01-03 02:12 - 2014-12-06 01:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-826546569-3919575575-2117434215-500 - Administrator - Disabled)
Guest (S-1-5-21-826546569-3919575575-2117434215-501 - Limited - Enabled) => C:\Users\Guest.Lea-PC
HomeGroupUser$ (S-1-5-21-826546569-3919575575-2117434215-1002 - Limited - Enabled)
Lea (S-1-5-21-826546569-3919575575-2117434215-1000 - Administrator - Enabled) => C:\Users\Lea
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/12/2015 08:12:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/11/2015 09:59:17 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/11/2015 04:34:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/10/2015 01:11:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/09/2015 05:20:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/09/2015 04:47:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/08/2015 09:07:56 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
 
Error: (01/08/2015 06:42:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/08/2015 02:24:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/06/2015 07:48:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (01/12/2015 09:19:46 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 
Error: (01/12/2015 08:13:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (01/12/2015 08:12:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\athihvs.dll
Error Code: 14001
 
Error: (01/12/2015 00:43:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
 
Error: (01/12/2015 00:42:46 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (01/11/2015 09:59:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (01/11/2015 09:59:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\athihvs.dll
Error Code: 14001
 
Error: (01/11/2015 08:07:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 
Error: (01/11/2015 04:35:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (01/11/2015 04:34:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\athihvs.dll
Error Code: 14001
 
 
Microsoft Office Sessions:
=========================
Error: (01/12/2015 08:12:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
Error: (01/11/2015 09:59:17 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
Error: (01/11/2015 04:34:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
Error: (01/10/2015 01:11:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
Error: (01/09/2015 05:20:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
Error: (01/09/2015 04:47:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
Error: (01/08/2015 09:07:56 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
 
Error: (01/08/2015 06:42:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
Error: (01/08/2015 02:24:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
Error: (01/06/2015 07:48:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2467M CPU @ 1.60GHz
Percentage of memory in use: 45%
Total physical RAM: 3946.19 MB
Available physical RAM: 2153.32 MB
Total Pagefile: 7890.56 MB
Available Pagefile: 5568.78 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (ACER) (Fixed) (Total:282.85 GB) (Free:142.68 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 4007CF80)
Partition 1: (Not Active) - (Size=15.1 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=282.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 18.6 GB) (Disk ID: 4007CFAE)
Partition 1: (Not Active) - (Size=18.6 GB) - (Type=84)
 
==================== End Of Log ============================

  • 0

#14
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello, cookie88.

Your logs look clean, so lets move forward.

Step #1
Junkware Removal Tool
  • Download Junkware Removal Tool to your Desktop
  • Close any open windows
  • Disable your Antivirus program
  • Double click JRT.exe on your desktop to run it
  • Click any button to start the scan
  • Wait for Junkware Removal Tool to finish the scan
  • When the scan is finished, JRT.txt will be saved to your desktop and it will automatically open
  • Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
 
Step #2
AdwCleaner
  • Close any open windows
  • Double click AdwCleaner.exe on your desktop to run it
  • Click the OvD9RYN.png button
  • Wait for AdwCleaner to finish the scan
  • When the scan is finished, there will be "Pending. Please uncheck elements you don't want to remove" message. Leave everything as it is and click p2tBmrU.png button.
  • When the cleaning is finished, the program will ask you to reboot the system. Please do so.
  • Once your machine has rebooted, a Notepad window will be opened. If it won't, you can find it in C:\AdwCleaner. The report will be saved as AdwCleaner[S0].txt.
  • Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
Remember to enable your Antivirus program once you're done!

 
Step #3
FRST Scan
  • Right click FRST64.exe and click Run as administrator. When the tool opens click Yes to disclaimer.
  • Make sure that Addition.txt is checked and press the Scan button.
  • It will produce two logs - one called FRST.txt and another one called Addition.txt in the same directory the tool is run from.
  • Select all (CTRL+A) the content of the logs, copy them (CTRL+C) and paste (CTRL+V) them into your next reply.
 
Things that should appear in your next post:
  • JRT.txt log content
  • AdwCleaner[S0].txt log content
  • FRST.txt log content
  • Addition.txt log content

  • 0

#15
cookie88

cookie88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Hi Nevan,

 

Here are the logs:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Lea on 15/01/2015 at 21:41:47.12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update webspades
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util webspades
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Windows\wininit.ini"
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{0155484F-66DB-486F-8A05-09A3EC6DF321}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{024EB6C4-DA97-418D-8704-00A0E8F8EA24}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{06AA3377-7083-4654-B18A-8EA9B44AD3E4}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{08E1938B-9704-41B1-B1DF-03BB76D25EAB}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{0922A6D3-ACEE-4FCA-914B-D241E981A693}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{0EF359BB-191F-4DFA-B03C-A6031C4D4561}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{12CDADE3-1DDC-4965-A848-9EEE8BEDFBBC}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{1358FFDD-9CC6-46DF-A0AA-2485EBB63D6F}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{16D2ED85-95E7-4B4C-8A33-3F69CDE866CE}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{19FED706-859B-4443-9034-23680EBAC336}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{1C93A638-1CDB-4546-A77F-76323B0984CC}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{219772FC-6EF2-4E66-A965-2ADAF03D792A}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{2251F3AF-66F3-4B6C-9AA6-07DDE7CBA849}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{3A0D669F-FE8B-4A4C-BCC4-6698DA23D1BB}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{3BE13EDB-EF23-490F-A0AE-B1BB63C9B637}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{41961032-E887-47B1-BD3B-4B9F5953104B}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{480B2988-96ED-4E74-84B1-120300746BDA}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{53ACE66E-F0C2-4B14-A1CB-F2C7FAFB5CF9}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{570FD593-EC78-436E-A932-916D170B1F5A}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{72508454-2393-436D-AFFA-CC5F75A9E660}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{88A4B174-099F-4DE0-A9CD-8AE9544A39CB}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{89A1D843-07E3-4E74-972B-444BB1578A98}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{8A3A2AB3-2EEF-43C3-9218-3781E50E58EE}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{8B2645C5-E873-456D-9EC9-5D9D4F504565}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{8DAED465-89BB-4D0D-B5D7-427C8A1D759C}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{8EBC7270-73ED-4C42-94EF-05643E1DE888}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{9F7534FF-5D14-440D-863C-5CE34EA69C14}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{A5183E9F-46F4-4D22-AC67-4D83E5D4658D}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{B01EEB63-21F8-4E07-97A1-CD5C9EAB004D}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{BA7FD1E1-3FF6-475B-8CE5-EDC17599B2C2}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{CC26B523-81EB-470B-86B5-39EFCDE6B11A}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{CF41E0C6-D8C9-466E-B1BB-F9C0AB98F2E0}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{D0A542C2-6075-4E56-828E-6E34B4E9FA78}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{DB5C54C5-D097-4007-9ED9-02748DE3D5ED}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{E1369FD1-7B1A-47FC-9329-A3C62D23615F}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{E6E5EAA2-2DD4-4B4C-BF25-B91C764EBAEE}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{EBA389EF-4900-4F98-A65A-BF19CFA39942}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{EF78CB5F-101E-461C-9FF6-3018D74D6125}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{F160FC0A-C03E-4CA1-8637-8337D09C9964}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{F4A5A754-AA5E-4E4B-808D-0EDE4E36DB75}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{F8C2E303-DCC5-457C-A1DA-3A7B351A477A}
Successfully deleted: [Empty Folder] C:\Users\Lea\appdata\local\{F8EC658A-447B-4306-8B16-95CE29199C60}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/01/2015 at 21:46:55.34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
# AdwCleaner v4.106 - Report created 15/01/2015 at 21:55:27
# Updated 21/12/2014 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lea - LEA-PC
# Running from : C:\Users\Lea\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v39.0.2171.95
 
 
-\\ Opera v26.0.1656.60
 
[C:\Users\Lea\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : eagomcfjiefffhpaejnlpjccikpipdoe
[C:\Users\Lea\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : dldcbakcjliccckkmfjcblhciilpdcil
 
*************************
 
AdwCleaner[R0].txt - [16847 octets] - [03/01/2015 00:47:54]
AdwCleaner[R1].txt - [1596 octets] - [04/01/2015 21:08:29]
AdwCleaner[R2].txt - [1042 octets] - [04/01/2015 21:15:23]
AdwCleaner[R3].txt - [1485 octets] - [15/01/2015 21:49:42]
AdwCleaner[R4].txt - [1545 octets] - [15/01/2015 21:53:27]
AdwCleaner[S0].txt - [18202 octets] - [03/01/2015 00:55:31]
AdwCleaner[S1].txt - [1810 octets] - [04/01/2015 21:10:54]
AdwCleaner[S2].txt - [1472 octets] - [15/01/2015 21:55:27]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1532 octets] ##########
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by Lea (administrator) on LEA-PC on 15-01-2015 22:00:59
Running from C:\Users\Lea\Desktop
Loaded Profiles: Lea (Available profiles: Lea & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DSGi) C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Sleep Memory Optimizer\FFSService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(MicroStudio) C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe
(MicroTools) C:\Program Files (x86)\YouTube Downloader Services\P4\youtubeserv.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2275944 2011-08-10] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2642728 2011-07-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [ADAiO2StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\ADAiO2MUI.exe [2779136 2010-12-09] (DSGi)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-15] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ADAiO2StatusMonitor] => C:\Windows\System32\spool\drivers\x64\3\ADAiO2MUI.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\Run: [Google Update] => C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-06] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\Users\Lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-826546569-3919575575-2117434215-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-826546569-3919575575-2117434215-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {0920DBB1-D098-4ACE-9DDD-7A6F18A9ED66} https://britishgasto...om/HomeVend.cab
DPF: HKLM-x32 {283B7DE7-A1ED-4D27-AA59-C6E7427544D2} https://bg.itronener...yBoxControl.cab
DPF: HKLM-x32 {2A293777-79CA-4DD9-A545-0E1718C0D3CF} https://bg.itronener...yboxControl.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E731E39E-A891-4959-9E6D-1DC0D10BAA43}: [NameServer] 8.8.8.8
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-826546569-3919575575-2117434215-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Lea\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-826546569-3919575575-2117434215-1000: @talk.google.com/O1DPlugin -> C:\Users\Lea\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-826546569-3919575575-2117434215-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-826546569-3919575575-2117434215-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Lea\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Lea\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-01]
 
Chrome: 
=======
CHR Profile: C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-03]
CHR Extension: (Google Drive) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-03]
CHR Extension: (YouTube) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-03]
CHR Extension: (Google Search) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-03]
CHR Extension: (Google Sheets) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-03]
CHR Extension: (Avast Online Security) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-03]
CHR Extension: (Google Wallet) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-03]
CHR Extension: (Gmail) - C:\Users\Lea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-21]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Advent AIO Network Discovery Service; C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe [361904 2011-10-14] (DSGi)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-21] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-21] (Avast Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 FFSOpzSvc; C:\Program Files\Sleep Memory Optimizer\FFSService.exe [141192 2011-09-17] (Acer Incorporated)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsVNT_R3; C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe [2973600 2014-10-20] (MicroStudio) [File not signed]
R2 YouTubeDownload_P4; C:\Program Files (x86)\YouTube Downloader Services\P4\youtubeserv.exe [2968696 2014-12-13] (MicroTools)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40808 2013-12-13] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-21] ()
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-08-10] (Qualcomm Atheros)
S3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [119680 2009-08-10] (Gemalto)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-01-03] ()
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-21] (Avast Software)
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-15 21:59 - 2015-01-15 21:59 - 00000197 _____ () C:\Windows\system32\2015-01-15-21-59-07.040-AvastVBoxSVC.exe-3816.log
2015-01-15 21:46 - 2015-01-15 21:46 - 00005308 _____ () C:\Users\Lea\Desktop\JRT.txt
2015-01-15 21:41 - 2015-01-15 21:41 - 00000000 ____D () C:\Windows\ERUNT
2015-01-15 21:39 - 2015-01-15 21:39 - 01707939 _____ (Thisisu) C:\Users\Lea\Desktop\JRT.exe
2015-01-15 21:36 - 2015-01-15 21:36 - 00000197 _____ () C:\Windows\system32\2015-01-15-21-36-15.032-AvastVBoxSVC.exe-3524.log
2015-01-15 20:25 - 2015-01-15 20:25 - 00000197 _____ () C:\Windows\system32\2015-01-15-20-25-13.041-AvastVBoxSVC.exe-3608.log
2015-01-14 22:29 - 2015-01-14 22:29 - 00000197 _____ () C:\Windows\system32\2015-01-14-22-29-40.079-AvastVBoxSVC.exe-3460.log
2015-01-14 00:19 - 2014-12-19 03:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 00:19 - 2014-12-19 01:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 00:19 - 2014-12-12 05:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 00:19 - 2014-12-12 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 00:19 - 2014-12-12 05:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 00:19 - 2014-12-12 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 00:19 - 2014-12-12 05:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 00:19 - 2014-12-12 05:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 00:19 - 2014-12-12 05:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 00:19 - 2014-12-11 17:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 00:19 - 2014-12-06 04:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 00:19 - 2014-12-06 03:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 00:19 - 2014-12-06 03:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 00:07 - 2015-01-14 00:08 - 00000197 _____ () C:\Windows\system32\2015-01-14-00-07-35.034-AvastVBoxSVC.exe-3536.log
2015-01-13 00:07 - 2015-01-13 00:07 - 00000197 _____ () C:\Windows\system32\2015-01-13-00-07-20.079-AvastVBoxSVC.exe-3204.log
2015-01-12 20:13 - 2015-01-12 20:14 - 00000197 _____ () C:\Windows\system32\2015-01-12-20-13-41.026-AvastVBoxSVC.exe-3748.log
2015-01-11 23:13 - 2015-01-11 23:15 - 00000000 ____D () C:\Users\Lea\Desktop\MATHS
2015-01-11 22:18 - 2015-01-11 22:18 - 00087552 _____ () C:\Users\Lea\Downloads\MOLE Lesson 2 Factors and Multiples.pptx
2015-01-11 22:10 - 2015-01-11 22:10 - 00880784 _____ (Google Inc.) C:\Users\Lea\Downloads\ChromeSetup.exe
2015-01-11 22:01 - 2015-01-11 22:01 - 00000197 _____ () C:\Windows\system32\2015-01-11-22-01-45.062-AvastVBoxSVC.exe-3508.log
2015-01-11 16:35 - 2015-01-11 16:35 - 00000197 _____ () C:\Windows\system32\2015-01-11-16-35-20.068-AvastVBoxSVC.exe-3764.log
2015-01-10 13:11 - 2015-01-10 13:12 - 00000197 _____ () C:\Windows\system32\2015-01-10-13-11-55.049-AvastVBoxSVC.exe-3248.log
2015-01-09 21:41 - 2015-01-09 21:41 - 00000247 _____ () C:\Windows\system32\2015-01-09-21-41-47.019-aswFe.exe-6996.log
2015-01-09 21:35 - 2015-01-09 21:41 - 00000247 _____ () C:\Windows\system32\2015-01-09-21-35-04.007-aswFe.exe-852.log
2015-01-09 21:34 - 2015-01-09 21:35 - 00000197 _____ () C:\Windows\system32\2015-01-09-21-34-55.065-AvastVBoxSVC.exe-3728.log
2015-01-09 16:55 - 2015-01-09 16:55 - 00001928 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-09 16:55 - 2014-12-21 17:28 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-09 16:49 - 2015-01-09 16:49 - 00000197 _____ () C:\Windows\system32\2015-01-09-16-49-43.013-AvastVBoxSVC.exe-4176.log
2015-01-09 00:11 - 2015-01-09 00:11 - 00421431 _____ () C:\Users\Lea\Downloads\Raimon Bundó Wedding Dresses 2011   Wedding Inspirasi.html
2015-01-09 00:11 - 2015-01-09 00:11 - 00000000 ____D () C:\Users\Lea\Downloads\Raimon Bundó Wedding Dresses 2011   Wedding Inspirasi_files
2015-01-08 18:44 - 2015-01-08 18:44 - 00000197 _____ () C:\Windows\system32\2015-01-08-18-44-52.064-AvastVBoxSVC.exe-3692.log
2015-01-08 14:26 - 2015-01-08 14:26 - 00000197 _____ () C:\Windows\system32\2015-01-08-14-26-00.057-AvastVBoxSVC.exe-3588.log
2015-01-06 19:51 - 2015-01-06 19:51 - 00000197 _____ () C:\Windows\system32\2015-01-06-19-51-05.043-AvastVBoxSVC.exe-4052.log
2015-01-06 19:05 - 2015-01-06 19:06 - 00000197 _____ () C:\Windows\system32\2015-01-06-19-05-41.058-AvastVBoxSVC.exe-4068.log
2015-01-06 16:40 - 2015-01-06 16:40 - 00000197 _____ () C:\Windows\system32\2015-01-06-16-40-12.035-AvastVBoxSVC.exe-4012.log
2015-01-05 22:51 - 2015-01-05 22:52 - 00000197 _____ () C:\Windows\system32\2015-01-05-22-51-31.051-AvastVBoxSVC.exe-3912.log
2015-01-04 21:14 - 2015-01-04 21:14 - 00000197 _____ () C:\Windows\system32\2015-01-04-21-14-40.016-AvastVBoxSVC.exe-3936.log
2015-01-04 21:07 - 2015-01-04 21:07 - 02173952 _____ () C:\Users\Lea\Downloads\AdwCleaner (1).exe
2015-01-04 21:05 - 2015-01-04 21:06 - 00000197 _____ () C:\Windows\system32\2015-01-04-21-05-54.018-AvastVBoxSVC.exe-6704.log
2015-01-04 20:56 - 2015-01-15 22:00 - 00000000 ____D () C:\Users\Lea\Desktop\FRST-OlderVersion
2015-01-04 20:53 - 2015-01-04 20:54 - 00006062 _____ () C:\Users\Lea\Downloads\fixlist.txt
2015-01-04 18:36 - 2015-01-04 18:36 - 00788296 _____ ( ) C:\Users\Lea\Downloads\Unconfirmed 994222.crdownload
2015-01-04 18:36 - 2015-01-04 18:36 - 00788296 _____ ( ) C:\Users\Lea\Downloads\Unconfirmed 161353.crdownload
2015-01-04 18:31 - 2015-01-04 18:31 - 00788296 _____ ( ) C:\Users\Lea\Downloads\Unconfirmed 85071.crdownload
2015-01-04 14:00 - 2015-01-04 14:00 - 00000197 _____ () C:\Windows\system32\2015-01-04-14-00-02.055-AvastVBoxSVC.exe-4036.log
2015-01-04 13:57 - 2015-01-04 13:57 - 00000000 ____D () C:\Program Files (x86)\Software Update Services
2015-01-04 01:19 - 2015-01-04 01:19 - 00000533 _____ () C:\Users\Lea\NY - Res.txt
2015-01-04 01:02 - 2015-01-04 01:02 - 00000197 _____ () C:\Windows\system32\2015-01-04-01-02-37.044-AvastVBoxSVC.exe-3576.log
2015-01-03 16:59 - 2015-01-03 17:00 - 00000197 _____ () C:\Windows\system32\2015-01-03-16-59-56.039-AvastVBoxSVC.exe-3600.log
2015-01-03 14:57 - 2015-01-03 14:57 - 00000197 _____ () C:\Windows\system32\2015-01-03-14-57-42.064-AvastVBoxSVC.exe-3696.log
2015-01-03 13:31 - 2015-01-03 13:30 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-03 13:30 - 2015-01-03 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-03 13:29 - 2015-01-03 13:29 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-03 13:27 - 2015-01-03 13:27 - 00638888 _____ (Oracle Corporation) C:\Users\Lea\Downloads\chromeinstall-8u25.exe
2015-01-03 02:13 - 2015-01-03 02:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-03 02:12 - 2015-01-03 02:12 - 00002219 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-03 02:11 - 2015-01-03 02:11 - 00880784 _____ (Google Inc.) C:\Users\Lea\Downloads\ChromeSetup (7).exe
2015-01-03 02:02 - 2015-01-03 02:02 - 00003466 _____ () C:\Windows\system32\.crusader
2015-01-03 01:46 - 2015-01-03 02:06 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-01-03 01:45 - 2015-01-03 01:45 - 00000000 ____D () C:\Program Files\HitmanPro
2015-01-03 01:44 - 2015-01-03 02:03 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-03 01:44 - 2015-01-03 01:44 - 11222744 _____ (SurfRight B.V.) C:\Users\Lea\Downloads\HitmanPro_x64.exe
2015-01-03 01:02 - 2015-01-03 01:02 - 00000247 _____ () C:\Windows\system32\2015-01-03-01-02-14.091-aswFe.exe-5524.log
2015-01-03 01:00 - 2015-01-03 01:00 - 00000197 _____ () C:\Windows\system32\2015-01-03-01-00-29.055-AvastVBoxSVC.exe-6400.log
2015-01-03 00:47 - 2015-01-15 21:55 - 00000000 ____D () C:\AdwCleaner
2015-01-03 00:47 - 2015-01-03 00:47 - 00000247 _____ () C:\Windows\system32\2015-01-03-00-47-54.062-aswFe.exe-4452.log
2015-01-03 00:47 - 2015-01-03 00:47 - 00000197 _____ () C:\Windows\system32\2015-01-03-00-47-10.086-AvastVBoxSVC.exe-3912.log
2015-01-03 00:46 - 2015-01-03 00:47 - 02173952 _____ () C:\Users\Lea\Desktop\AdwCleaner.exe
2015-01-02 23:50 - 2015-01-02 23:50 - 00000247 _____ () C:\Windows\system32\2015-01-02-23-50-19.032-aswFe.exe-6384.log
2015-01-02 23:49 - 2015-01-02 23:50 - 00000197 _____ () C:\Windows\system32\2015-01-02-23-49-56.013-AvastVBoxSVC.exe-2016.log
2015-01-02 16:12 - 2015-01-02 16:12 - 00000197 _____ () C:\Windows\system32\2015-01-02-16-12-14.014-AvastVBoxSVC.exe-3696.log
2015-01-01 21:36 - 2015-01-12 22:47 - 00036325 _____ () C:\Users\Lea\Desktop\Addition.txt
2015-01-01 21:34 - 2015-01-15 22:02 - 00023112 _____ () C:\Users\Lea\Desktop\FRST.txt
2015-01-01 20:50 - 2015-01-01 20:50 - 00000197 _____ () C:\Windows\system32\2015-01-01-20-50-06.010-AvastVBoxSVC.exe-3132.log
2015-01-01 01:23 - 2015-01-01 01:24 - 00000197 _____ () C:\Windows\system32\2015-01-01-01-23-42.070-AvastVBoxSVC.exe-4120.log
2014-12-31 14:19 - 2014-12-31 14:19 - 00000197 _____ () C:\Windows\system32\2014-12-31-14-19-37.047-AvastVBoxSVC.exe-3712.log
2014-12-31 13:54 - 2015-01-02 17:11 - 00000415 _____ () C:\Users\Lea\Downloads\ckfiles.txt
2014-12-31 13:48 - 2014-12-31 13:48 - 00468480 _____ () C:\Users\Lea\Downloads\CKScanner.exe
2014-12-31 13:44 - 2014-12-31 13:44 - 00000197 _____ () C:\Windows\system32\2014-12-31-13-44-29.034-AvastVBoxSVC.exe-3236.log
2014-12-30 22:07 - 2014-12-30 22:07 - 02123264 _____ (Farbar) C:\Users\Lea\Downloads\FRST64 (1).exe
2014-12-30 20:54 - 2014-12-30 20:54 - 00110166 _____ () C:\Users\Lea\Documents\OTL.Txt
2014-12-30 20:40 - 2014-12-30 20:40 - 00602112 _____ (OldTimer Tools) C:\Users\Lea\Downloads\OTL (2).exe
2014-12-30 20:35 - 2014-12-30 20:35 - 00108978 _____ () C:\Users\Lea\Downloads\Extras.Txt
2014-12-30 20:32 - 2014-12-30 20:53 - 00110166 _____ () C:\Users\Lea\Downloads\OTL.Txt
2014-12-30 20:17 - 2014-12-30 20:17 - 00651776 _____ () C:\Users\Lea\Downloads\MicrosoftFixit50228.msi
2014-12-30 20:11 - 2014-12-30 20:11 - 00602112 _____ (OldTimer Tools) C:\Users\Lea\Downloads\OTL (1).exe
2014-12-30 20:10 - 2014-12-30 20:11 - 00602112 _____ (OldTimer Tools) C:\Users\Lea\Downloads\OTL.exe
2014-12-30 16:58 - 2014-12-30 16:58 - 00000197 _____ () C:\Windows\system32\2014-12-30-16-58-12.008-AvastVBoxSVC.exe-3512.log
2014-12-29 20:56 - 2014-12-29 20:56 - 00048165 _____ () C:\Users\Lea\Documents\FRST.txt
2014-12-29 20:55 - 2014-12-29 20:55 - 00038357 _____ () C:\Users\Lea\Documents\Addition.txt
2014-12-29 20:48 - 2014-12-29 20:48 - 00004588 _____ () C:\Users\Lea\Documents\mb.txt
2014-12-29 20:43 - 2014-12-30 22:14 - 00039824 _____ () C:\Users\Lea\Downloads\Addition.txt
2014-12-29 20:41 - 2015-01-15 22:01 - 00000000 ____D () C:\FRST
2014-12-29 20:41 - 2014-12-30 22:14 - 00048617 _____ () C:\Users\Lea\Downloads\FRST.txt
2014-12-29 20:40 - 2015-01-15 22:00 - 02125312 _____ (Farbar) C:\Users\Lea\Desktop\FRST64.exe
2014-12-29 16:27 - 2014-12-29 16:28 - 00000197 _____ () C:\Windows\system32\2014-12-29-16-27-59.079-AvastVBoxSVC.exe-2548.log
2014-12-29 14:45 - 2015-01-15 21:56 - 00034030 _____ () C:\Windows\PFRO.log
2014-12-29 11:28 - 2014-12-29 11:28 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-12-29 11:28 - 2014-12-29 11:28 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-12-29 11:27 - 2014-12-29 11:27 - 00753184 _____ () C:\Users\Lea\Downloads\Adware-Removal-Tool-v3.9.1.exe
2014-12-29 11:09 - 2014-12-29 11:09 - 00000197 _____ () C:\Windows\system32\2014-12-29-11-09-02.021-AvastVBoxSVC.exe-3984.log
2014-12-29 01:34 - 2014-12-29 01:34 - 00000197 _____ () C:\Windows\system32\2014-12-29-01-34-44.086-AvastVBoxSVC.exe-3768.log
2014-12-29 01:31 - 2015-01-15 21:56 - 00002296 _____ () C:\Windows\setupact.log
2014-12-29 01:31 - 2014-12-29 01:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-29 00:37 - 2015-01-15 21:17 - 00037146 _____ () C:\Windows\IE11_main.log
2014-12-28 18:16 - 2014-12-28 18:17 - 00000197 _____ () C:\Windows\system32\2014-12-28-18-16-55.099-AvastVBoxSVC.exe-4388.log
2014-12-27 00:40 - 2014-12-27 00:40 - 00001197 _____ () C:\Users\Lea\po.txt
2014-12-27 00:07 - 2014-12-27 00:07 - 00003268 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-826546569-3919575575-2117434215-1000
2014-12-26 21:06 - 2014-12-26 21:06 - 00000197 _____ () C:\Windows\system32\2014-12-26-21-06-01.047-AvastVBoxSVC.exe-4504.log
2014-12-23 23:33 - 2014-12-23 23:33 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 23:31 - 2014-12-23 23:31 - 00000197 _____ () C:\Windows\system32\2014-12-23-23-31-20.058-AvastVBoxSVC.exe-4472.log
2014-12-22 22:52 - 2014-12-22 22:52 - 00000197 _____ () C:\Windows\system32\2014-12-22-22-52-31.003-AvastVBoxSVC.exe-4036.log
2014-12-22 00:58 - 2014-12-22 00:59 - 05317104 _____ (Piriform Ltd) C:\Users\Lea\Downloads\ccsetup501.exe
2014-12-21 23:30 - 2014-12-21 23:30 - 00000197 _____ () C:\Windows\system32\2014-12-21-23-30-10.096-AvastVBoxSVC.exe-3796.log
2014-12-21 22:44 - 2014-12-21 22:44 - 00000197 _____ () C:\Windows\system32\2014-12-21-22-44-36.025-AvastVBoxSVC.exe-1096.log
2014-12-21 20:29 - 2014-12-21 20:29 - 00000197 _____ () C:\Windows\system32\2014-12-21-20-29-39.041-AvastVBoxSVC.exe-3788.log
2014-12-21 19:42 - 2014-12-21 19:42 - 00000247 _____ () C:\Windows\system32\2014-12-21-19-42-32.065-aswFe.exe-3544.log
2014-12-21 19:32 - 2014-12-21 19:42 - 00000247 _____ () C:\Windows\system32\2014-12-21-19-32-56.033-aswFe.exe-8136.log
2014-12-21 19:32 - 2014-12-21 19:32 - 00000197 _____ () C:\Windows\system32\2014-12-21-19-32-51.097-AvastVBoxSVC.exe-6216.log
2014-12-21 19:21 - 2014-12-21 19:21 - 00000247 _____ () C:\Windows\system32\2014-12-21-19-21-49.009-aswFe.exe-5100.log
2014-12-21 19:08 - 2014-12-21 19:21 - 00000247 _____ () C:\Windows\system32\2014-12-21-19-08-53.072-aswFe.exe-604.log
2014-12-21 19:08 - 2014-12-21 19:08 - 00000197 _____ () C:\Windows\system32\2014-12-21-19-08-41.015-AvastVBoxSVC.exe-7432.log
2014-12-21 18:30 - 2014-12-21 18:35 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-21 18:30 - 2014-12-21 18:35 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-21 17:40 - 2014-12-21 17:41 - 00000000 ____D () C:\ProgramData\{3B77D3B4-6BF5-0232-DA73-72B00AF1A13E}
2014-12-21 17:39 - 2014-12-21 17:40 - 00000000 ____D () C:\ProgramData\Unchecky
2014-12-21 17:39 - 2014-12-21 17:39 - 00000000 ____D () C:\Users\Lea\AppData\Local\StormFall
2014-12-21 17:30 - 2015-01-09 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-21 17:28 - 2014-12-21 17:28 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-20 23:30 - 2014-12-20 23:30 - 00000671 _____ () C:\Users\Lea\fj.txt
2014-12-16 21:40 - 2014-12-16 21:41 - 03949545 _____ () C:\Users\Lea\Downloads\Week 10 - Academic writing - Part 3.pptx
2014-12-16 21:36 - 2014-12-16 21:36 - 01617371 _____ () C:\Users\Lea\Downloads\Week 11 - Group Presentations.pptx
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-15 22:01 - 2011-12-05 11:15 - 01203945 _____ () C:\Windows\WindowsUpdate.log
2015-01-15 21:57 - 2012-11-17 00:11 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-15 21:57 - 2012-08-07 15:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-15 21:56 - 2012-07-23 18:37 - 00000000 ____D () C:\ProgramData\Advent
2015-01-15 21:56 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 21:55 - 2012-04-10 15:39 - 00000000 ____D () C:\Users\Lea\AppData\Roaming\SoftGrid Client
2015-01-15 21:44 - 2012-11-17 00:11 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 21:43 - 2009-07-14 04:45 - 00031712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 21:43 - 2009-07-14 04:45 - 00031712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 21:11 - 2013-08-06 01:02 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000UA.job
2015-01-15 21:11 - 2013-08-06 01:02 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000Core.job
2015-01-15 20:26 - 2014-05-01 16:30 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-14 22:57 - 2012-08-07 15:47 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 22:57 - 2012-08-07 15:47 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-14 22:57 - 2011-10-21 01:10 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-14 22:55 - 2013-07-13 21:08 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 22:34 - 2012-04-10 20:21 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-10 14:24 - 2014-08-06 21:25 - 00023703 _____ () C:\Windows\BRRBCOM.INI
2015-01-08 18:42 - 2011-10-21 01:41 - 00000000 ____D () C:\Windows\pl
2015-01-08 15:52 - 2014-05-13 11:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-06 04:36 - 2010-11-21 03:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-05 01:58 - 2012-04-15 11:34 - 00000000 ____D () C:\Users\Lea\AppData\Local\CrashDumps
2015-01-04 21:06 - 2013-08-06 01:02 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000UA
2015-01-04 21:06 - 2013-08-06 01:02 - 00003470 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000Core
2015-01-04 13:57 - 2014-11-12 19:33 - 00000000 ____D () C:\Program Files (x86)\YouTube Downloader Services
2015-01-04 01:19 - 2012-04-10 13:36 - 00000000 ____D () C:\Users\Lea
2015-01-03 13:29 - 2013-04-12 12:20 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-03 00:44 - 2011-10-21 01:40 - 00000000 ____D () C:\Windows\fr
2014-12-31 14:21 - 2009-07-14 05:13 - 00783464 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-31 14:01 - 2012-04-10 15:35 - 00000000 ____D () C:\Users\Lea\AppData\Roaming\uTorrent
2014-12-29 18:47 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2014-12-29 14:45 - 2011-10-21 01:42 - 00000000 ____D () C:\Windows\ca
2014-12-28 22:16 - 2014-12-13 00:39 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-12-28 19:04 - 2014-11-28 20:17 - 00032689 _____ () C:\Users\Lea\Downloads\software_removal_tool.log
2014-12-22 01:26 - 2012-08-04 23:49 - 00000000 ____D () C:\Windows\Minidump
2014-12-21 17:42 - 2009-07-14 02:34 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.old
2014-12-21 17:29 - 2014-05-13 12:03 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-21 17:28 - 2014-05-13 12:03 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-21 17:28 - 2014-05-01 16:28 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-21 17:26 - 2012-11-24 14:46 - 00000000 ____D () C:\Users\Lea\AppData\Local\Opera
2014-12-21 17:26 - 2012-11-24 14:46 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-21 17:25 - 2012-11-24 14:46 - 00000000 ____D () C:\Users\Lea\AppData\Roaming\Opera
2014-12-17 23:09 - 2014-12-07 23:27 - 00003826 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1417994842
 
Some content of TEMP:
====================
C:\Users\Lea\AppData\Local\Temp\Quarantine.exe
C:\Users\Lea\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-09 22:08
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015 01
Ran by Lea at 2015-01-15 22:02:58
Running from C:\Users\Lea\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.3018.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.3018.00 - CyberLink Corp.) Hidden
Acer Deep Sleep Settings (HKLM-x32\...\{86F3E556-83B1-47E5-A36B-560A521B999B}) (Version: 1.00.3008 - Acer Incorporated)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0902.2011 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3501 - Acer Incorporated)
AdC4USelfUpdater (x32 Version: 1.00.0000 - Advent) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
ADVENT AIO Printer (HKLM-x32\...\{27B5D9DE-D57D-48ee-A4F1-DC3D9DA0DF57}) (Version: 1.3.3.10 - Advent)
Advent AIO Printer (Version: 1.0.6.2 - DSGi) Hidden
Advent Essentials (x32 Version: 1.0.0.0 - DSGi) Hidden
aioscnnr (x32 Version: 1.0.6.0 - DSGi) Hidden
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version:  - )
Anki (HKLM-x32\...\Anki) (Version:  - )
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Brother MFL-Pro Suite DCP-J132W (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-826546569-3919575575-2117434215-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Edificius (x32 Version: 6.00 - ACCA) Hidden
Edificius v.6.00g (HKLM-x32\...\{614F8F83-BB96-4000-8116-67D1BC132830}) (Version: 6.00g - EN - ACCA software S.p.A.)
ETDWare PS/2-X64 10.0.6.3_WHQL (HKLM\...\Elantech) (Version: 10.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.6.3 (HKLM-x32\...\{4C8BBCC8-8363-11E2-A3F4-984BE15F174E}) (Version: 4.6.3.8096 - Evernote Corp.)
FinePrint (HKLM\...\FinePrint) (Version: 8.15 - FinePrint Software, LLC)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.2.18.0 (HKLM-x32\...\{9602841E-ECE2-1019-AAEE-906A4DE25D6B}) (Version: 1.2.18.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1008 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 3.10.0 - Rakuten Kobo Inc.)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Acer Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PreReq (x32 Version: 6.0.5.2 - Eastman Kodak Company) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Fast Reconnect (HKLM-x32\...\{5C20A342-085D-4000-B69D-492F3BA4BF94}) (Version: 1.0 - QualComm Atheros)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39013 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sleep Memory Optimizer (HKLM-x32\...\{34BE2594-1D20-4A2E-97A0-B9E2837520AE}) (Version: 1.00.3004 - Acer Incorporated)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
XMind 2013 (v3.4.1) (HKLM-x32\...\XMind_is1) (Version: 3.4.1.201401221918 - XMind Ltd.)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lea\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-826546569-3919575575-2117434215-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Lea\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
08-12-2014 00:36:44 Windows Update
08-12-2014 17:02:45 Windows Defender Checkpoint
09-12-2014 01:36:57 Windows Update
10-12-2014 16:18:16 Windows Update
13-12-2014 02:59:54 Removed BlueStacks Notification Center
13-12-2014 03:00:13 Windows Update
13-12-2014 04:01:16 Windows Update
13-12-2014 23:16:28 Removed Microsoft Silverlight
14-12-2014 03:00:16 Windows Update
14-12-2014 03:53:45 Windows Update
15-12-2014 22:38:49 Windows Update
16-12-2014 02:34:51 Windows Update
17-12-2014 19:34:08 Windows Update
17-12-2014 23:57:02 Windows Update
18-12-2014 01:57:40 Windows Update
20-12-2014 22:57:33 Windows Update
21-12-2014 00:01:06 Windows Update
21-12-2014 17:14:21 Windows Update
21-12-2014 17:22:25 avast! antivirus system restore point
21-12-2014 17:29:09 Device Driver Package Install: Avast Network Service
21-12-2014 22:34:28 Software Removal Tool
22-12-2014 01:51:39 Windows Update
23-12-2014 00:53:06 Windows Update
26-12-2014 21:09:52 Windows Update
27-12-2014 00:44:33 Windows Update
29-12-2014 00:36:59 Windows Update
29-12-2014 02:03:00 Windows Update
30-12-2014 01:40:10 Windows Update
30-12-2014 20:19:44 Windows Update
30-12-2014 20:22:01 Windows Update
30-12-2014 20:23:53 Windows Update
30-12-2014 20:28:25 Windows Update
31-12-2014 00:59:32 Windows Update
01-01-2015 20:53:26 Windows Update
02-01-2015 02:40:19 Windows Update
03-01-2015 02:01:03 Checkpoint by HitmanPro
03-01-2015 02:02:35 Checkpoint by HitmanPro
03-01-2015 12:57:51 Windows Update
03-01-2015 15:34:55 Windows Update
04-01-2015 00:31:05 Windows Update
04-01-2015 01:34:06 Windows Update
04-01-2015 20:57:13 Restore Point Created by FRST
04-01-2015 21:00:08 Restore Point Created by FRST
05-01-2015 03:00:19 Windows Update
05-01-2015 03:44:33 Windows Update
05-01-2015 23:14:25 Windows Update
06-01-2015 16:43:22 Windows Update
06-01-2015 17:47:03 Windows Update
06-01-2015 19:29:53 Windows Update
06-01-2015 20:15:19 Windows Update
09-01-2015 00:50:50 Windows Update
09-01-2015 16:52:19 avast! antivirus system restore point
10-01-2015 02:15:56 Windows Update
11-01-2015 01:13:23 Windows Update
12-01-2015 00:42:30 Windows Update
13-01-2015 00:33:33 Windows Update
14-01-2015 22:32:16 Windows Update
15-01-2015 00:08:40 Windows Update
15-01-2015 21:16:20 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-01-04 20:58 - 2015-01-04 21:00 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {14743BBA-6DF3-44B0-BD30-F953C3F3BB53} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {2A38BC47-9D38-46AE-98A6-6BD0D80185A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {37A2C7F1-1C6D-4CB9-BE8C-86B1C1172E68} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {50A37FFF-AC42-49D5-A56C-DA69DE940823} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {5A87B349-189E-4059-A3E9-6C2F98530278} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {5F0D9F42-FB4F-41D5-BC3A-C541F2CFE462} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {77B3CD3C-0AC3-471C-BAFD-9F25CC5A1016} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {7F56EA38-A7FD-4707-98A6-9B5FB9453768} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {8093BC23-4485-4A99-9202-BA37BC70189B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-21] (AVAST Software)
Task: {90FAACE9-D03B-46B3-B81C-D86A16112EEE} - System32\Tasks\{A83BC985-A76D-418A-930E-6A952A51D03D} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}\Sims3EP02Setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {94D5CC3F-2B72-41A7-AA92-A787FAAB2A21} - System32\Tasks\avastBCLRestartS-1-5-21-826546569-3919575575-2117434215-1000 => Chrome.exe 
Task: {958E0E1C-859F-447D-A6F1-B243DD96B103} - System32\Tasks\{6DBB1977-06FA-4253-8C11-919DE8C52E34} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{B742757A-7658-4E09-A51A-085CF0F7F4D3}\Setup.exe" -c  -runfromtemp -l0x0009 UNINSTALL Reg=BHmini13_C2 -removeonly
Task: {978D6381-14D2-43D5-9579-261789B2A134} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated)
Task: {A2DA72CC-38D6-46DF-9126-037C111AF2C8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000UA => C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-06] (Google Inc.)
Task: {BECFE957-BAD9-4282-B922-44244A72745B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {DE3D9038-8E72-4F12-B737-0B2DCC601F6D} - System32\Tasks\Opera scheduled Autoupdate 1417994842 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software)
Task: {EC930452-109B-4A89-A433-5BB5A333B34F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000Core => C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-06] (Google Inc.)
Task: {F701F532-F134-412D-87D0-327C5AB0805B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {F971B0FA-775E-4D9B-9AE9-D0EF7EA4AE5E} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000Core.job => C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-826546569-3919575575-2117434215-1000UA.job => C:\Users\Lea\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-08-06 21:23 - 2005-04-22 04:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-12-21 17:25 - 2014-12-21 17:25 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-21 17:25 - 2014-12-21 17:25 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2011-12-05 18:52 - 2011-08-09 15:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-10 18:28 - 2012-08-10 18:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2015-01-15 21:36 - 2015-01-15 21:36 - 02910720 _____ () C:\Program Files\AVAST Software\Avast\defs\15011502\algo.dll
2014-12-21 17:26 - 2014-12-21 17:26 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2011-04-24 01:29 - 2011-04-24 01:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 01:29 - 2011-04-24 01:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 01:29 - 2011-04-24 01:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-09-08 12:16 - 2012-09-08 12:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2012-09-08 12:16 - 2012-09-08 12:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2014-12-21 17:27 - 2014-12-21 17:28 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-06 21:22 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-01-03 02:12 - 2014-12-06 01:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2015-01-03 02:12 - 2014-12-06 01:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2015-01-03 02:12 - 2014-12-06 01:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2015-01-03 02:12 - 2014-12-06 01:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-826546569-3919575575-2117434215-500 - Administrator - Disabled)
Guest (S-1-5-21-826546569-3919575575-2117434215-501 - Limited - Enabled) => C:\Users\Guest.Lea-PC
HomeGroupUser$ (S-1-5-21-826546569-3919575575-2117434215-1002 - Limited - Enabled)
Lea (S-1-5-21-826546569-3919575575-2117434215-1000 - Administrator - Enabled) => C:\Users\Lea
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/15/2015 09:56:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (01/15/2015 09:57:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (01/15/2015 09:56:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\athihvs.dll
Error Code: 14001
 
 
Microsoft Office Sessions:
=========================
Error: (01/15/2015 09:56:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Windows\system32\athihvs.dll
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2467M CPU @ 1.60GHz
Percentage of memory in use: 58%
Total physical RAM: 3946.19 MB
Available physical RAM: 1643.19 MB
Total Pagefile: 7890.57 MB
Available Pagefile: 5547.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (ACER) (Fixed) (Total:282.85 GB) (Free:140.39 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 4007CF80)
Partition 1: (Not Active) - (Size=15.1 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=282.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 18.6 GB) (Disk ID: 4007CFAE)
Partition 1: (Not Active) - (Size=18.6 GB) - (Type=84)
 
==================== End Of Log ============================

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP